SlideShare a Scribd company logo

The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era

Download as PPTX, PDF
L
Luca Martelli

Data, People and Software security: how does them relate to the GDPR security principles? In this new attack landscape, network-centric security is no longer enough because threats come from inside and outside the network. Oracle Identity SOC is an identity-centric, context-aware intelligence and automation framework for security operations centers, backed by advanced user behavior analytics and machine learning to spot compelling events that require automated remediation.

1 of 26
The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era Luca Martelli Senior Director Identity Management & Security Oracle EMEA @lmartelli
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. Not all technologies identified are available for all cloud services. Disclaimer The information in this document may not be construed or used as legal advice about the content, interpretation or application of any law, regulation or regulatory guideline. Customers and prospective customers must seek their own legal counsel to understand the applicability of any law or regulation on their processing of personal data, including through the use of any vendor’s products or services. 2
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Employees PartnersConsumers Digital Disruption – Changing Changed World Oracle Public 3 ON PREMISES PUBLIC CLOUD Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Regulatory requirements will make data possession a privilege. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Basic Principles for data protection Oracle Confidential Show adequate protection of data Gain consent to use data Provide personal data to users Locate your data Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Least Privilege Defence-in-Depth Oracle Promotes Strong Security Principles For all your sensitive data including Intellectual Property, Business Information or Personal Information 6
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | People Security Software Security 7 Data Security Oracle Security Controls which can help in the Regulations Rumba Era in the Hybrid Cloud Identity Mgmt Access Mgmt Governance Compliance Self-Service Authentication Authorisation Audit Single Sign-On Preventative Controls Detective Controls Administrative Controls Segregation of DutyEncryption Data Masking Key Management Audit API Security Application and Service Configuration Patching IT Compliance Threat Intelligence, User/Log Analytics, Incident Response Application and Service Performance Audit
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Where is my DATA? 8
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Your PII + Sensitive Data is Already in the Cloud 9 2016 Cloud Security Research Report, Crowd Research Partner 79% Of enterprises are actively deploying cloud solutions in public, private, or hybrid cloud environments % of Enterprises Deploying
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 10 Workloads are Everywhere Cloud is not just SaaS. Workloads are moving rapidly to PaaS and IaaS 71% of large enterprise will shift some workloads to cloud by 2018 Enterprises plan to use an average of 6 clouds to run their workloads 2016 McKinsey, 2016 Right Scale Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Modern Security Attacks Are… Oracle Confidential Not carried out by humans (they are automated) Not confined to network (they begin outside) Not static (they adapt) IS YOUR SOC READY?
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Traditional SOC -Security Operation Center Current Approach Is Fragmented and Integration Intensive 12 SIEM (Security Information & Event Management) Security context, Rules based detection UEBA (User and Entity Behavior Analytics) User context, Anomaly detection X Multi-product/vendor challenges X Integration, UIs, data models, support… X Scale and delivery model differences X High viability and M&A risk X Point in time, app specific state checks Log Management Raw logs, Forensic search, IT ops analytics Configuration Management Secure state, configuration auditing IdentityManagement CASB-(CloudAccessSecurityBroker)
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Traditional SOC: Current Approach Is Fragmented and Integration Intensive 13 SIEM (Security Information & Event Management) Security context, Rules based detection UEBA (User and Entity Behavior Analytics) User context, Anomaly detection X Multi-product/vendor challenges X Integration, UIs, data models, support… X Scale and delivery model differences X High viability and M&A risk X Point in time, app specific state checks Log Management Raw logs, Forensic search, IT ops analytics Configuration Management Secure state, configuration auditing IdentityManagement CASB-(CloudAccessSecurityBroker) Manual processes (too many alerts, no context) Static protection (not adaptive) Focused within perimeter (not external data/apps)
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal 14 The Perimeter Has Moved Identity is the new perimeter Only 14% believe network security tools work well protecting public cloud 2016 Cloud Security Research Report, Crowd Research Partners Oracle ConfidentialCopyright © 2017, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Threat intelligence Oracle’s Identity-Centric SOC Approach Next Gen Security for the Hybrid Cloud CASB UEBA Identity Management SIEM Automated remediation
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |Confidential – Oracle Internal Security Cloud Services: Enabling Faster and More Secure Cloud Adoption Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. | API Platform Cloud Service Configuration & Compliance Cloud Service Hybrid Database Security Identity Cloud Service Security Monitoring & Analytics Cloud Service CASB Cloud Service Identity SOC (Security Operations Center) 16Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |
Embracing the Cloud Heterogeneous cloud environments allow focus on quality products and brand Threat Intelligence CASB for a more intelligent-driven SOC Cloud Controls Oracle CASB to monitor sanctioned cloud environments and ensure ongoing visibility User Behavior Analytics Ongoing monitoring of privileged behavior in IaaS environment 17Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Where is my DATA? / part 2 18
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Crypto toolkit for applications Row-level securityKey management Data encryption Evaluate Prevent Detect Data-driven Security Security configuration Sensitive data discovery Privilege Analysis DBA & operation controls Database auditing Database/SQL firewall Real application security Label-based security Centralized monitoring Security assessment Alerting & reporting Data redaction Data masking and subsetting Comprehensive Hybrid Database Security Controls 19
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | *7#$%!!@!%afb ##<>*$#@34 Data Encryption Key Vault Key Vault Data Redaction dob:xx/xx/xxxx ssn:xxx-xx-4321 Applications Users CX App DB Controls Access denied Sensitive Data, IP PCI, PII, PHI Privileged UsersPrivileged User Prevent Damage to Databases from Attacks Region, Year Size-based Data Subsetting Dev/Test Partners, BI dob: 12/01/1987 Data Masking 11/05/1999 xxxxxxxxxx 20
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | Audit Data, Event Logs Database Firewall Users Policies Reports Alerts Network Events Applications Audit Vault Detect, Audit and Monitor Databases 21
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | • Key aspects of GDPR – New statutory requirements will require companies to re- think how they handle and protect their personal data – Includes a new liability and sanction regime – Entry into force on 25 May 2018 • Potential serious consequences – Fines of up to 4% of global annual revenue or €20M – 72 hours for data breach notification • Aspects of GDPR that Oracle Offerings may Help Address – “Data Protection by design and default” – “Security of Processing“ – “Data Breach Notifications to Individuals” not required if security controls prevent breach from occurring – If a data breach occurs “administrative fines shall” take into account “technical and organisational measures implemented” 23 • Relevant Oracle Offerings – Database Security Advanced Security Option, Database Vault, Audit Vault Database Firewall, Key Vault, Data Masking/Subsetting. DB Cloud can make use of DB security features/options – High availability and resilience: Data Guard, RAC, Backup solutions, ZDLRA – Software Security CASB Cloud Service, SMA Cloud Service, CC Cloud Service, API-Platform Cloud Service – Identity Management Identity Governance, Identity Cloud Service, Access Management, Centralised Directory – Applicable to “existing/legacy systems and new digital systems” Summary: GDPR & Oracle Offerings
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | (Every journey starts from where you stand today) So where do we begin… Take a Security Risk Assessment Whitepaper on Database Security and GDPR
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 25 For More Information Blogs.oracle.com/ OracleIDM @OracleSecurity /Oraclesecurity • Learn about Security Cloud Services @ cloud.oracle.com/paas • Learn about Identity Cloud Service @ oracle.com/IdentityCloud • Watch for new service announcements @ oracle.com/security
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 26
The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era

Recommended

The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
Niklas Hjorthen
 
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate CloudEngineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
MarketingArrowECS_CZ
 
Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP DataWebinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
UL Transaction Security
 
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
UL Transaction Security
 
Cisco iron port_email_data_loss_prevention_overview
Cisco iron port_email_data_loss_prevention_overviewCisco iron port_email_data_loss_prevention_overview
Cisco iron port_email_data_loss_prevention_overview
Ilyanna
 
Top 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationTop 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data Classification
Watchful Software
 
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Software
 
GDPR Changing Mindset
GDPR Changing MindsetGDPR Changing Mindset
GDPR Changing Mindset
NetworkIQ
 

Recommended

The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
Niklas Hjorthen
 
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate CloudEngineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
MarketingArrowECS_CZ
 
Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP DataWebinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
UL Transaction Security
 
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
UL Transaction Security
 
Cisco iron port_email_data_loss_prevention_overview
Cisco iron port_email_data_loss_prevention_overviewCisco iron port_email_data_loss_prevention_overview
Cisco iron port_email_data_loss_prevention_overview
Ilyanna
 
Top 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationTop 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data Classification
Watchful Software
 
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Software
 
GDPR Changing Mindset
GDPR Changing MindsetGDPR Changing Mindset
GDPR Changing Mindset
NetworkIQ
 
C7 defending the cloud with monitoring and auditing
C7 defending the cloud with monitoring and auditingC7 defending the cloud with monitoring and auditing
C7 defending the cloud with monitoring and auditing
Dr. Wilfred Lin (Ph.D.)
 
A4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiencyA4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiency
Dr. Wilfred Lin (Ph.D.)
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
MarketingArrowECS_CZ
 
Boldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big DataBoldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big Data
boldonjames
 
The Definitive GDPR Guide for Event Professionals
The Definitive GDPR Guide for Event ProfessionalsThe Definitive GDPR Guide for Event Professionals
The Definitive GDPR Guide for Event Professionals
Hubilo
 
Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2
OracleIDM
 
Webinar: Eliminating Negative Impact on User Experience from Security Solutions
Webinar: Eliminating Negative Impact on User Experience from Security SolutionsWebinar: Eliminating Negative Impact on User Experience from Security Solutions
Webinar: Eliminating Negative Impact on User Experience from Security Solutions
UL Transaction Security
 
Health Care Certified Hosting in France
Health Care Certified Hosting in FranceHealth Care Certified Hosting in France
Health Care Certified Hosting in France
Jorg Geerlings
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365
Dock 365
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
Alberto Pascual
 
Global Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementGlobal Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights Management
Riwut Libinuko
 
One name unify them all
One name unify them allOne name unify them all
One name unify them all
BizTalk360
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classification
David De Vos
 
Flare - Connecting Your Organization With Its Information
Flare - Connecting Your Organization With Its InformationFlare - Connecting Your Organization With Its Information
Flare - Connecting Your Organization With Its Information
Iman Ruth Ali, CL, ACB
 
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
TrustArc
 
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Amazon Web Services
 
Azure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachAzure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team Approach
Joanne Klein
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
RishalHalid1
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
TrustArc
 
1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...
1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...
1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...
Jürgen Ambrosi
 
A5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloudA5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloud
Dr. Wilfred Lin (Ph.D.)
 
Public hyperledger meetup sf may 2018
Public hyperledger meetup sf may 2018Public hyperledger meetup sf may 2018
Public hyperledger meetup sf may 2018
Oracle Developers
 

More Related Content

What's hot

C7 defending the cloud with monitoring and auditing
C7 defending the cloud with monitoring and auditingC7 defending the cloud with monitoring and auditing
C7 defending the cloud with monitoring and auditing
Dr. Wilfred Lin (Ph.D.)
 
A4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiencyA4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiency
Dr. Wilfred Lin (Ph.D.)
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
MarketingArrowECS_CZ
 
Boldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big DataBoldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big Data
boldonjames
 
The Definitive GDPR Guide for Event Professionals
The Definitive GDPR Guide for Event ProfessionalsThe Definitive GDPR Guide for Event Professionals
The Definitive GDPR Guide for Event Professionals
Hubilo
 
Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2
OracleIDM
 
Webinar: Eliminating Negative Impact on User Experience from Security Solutions
Webinar: Eliminating Negative Impact on User Experience from Security SolutionsWebinar: Eliminating Negative Impact on User Experience from Security Solutions
Webinar: Eliminating Negative Impact on User Experience from Security Solutions
UL Transaction Security
 
Health Care Certified Hosting in France
Health Care Certified Hosting in FranceHealth Care Certified Hosting in France
Health Care Certified Hosting in France
Jorg Geerlings
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365
Dock 365
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
Alberto Pascual
 
Global Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementGlobal Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights Management
Riwut Libinuko
 
One name unify them all
One name unify them allOne name unify them all
One name unify them all
BizTalk360
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classification
David De Vos
 
Flare - Connecting Your Organization With Its Information
Flare - Connecting Your Organization With Its InformationFlare - Connecting Your Organization With Its Information
Flare - Connecting Your Organization With Its Information
Iman Ruth Ali, CL, ACB
 
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
TrustArc
 
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Amazon Web Services
 
Azure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachAzure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team Approach
Joanne Klein
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
RishalHalid1
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
TrustArc
 
1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...
1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...
1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...
Jürgen Ambrosi
 

What's hot (20)

C7 defending the cloud with monitoring and auditing
C7 defending the cloud with monitoring and auditingC7 defending the cloud with monitoring and auditing
C7 defending the cloud with monitoring and auditing
 
A4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiencyA4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiency
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
 
Boldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big DataBoldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big Data
 
The Definitive GDPR Guide for Event Professionals
The Definitive GDPR Guide for Event ProfessionalsThe Definitive GDPR Guide for Event Professionals
The Definitive GDPR Guide for Event Professionals
 
Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2
 
Webinar: Eliminating Negative Impact on User Experience from Security Solutions
Webinar: Eliminating Negative Impact on User Experience from Security SolutionsWebinar: Eliminating Negative Impact on User Experience from Security Solutions
Webinar: Eliminating Negative Impact on User Experience from Security Solutions
 
Health Care Certified Hosting in France
Health Care Certified Hosting in FranceHealth Care Certified Hosting in France
Health Care Certified Hosting in France
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
 
Global Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementGlobal Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights Management
 
One name unify them all
One name unify them allOne name unify them all
One name unify them all
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classification
 
Flare - Connecting Your Organization With Its Information
Flare - Connecting Your Organization With Its InformationFlare - Connecting Your Organization With Its Information
Flare - Connecting Your Organization With Its Information
 
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
 
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
 
Azure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachAzure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team Approach
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
 
1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...
1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...
1° Sessione Oracle CRUI: Analytics Data Lab, the power of Big Data Investiga...
 

Similar to The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era

A5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloudA5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloud
Dr. Wilfred Lin (Ph.D.)
 
Public hyperledger meetup sf may 2018
Public hyperledger meetup sf may 2018Public hyperledger meetup sf may 2018
Public hyperledger meetup sf may 2018
Oracle Developers
 
SOUG Day - autonomous what is next
SOUG Day - autonomous what is nextSOUG Day - autonomous what is next
SOUG Day - autonomous what is next
Thomas Teske
 
Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...
Kal BO
 
Securing your Applications for the Cloud Age
Securing your Applications for the Cloud AgeSecuring your Applications for the Cloud Age
Securing your Applications for the Cloud Age
Artur Alves
 
B4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingB4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everything
Dr. Wilfred Lin (Ph.D.)
 
Oracle Management Cloud - HybridCloud Café - May 2016
Oracle Management Cloud - HybridCloud Café - May 2016Oracle Management Cloud - HybridCloud Café - May 2016
Oracle Management Cloud - HybridCloud Café - May 2016
Bastien Leblanc
 
Oracle Cloud Café hybrid Cloud 19 mai 2016
Oracle Cloud Café hybrid Cloud 19 mai 2016Oracle Cloud Café hybrid Cloud 19 mai 2016
Oracle Cloud Café hybrid Cloud 19 mai 2016
Sorathaya Sirimanotham
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaProteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Cristian Garcia G.
 
The Changing Role of a DBA in an Autonomous World
The Changing Role of a DBA in an Autonomous WorldThe Changing Role of a DBA in an Autonomous World
The Changing Role of a DBA in an Autonomous World
Maria Colgan
 
Unified ERP HCM Presentation-23Feb16
Unified ERP HCM Presentation-23Feb16Unified ERP HCM Presentation-23Feb16
Unified ERP HCM Presentation-23Feb16
Ahmed Sayed
 
TLV - MySQL Security overview
TLV - MySQL Security overviewTLV - MySQL Security overview
TLV - MySQL Security overview
Mark Swarbrick
 
MySQL Day Paris 2018 - MySQL & GDPR; Privacy and Security requirements
MySQL Day Paris 2018 - MySQL & GDPR; Privacy and Security requirementsMySQL Day Paris 2018 - MySQL & GDPR; Privacy and Security requirements
MySQL Day Paris 2018 - MySQL & GDPR; Privacy and Security requirements
Olivier DASINI
 
Improving Cloud Visibility, Accountability & Security
Improving Cloud Visibility, Accountability & SecurityImproving Cloud Visibility, Accountability & Security
Improving Cloud Visibility, Accountability & Security
Doug Copley
 
Oracle: Building Cloud Native Applications
Oracle: Building Cloud Native ApplicationsOracle: Building Cloud Native Applications
Oracle: Building Cloud Native Applications
Kelly Goetsch
 
Agile Development and DevOps in the Oracle Cloud
Agile Development and DevOps in the Oracle CloudAgile Development and DevOps in the Oracle Cloud
Agile Development and DevOps in the Oracle Cloud
jeckels
 
CSPA Keynote: BLOCKCHAIN for Enterprise
CSPA Keynote: BLOCKCHAIN for EnterpriseCSPA Keynote: BLOCKCHAIN for Enterprise
CSPA Keynote: BLOCKCHAIN for Enterprise
David Haimes
 
#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session
Dane Roberts
 
Oracle cloud, private, public and hybrid
Oracle cloud, private, public and hybridOracle cloud, private, public and hybrid
Oracle cloud, private, public and hybrid
Johan Louwers
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2
Redazione InnovaPuglia
 

Similar to The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era (20)

A5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloudA5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloud
 
Public hyperledger meetup sf may 2018
Public hyperledger meetup sf may 2018Public hyperledger meetup sf may 2018
Public hyperledger meetup sf may 2018
 
SOUG Day - autonomous what is next
SOUG Day - autonomous what is nextSOUG Day - autonomous what is next
SOUG Day - autonomous what is next
 
Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...
 
Securing your Applications for the Cloud Age
Securing your Applications for the Cloud AgeSecuring your Applications for the Cloud Age
Securing your Applications for the Cloud Age
 
B4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingB4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everything
 
Oracle Management Cloud - HybridCloud Café - May 2016
Oracle Management Cloud - HybridCloud Café - May 2016Oracle Management Cloud - HybridCloud Café - May 2016
Oracle Management Cloud - HybridCloud Café - May 2016
 
Oracle Cloud Café hybrid Cloud 19 mai 2016
Oracle Cloud Café hybrid Cloud 19 mai 2016Oracle Cloud Café hybrid Cloud 19 mai 2016
Oracle Cloud Café hybrid Cloud 19 mai 2016
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaProteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
 
The Changing Role of a DBA in an Autonomous World
The Changing Role of a DBA in an Autonomous WorldThe Changing Role of a DBA in an Autonomous World
The Changing Role of a DBA in an Autonomous World
 
Unified ERP HCM Presentation-23Feb16
Unified ERP HCM Presentation-23Feb16Unified ERP HCM Presentation-23Feb16
Unified ERP HCM Presentation-23Feb16
 
TLV - MySQL Security overview
TLV - MySQL Security overviewTLV - MySQL Security overview
TLV - MySQL Security overview
 
MySQL Day Paris 2018 - MySQL & GDPR; Privacy and Security requirements
MySQL Day Paris 2018 - MySQL & GDPR; Privacy and Security requirementsMySQL Day Paris 2018 - MySQL & GDPR; Privacy and Security requirements
MySQL Day Paris 2018 - MySQL & GDPR; Privacy and Security requirements
 
Improving Cloud Visibility, Accountability & Security
Improving Cloud Visibility, Accountability & SecurityImproving Cloud Visibility, Accountability & Security
Improving Cloud Visibility, Accountability & Security
 
Oracle: Building Cloud Native Applications
Oracle: Building Cloud Native ApplicationsOracle: Building Cloud Native Applications
Oracle: Building Cloud Native Applications
 
Agile Development and DevOps in the Oracle Cloud
Agile Development and DevOps in the Oracle CloudAgile Development and DevOps in the Oracle Cloud
Agile Development and DevOps in the Oracle Cloud
 
CSPA Keynote: BLOCKCHAIN for Enterprise
CSPA Keynote: BLOCKCHAIN for EnterpriseCSPA Keynote: BLOCKCHAIN for Enterprise
CSPA Keynote: BLOCKCHAIN for Enterprise
 
#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session
 
Oracle cloud, private, public and hybrid
Oracle cloud, private, public and hybridOracle cloud, private, public and hybrid
Oracle cloud, private, public and hybrid
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2
 

Recently uploaded

National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Zilliz
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 

Recently uploaded (20)

National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 

The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era

  • 1. The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era Luca Martelli Senior Director Identity Management & Security Oracle EMEA @lmartelli
  • 2. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. Not all technologies identified are available for all cloud services. Disclaimer The information in this document may not be construed or used as legal advice about the content, interpretation or application of any law, regulation or regulatory guideline. Customers and prospective customers must seek their own legal counsel to understand the applicability of any law or regulation on their processing of personal data, including through the use of any vendor’s products or services. 2
  • 3. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Employees PartnersConsumers Digital Disruption – Changing Changed World Oracle Public 3 ON PREMISES PUBLIC CLOUD Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
  • 4. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Regulatory requirements will make data possession a privilege. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |
  • 5. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Basic Principles for data protection Oracle Confidential Show adequate protection of data Gain consent to use data Provide personal data to users Locate your data Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |
  • 6. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Least Privilege Defence-in-Depth Oracle Promotes Strong Security Principles For all your sensitive data including Intellectual Property, Business Information or Personal Information 6
  • 7. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | People Security Software Security 7 Data Security Oracle Security Controls which can help in the Regulations Rumba Era in the Hybrid Cloud Identity Mgmt Access Mgmt Governance Compliance Self-Service Authentication Authorisation Audit Single Sign-On Preventative Controls Detective Controls Administrative Controls Segregation of DutyEncryption Data Masking Key Management Audit API Security Application and Service Configuration Patching IT Compliance Threat Intelligence, User/Log Analytics, Incident Response Application and Service Performance Audit
  • 8. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Where is my DATA? 8
  • 9. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Your PII + Sensitive Data is Already in the Cloud 9 2016 Cloud Security Research Report, Crowd Research Partner 79% Of enterprises are actively deploying cloud solutions in public, private, or hybrid cloud environments % of Enterprises Deploying
  • 10. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 10 Workloads are Everywhere Cloud is not just SaaS. Workloads are moving rapidly to PaaS and IaaS 71% of large enterprise will shift some workloads to cloud by 2018 Enterprises plan to use an average of 6 clouds to run their workloads 2016 McKinsey, 2016 Right Scale Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
  • 11. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Modern Security Attacks Are… Oracle Confidential Not carried out by humans (they are automated) Not confined to network (they begin outside) Not static (they adapt) IS YOUR SOC READY?
  • 12. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Traditional SOC -Security Operation Center Current Approach Is Fragmented and Integration Intensive 12 SIEM (Security Information & Event Management) Security context, Rules based detection UEBA (User and Entity Behavior Analytics) User context, Anomaly detection X Multi-product/vendor challenges X Integration, UIs, data models, support… X Scale and delivery model differences X High viability and M&A risk X Point in time, app specific state checks Log Management Raw logs, Forensic search, IT ops analytics Configuration Management Secure state, configuration auditing IdentityManagement CASB-(CloudAccessSecurityBroker)
  • 13. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Traditional SOC: Current Approach Is Fragmented and Integration Intensive 13 SIEM (Security Information & Event Management) Security context, Rules based detection UEBA (User and Entity Behavior Analytics) User context, Anomaly detection X Multi-product/vendor challenges X Integration, UIs, data models, support… X Scale and delivery model differences X High viability and M&A risk X Point in time, app specific state checks Log Management Raw logs, Forensic search, IT ops analytics Configuration Management Secure state, configuration auditing IdentityManagement CASB-(CloudAccessSecurityBroker) Manual processes (too many alerts, no context) Static protection (not adaptive) Focused within perimeter (not external data/apps)
  • 14. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal 14 The Perimeter Has Moved Identity is the new perimeter Only 14% believe network security tools work well protecting public cloud 2016 Cloud Security Research Report, Crowd Research Partners Oracle ConfidentialCopyright © 2017, Oracle and/or its affiliates. All rights reserved. |
  • 15. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Threat intelligence Oracle’s Identity-Centric SOC Approach Next Gen Security for the Hybrid Cloud CASB UEBA Identity Management SIEM Automated remediation
  • 16. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |Confidential – Oracle Internal Security Cloud Services: Enabling Faster and More Secure Cloud Adoption Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. | API Platform Cloud Service Configuration & Compliance Cloud Service Hybrid Database Security Identity Cloud Service Security Monitoring & Analytics Cloud Service CASB Cloud Service Identity SOC (Security Operations Center) 16Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |
  • 17. Embracing the Cloud Heterogeneous cloud environments allow focus on quality products and brand Threat Intelligence CASB for a more intelligent-driven SOC Cloud Controls Oracle CASB to monitor sanctioned cloud environments and ensure ongoing visibility User Behavior Analytics Ongoing monitoring of privileged behavior in IaaS environment 17Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
  • 18. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Where is my DATA? / part 2 18
  • 19. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Crypto toolkit for applications Row-level securityKey management Data encryption Evaluate Prevent Detect Data-driven Security Security configuration Sensitive data discovery Privilege Analysis DBA & operation controls Database auditing Database/SQL firewall Real application security Label-based security Centralized monitoring Security assessment Alerting & reporting Data redaction Data masking and subsetting Comprehensive Hybrid Database Security Controls 19
  • 20. Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | *7#$%!!@!%afb ##<>*$#@34 Data Encryption Key Vault Key Vault Data Redaction dob:xx/xx/xxxx ssn:xxx-xx-4321 Applications Users CX App DB Controls Access denied Sensitive Data, IP PCI, PII, PHI Privileged UsersPrivileged User Prevent Damage to Databases from Attacks Region, Year Size-based Data Subsetting Dev/Test Partners, BI dob: 12/01/1987 Data Masking 11/05/1999 xxxxxxxxxx 20
  • 21. Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | Audit Data, Event Logs Database Firewall Users Policies Reports Alerts Network Events Applications Audit Vault Detect, Audit and Monitor Databases 21
  • 22. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | • Key aspects of GDPR – New statutory requirements will require companies to re- think how they handle and protect their personal data – Includes a new liability and sanction regime – Entry into force on 25 May 2018 • Potential serious consequences – Fines of up to 4% of global annual revenue or €20M – 72 hours for data breach notification • Aspects of GDPR that Oracle Offerings may Help Address – “Data Protection by design and default” – “Security of Processing“ – “Data Breach Notifications to Individuals” not required if security controls prevent breach from occurring – If a data breach occurs “administrative fines shall” take into account “technical and organisational measures implemented” 23 • Relevant Oracle Offerings – Database Security Advanced Security Option, Database Vault, Audit Vault Database Firewall, Key Vault, Data Masking/Subsetting. DB Cloud can make use of DB security features/options – High availability and resilience: Data Guard, RAC, Backup solutions, ZDLRA – Software Security CASB Cloud Service, SMA Cloud Service, CC Cloud Service, API-Platform Cloud Service – Identity Management Identity Governance, Identity Cloud Service, Access Management, Centralised Directory – Applicable to “existing/legacy systems and new digital systems” Summary: GDPR & Oracle Offerings
  • 23. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | (Every journey starts from where you stand today) So where do we begin… Take a Security Risk Assessment Whitepaper on Database Security and GDPR
  • 24. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 25 For More Information Blogs.oracle.com/ OracleIDM @OracleSecurity /Oraclesecurity • Learn about Security Cloud Services @ cloud.oracle.com/paas • Learn about Identity Cloud Service @ oracle.com/IdentityCloud • Watch for new service announcements @ oracle.com/security
  • 25. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 26

Editor's Notes

  1. IT professionals say their top concerns for adopting cloud are related to security As organizations transition from on premises to cloud, they are additionally challenged with maintaining a consistent security posture. Oracle believes a hybrid cloud approach can provide better security, Today, I want to explain how Oracle aligns people, process, and technology to provide better security across the computing stack   You will also hear about Oracle’s Cloud Security Services to protect users and drive digital transformations more securely and quickly.   Security is now a reason to move to the cloud!
  2. Before presenting, make it clear that NOT all technologies identified are available for all cloud services
  3. Talk about new world. We have to address various challenges: Protect apps and data in the cloud and on-premises – you need to protect across both environments, because gaps in security between environments opens your company to higher risk. All of the controls you have built up over many years in the on premise environment need to be extended into your cloud. For example if a person leaves your company you need to make sure their accounts are disabled both on premise, and in the cloud. If this is not done you open yourself up to high risk. Imagine a sales person continues to have access to their CRM account even after they have defected to the competition. 2. With users coming in through so many channels today - web browsers, mobile phones, tablets, watches. Access needs to be secured across all these channels. For example, Anna could have used her watch to complete the transaction she started on her mobile. 3. Manage access for customers, partners, and employees It’s not just employees that need access to your systems anymore – customers access your systems online, through their phones. A lot of breaches have been about partners not being properly managed – people have been pretty good about onboarding employees but they tend to be a lot weaker about third parties. 4. Security in addition to automation and management of access & identities. Traditionally, IDM has focussed on
  4. Key Takeaway: Everyone knows SaaS adoption is increasing, but TONs of lift and shift workloads are also moving to PaaS and IaaS services These workloads need security and don’t want to have to re-write
  5. A few weeks ago, many websites including the likes of Twitter, Netflix, GitHub and Airbnb, were brought down by a massive number of hijacked Internet-connected devices.. Our own IP-based home security cameras, video recorders and home routers were hijacked by a popular IoT botnet, and carried out a DDoS attack on a major DNS provider, bringing down our own business and consumer applications. That may sound like the script of a Hollywood movie, but the attack was very real. And it was one of the largest modern attacks affecting millions of users in the US.. carried out by exploiting IoT devices. Modern security attacks are unpredictable, hard to detect, and in most cases, don’t fit your classic traditional description of an attack that may be carried out by an intruder on your network. To begin with, many attacks today are not carried out by humans. Many are carried out by bots or hijacked IoT devices. Secondly, the attacks are not carried out within your traditional network perimeter. The attack could be on a DNS server your applications use… or your public-facing applications… or your cloud service provider. And finally, the attacks are not static. They can remain latent for days, waiting for the right opportunity to strike, and are pervasive, instead of affecting a handful of endpoints. Unfortunately, most enterprises rely on traditional Security Operations Centers (or SOCs) to defend themselves against threats. Traditional SOC’s are not designed to detect or respond to such modern attacks, leaving a number of enterprises vulnerable to attacks on applications, data and employee identities. In this modern environment, are you confident that your Identity Management investment is adequately protected by traditional SOCs?
  6. Cloud Security Challenges Current market trends driving dissolution of network perimeter Users are everywhere, using unmanaged devices and connecting to on prem and cloud apps This has caused network edge solutions such as FW, IPS/IDS, Network Proxy no longer relevant Traditional network-centric security architectures are ineffective in securing the modern work environment where users and applications are everywhere
  7. I am thrilled to introduce Oracle Identity SOC - the industry's first identity-centric framework for security operation centers. Customers are telling us they want a single pane of glass to manage security threats across their on premises and cloud environments the ability to do this across heterogeneous environments a suite of integrated solutions that work together, and not have to manage multiple solutions. A modern Identity SOC will incorporate threat intelligence feeds from a variety of sources. These feeds would be from a combination of open source and commercial feeds, including IP white/black listing, device reputation, known vulnerability databases, geolocation, and more. Threat intelligence is then imported into a SIEM that is integrated with a cloud access security broker and user behavior analytics. It will accomplish the requirements of an intelligence-driven SOC by spanning identity management across all of these planes. ---Response Automation--GRAPHIC Lastly, automation and incident response orchestration are critical elements that allow for complete closed loop governance. The vast expanses of alerts and data make it impractical for SOCs to rely on manual techniques for response. Automation is key; and an identity-centric SOC can leverage intelligence and human oversight where appropriate, to respond effectively to security incidents. This requires built-in forensic libraries, a flexible orchestration framework and integrations with investments made by the enterprise in incident management.   In addition to its industry leading Identity Management, that is now available in the Cloud, Oracle also offers services for SIEM, CASB, User Behavior Analytics, and Automated Incident Response. These services are the foundational enablers of an IdentitySOC. Now, lets take a deeper look at what makes up an Identity SOC and how Oracle is best suited to support every modern enterprise that is dealing with the challenges discussed earlier. 
  8. Oracle offers a series of Security Cloud Services that help our customers detect, prevent, predict and respond to today’s challenges we spoke about. The Security Cloud Services also enable our customers to more securely and quickly adopt the Cloud. Oracle provides an integrated set of cloud services that tie together: [IDCS] Identities across systems, people and things (IoT) to help detect, protect and expedite response of security events [Cloud Access Security Broker} Application visibility and controls to understand sanctioned and unsanctioned applications, who uses them and the infrastructures they run on [SMA CS] Security monitoring and analytics that incorporates user behavior analytics and machine learning to enable automation of alert response [APIP CS] Secure software development that protect and give controls over API management; since APIs are where many vulnerabilities in applications are uncovered [CCS] Compliance services to ensure security best practices are adhered [Hybrid Data Security] Hybrid data protection to ensure comprehensive data visibility and protection At Oracle, we absolutely believe Security is now a reason to move to the cloud! The trusted Oracle Cloud and Oracle Security Cloud Services are here to help you
  9. Growing use of AWS and no expertise in EXTENSIVE security controls required to set up, monitor and maintain a secure IaaS environment. Leveraging CASB Cloud Service to deploy secure and compliant environments, monitor those environments for risky behavior and mis-configuraiton and auto-remediate any violations. Products: CASB Cloud Service (Palerra LORIC). Using for monitoring AWS environments NOT Currently integrated for a complete Identity SOC, but enthusiastic about the concept. They have given an example of how knowing the identities of users will be paramount in the future: Spear phishing and malware – suffering First thing they started to do. Firewalls will trigger if malware detected if you are lucky. We need to correlate that outbound message with the fact that one of their executives is the one who clicked on it. In the past, you would have had a firewall rule that included the IP address or MAC address and with that you would start the forensic analysis. What happened, why? But now with user based analytics as part of an Identity SOC, now the SOC analyst can correlate the malware attack and who received it. You can now connect with the VP and lock down his laptop. This is the practical value of assigning the person to the requisite events that occurred to get an immediate response. Of course, execs are always easy targets. But for every time you save an exeutive, that’s a win. Identity from a data, network, device and application perspective so there are now personas you are taking on when doing your job. A correlation to who are you and why are you there. Levi’s is currently public on their use of Oracle CASB Cloud Service and enthusiastic about the integration for an Identity SOC solution.
  10. As part of the evaluation phase, customers have identified sensitive data. Now customers need to apply security controls to prevent damage to databases from attacks. First control you apply is Encryption; Encryption applies to both data in motion using Network Encryption and Data-at-rest Encryption using Oracle Advanced Security Transparent Data Encryption. Transparent Data Encryption or TDE protects data if someone tries to read data directly at the operating system or file system level bypassing database controls. When customers deploy TDE for hundreds or thousands of databases, customers face operational and management challenges from proliferation of keys. Customers need to have a centralized key management solution to stream-line these. Oracle Key Vault is centralized key management solution that manages TDE master encryption keys, it can also manage Oracle wallets, Java keystores, ACFS master file encryption keys, it can manage MySQL TDE master keys as well. Encryption locks the back-door access to sensitive data, next step is to protect the front-door. Front-door is where privileged users access the data in databases. Customers need to apply security controls to restrict privileged users access to application data using Database Vault. After encryption and privileged user controls, you need to implement data access controls for application users using row and column level controls along with data redaction. Redaction allows applications to hide or obfuscate sensitive data like SSN or credit card numbers. (Data Redaction is also known as Dynamic data masking in the industry) All the above controls protects data in a production environment, but how do you limit sensitive data exposure when customers move sensitive data to test/dev/partner sites. Customers mitigate this risk with Oracle Data Masking and Subsetting technology.
  11. -Oracle Audit Vault and Database Firewall provides a first line of defense for databases and consolidates audit data from databases, operating systems, and directories. -A highly accurate SQL grammar-based technology in the Database Firewall monitors and blocks unauthorized SQL traffic before it reaches the database. Information from the network is combined with detailed audit information for easy compliance reporting and alerting. -Oracle Audit Vault and Database Firewall, enables easy implementation of security controls for DBs, and operating systems Features: Database Firewall - Monitoring Information Who, what, where, when Data Sources Network Impact on database Completely independent, negligible performance impact Purpose Prevent SQL-injections and other unauthorized activity, enforce corporate data security policy Audit Vault – Auditing Information Who, what, where, when; Before/After values; Full execution and application context Data Sources All: Audit logs, stored procedures, direct connections, scheduled jobs, operational activities Impact on database Requires native database auditing, minimal performance impact (<5%) Purpose Ensure regulatory compliance, provide guaranteed audit trail to enable control Supported platforms- DBs Oracle, SQL Server, MySql, etc OS – Linux, Solaris, Windows Server etc…
  12. Security is the most important requirement for cloud customers. Security and availability of keys Keys securely stored and protected Inaccessible by cloud administrators Keys are highly available Customer control of keys Keys can be deleted by customers to remove their data from cloud On-premise control by customers Data is encrypted by default in the Oracle Cloud Databases using Transparent Data Encryption You can use Oracle Key Vault on-premise to centrally collect, manager, and control the encryption keys for both on-prem and cloud databases Data Masking and Subsetting helps to mask and subset data for test, dev, and partner environments on-premise or in the cloud You can restrict Database Administrative access to the sensitive information using Database Vault You can centrally collect, manage, and control database audit activity on-premise using Audit Vault Database security policies are transparently migrated during Database lift and shift operations using Pluggable databases In hybrid cloud deployments, the on-premise Oracle Audit Vault Server (AV Server) collects audit data from both on-premise and Oracle Database Cloud Service (DBCS) instances. On-premise agents retrieve audit data from the DBCS instances over encrypted channels, and then transfer it to the on-premise AV Server. Appropriate port on the DBCS instance needs to be open, but no other networking changes are needed on premise side. Utilizing the same AV Server for both DBCS and on-premise database instances makes it easier to ensure that the same audit policies have been applied across all database instances. Similarly, existing alert configurations and data retention polices can be utilized for cloud ones. Thus the same resources can be utilized for configuration and maintenance tasks across on-premise and cloud.
  13. 24
  14. Key Takeaways: Learn more about Oracle Cloud Security and how we can help you Join a local Breakout Sessions Request a Security Assessment with your local sales team Updated Oracle.com/security page