fireeye: cloud security re-imagined 1 - adam palmer.pdf10 copyright © 2014, fireeye, inc. all...
TRANSCRIPT
![Page 1: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/1.jpg)
1 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
FireEye: Cloud Security Re-Imagined Adam Palmer, Director International Government Affairs
Malaysia September 10, 2015
![Page 2: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/2.jpg)
2 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
![Page 3: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/3.jpg)
3 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
Who am I?
FireEye Director of International Government Affairs
Former US Government JAG Cybercrime Prosecutor
Former Manager of UN Global Program against Cybercrime
Lead Cybersecurity Advisor at Symantec for 3 years
![Page 4: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/4.jpg)
4 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
GOAL
Support Good Cyber Policy
Be a Trusted Partner
My support is ALWAYS FREE
![Page 5: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/5.jpg)
5 Copyright © 2014, FireEye, Inc. All rights reserved.
Recent Cyber Media Coverage
CYBER SECURITY UPDATE:
POST BREACH
“By the end of 2014, we will have spent more
than $250 million annually
We’re making good progress on these and other
efforts, but cyberattacks are growing every day in
strength and velocity across the globe. It is going
to be a continual and likely never-ending battle to
stay ahead of it — and, unfortunately, not every
battle will be won.
![Page 6: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/6.jpg)
6 Copyright © 2014, FireEye, Inc. All rights reserved.
M TRENDS THREAT REPORT 2015 HIGHLIGHTS
![Page 7: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/7.jpg)
7 Copyright © 2014, FireEye, Inc. All rights reserved.
Time for Earliest Evidence to Discovery of Compromise
Longest Presence:
2,882 Days
That’s over 8 YEARS!
![Page 8: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/8.jpg)
8 Copyright © 2014, FireEye, Inc. All rights reserved.
STUDY: KPMG SWEDEN 2014
![Page 9: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/9.jpg)
9 Copyright © 2014, FireEye, Inc. All rights reserved.
Case Study: KPMG Sweden – May 2014
Of organisations were breached 93%
of the detected malware was unknown 49%
were exfiltrating data 79%
• 14 Organisations across retail, government, banking & manufacturing
• 30 day assessment of network traffic
![Page 10: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/10.jpg)
10 Copyright © 2014, FireEye, Inc. All rights reserved.
POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity:
“Automated dynamic analysis of email and web content run in a sandbox to detect suspicious behavior including network traffic, new
or modified files, or other configuration changes”
Japan: Toughening and adding more advanced cybersecurity measures after large governemtn breach. Advanced security is now
“essential” security.
USA-: “The information system implements nonsignature-based malicious code detection
“Managed interfaces include, for example, gateways, routers, firewalls, guards, network-based malicious code analysis and
virtualization systems. . . and the organization employs a detonation chamber capability
Global Council on Cybersecurity: “Ensure that automated monitoring tools use behavior
based anomaly detection to complement traditional signature based detection.”
Europe / Germany: “state of the art security”
Data Breach Reporting & Auditing
National Strategy
![Page 11: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/11.jpg)
11 Copyright © 2014, FireEye, Inc. All rights reserved. © Mandiant, A FireEye Company. All rights reserved.
A “Roadmap” for Success!
![Page 12: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/12.jpg)
12 Copyright © 2014, FireEye, Inc. All rights reserved.
WITHOUT A SOLID
FOUNDATION YOU
WILL HAVE TROUBLE
BUILDING ANYTHING
OF VALUE
![Page 13: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/13.jpg)
13 Copyright © 2014, FireEye, Inc. All rights reserved.
POLICY STANDARDS
ANSWER:
WHY?
WHAT?
WHEN?
![Page 14: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/14.jpg)
14 Copyright © 2014, FireEye, Inc. All rights reserved.
Improve security of your nation and the
Internet
Harmonize and level (uplift) the playing field
between LE, Military, & Private
Provide incentives to invest in security.
**Adapted from NIS Directive
What are the basic goals to achieve?
![Page 15: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/15.jpg)
15 Copyright © 2014, FireEye, Inc. All rights reserved.
How do you define scope?
NIS example:
• All Member State Governments
• (binding/non-binding) duty of care?
• Critical National Infrastructure (CNI)
• Depends on Country
• Differentiates levels of security controls
necessary for certain groups( ex. social networks)
![Page 16: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/16.jpg)
16 Copyright © 2014, FireEye, Inc. All rights reserved.
Minimum “essential” standards: The Sinking Boat
![Page 17: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/17.jpg)
17 Copyright © 2014, FireEye, Inc. All rights reserved.
FOUNDATIONAL TRUTHS
![Page 18: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/18.jpg)
18 Copyright © 2014, FireEye, Inc. All rights reserved.
Foundational Truths #1
![Page 19: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/19.jpg)
19 Copyright © 2014, FireEye, Inc. All rights reserved.
Foundational Truths #2
![Page 20: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/20.jpg)
20 Copyright © 2014, FireEye, Inc. All rights reserved.
Foundational Truths #3
![Page 21: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/21.jpg)
21 Copyright © 2014, FireEye, Inc. All rights reserved. © Mandiant, A FireEye Company. All rights reserved.
![Page 22: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/22.jpg)
22 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
DO NOT FEAR THE CLOUD
Moving to the cloud is a security BENEFIT:
More resources to security than the typical company that uses these services
Example: Amazon Web Services has hundreds of people focused on the security of its platform
![Page 23: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/23.jpg)
23 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
This is Very Helpful in Malaysia
![Page 24: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/24.jpg)
24 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
But isn’t it better for me to see my own Data Center?
Most commercial Cloud providers have really robust logging
options—better than corporate servers!
Example: Amazon Web Services has CloudTrail, a service
that will enable 40+ different sub-services (access logs,
usage data, file system, etc) to stream logs with the flip of a
switch…
![Page 25: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/25.jpg)
25 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
How To REALLY Secure the CLOUD
Combining AWS type robust logging with:
a service like FireEye Threat Analytics Platform (TAP)
Natively ingests CloudTrail--- you can gain superior
visibility into your cloud infrastructure.
![Page 26: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/26.jpg)
27 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
![Page 27: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/27.jpg)
28 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
Predicting Rain Does Not Count, Building a Boat Does Good policy = a strong boat
![Page 28: FireEye: Cloud Security Re-Imagined 1 - Adam Palmer.pdf10 Copyright © 2014, FireEye, Inc. All rights reserved. POLICY TRENDS Australia: CRITICAL Strategies for Cybersecurity: “Automated](https://reader034.vdocuments.site/reader034/viewer/2022042314/5f026b367e708231d4042de4/html5/thumbnails/28.jpg)
29 Copyright © 2014, FireEye, Inc. All rights reserved. Copyright © 2015, FireEye, Inc. All rights reserved.
THANK YOU!
Adam Palmer Director, International Government Affairs
+49-151-275-04814 Munich, Germany