securing the cloud: making cloud an opportunity to enhance ... · safeguard cloud and mobile 1)...
TRANSCRIPT
© 2016 IBM Corporation
IBM Security
1 © 2016 IBM Corporation
Securing the Cloud: Making Cloud an Opportunity to Enhance Security
February 2016 Greg Coughlin Director, IBM Security @JGCoughlin
© 2016 IBM Corporation
IBM Security
2
The rise of Shadow IT?
© 2016 IBM Corporation
IBM Security
3
Security reality – we have all been compromised
only 1 out of 100
security compromises are ever detected
General Keith Alexander, Head of U.S. Cyber Command, in a speech to the American
Enterprise Institute
1,764,121 Represents the number of security events the average organization of 15K employees will capture weekly
324 of these events represent actual attacks, per week
2.1 of these attacks will result in an incident, per week, – a 22% annual increase
2014 IBM Cybersecurity Intelligence Index
Security Principles for Leaders
© 2016 IBM Corporation
IBM Security
4
Are you a disruptor or a disruptee? Transformative technologies are disrupting industries
Source: Joint IBV/EIU Cloud-enabled Business Model Survey of 572 business & IT leaders
Mobile revolution Connectivity, access and participation are growing rapidly
Social media explosion Quickly becoming the primary communication & collaboration format
Hyper digitization Digital content is produced and accessed more quickly than ever before
The power of analytics Real time analysis, predictive analytics and micro-segmentation emerging
Transformational cloud – Cloud’s attributes make it a powerful delivery model delivering new business models, cost benefits, flexibility and large on-demand capacity
Gmail, Facebook, Linkedin are pioneer examples of cloud computing with advertisement based revenue and cloud’s low cost delivery model sustaining free services
Ecosystem of connected health and wellness apps that delivers a consolidated view of users’ health. Strong & growing ecosystem with APIs and Apps that cover all aspects of health care 1
The Xerox Mobile Print platform uses cloud to convert and process print requests. This removes complexity from end-users, reduces costs & management of diverse devices and print configurations
© 2016 IBM Corporation
IBM Security
5
Governments are being hit by multiple disruptive global shifts – urbanization, aging populations and structure of the global economy
Source: [1] Swiss Re. 2014. Natural catastrophes and man-made disasters in 2013: large losses from floods and hail; Haiyan hits the Philippines. Sigma Study, No 1/2014.; [2] http://www.imf.org/external/Pubs/ft/weo/2014/01/pdf/text.pdf
Number of Catastrophic Events, 1970 – 20131
2014 GDP Growth decline2
Unstable economic conditions
High competition for residents and businesses
Change in citizen demands
Increase of dependency ratio
Increase in catastrophic events
© 2016 IBM Corporation
IBM Security
6
Government CxOs expect rising cyber risk and the “anywhere” workplace to have the greatest impact
Industry convergence
The “anywhere” workplace
Rising cyber risk The redistribution of consumer purchasing power The sustainability imperative Alternative finance and financing mechanisms The sharing economy
Top trends to impact business (in 3 to 5 years)
66% 49%
50% 65%
46% 67%
43% 18%
32% 39%
25% 17%
24% 26%
Global Government
Source: Redefining Boundaries – Insights from the Global C-Suite Study, IBM Institute for Business Value
© 2016 IBM Corporation
IBM Security
7
Cloudy Security: So What’s the Problem?
1 in 3 Fortune 1000 employees
upload corporate data to cloud apps
50% of millennials use third-party
cloud apps at work
1 in 4 Fortune 1000 employees
use corporate log-in details for cloud apps
60% of employees know using external apps
is a violation of their company’s security policy
On behalf of IBM Security, Ketchum Global Research & Analytics (KGRA) conducted an online survey using the services of Ipsos Public Affairs. The survey interviewed 1,001 full-time employees at Fortune 1000 companies. The survey was fielded from July 27 to 31, 2015.
Source: IBM Internal Research
© 2016 IBM Corporation
IBM Security
8
Use five fundamental security principles to help guide you
(incidents will happen)
Prepare to respond, faster
(train, test, trick)
Increase the security IQ of every employee
(analytics = threat insights)
Leverage security intelligence
Protect your crown jewels
(define, protect, monitor) (the vanishing perimeter)
Safeguard cloud and mobile
Security Principles for Leaders
© 2016 IBM Corporation
IBM Security
9
Deploy a secure foundation to help protect and enable innovation
Safeguard cloud and mobile
1) Harris Interactive, 2012; 2) Global Mobile Enterprise 2011-2017 Forecast, Strategy Analytics, 2) IDC, Five Steps to Successful Integrated Cloud Management, May 2011, 3) 2013 IDC US Cloud Security Survey
Protect the data
Protect the apps
Manage the device
Protect the transaction
Corporate container
Security Principles for Leaders
Make cloud an opportunity to enhance security
Integrated security for public and private clouds
IaaS PaaS SaaS
of employed adults use at least one personally- owned device for business1
of users surveyed had corporate security on their personal devices1
of new apps will be deployed via the cloud2
of firms discovered cloud usage outside of IT or security policies3
© 2016 IBM Corporation
IBM Security
10
Steps to Empowering Employees To Securely Use Cloud Services 5
1. Discover 2. Identify 3. Track 4. Respond 5. Empower
Source: https://securityintelligence.com/five-tips-for-a-safer-cloud/
© 2016 IBM Corporation
IBM Security
11
How? Cloud Access Security Brokers (CASB)
“Since their emergence in 2012, CASBs have grown in importance and today are the primary technical means of giving organizations more control over SaaS security. This technology will become an essential component of SaaS deployments by 2017.”
© 2016 IBM Corporation
IBM Security
12
How can you protect what you can’t see?
Cloud Applications
Mobile Employees
CASBs are an important visibility tool for CISOs
CASBs collect cloud app usage details on traffic going through corporate gateways
Mobile users can go directly to cloud apps – creating the “mobile blind spot”
§ Cellular networks • Both in and out of the office
§ Home WiFi or mobile hot spots § Adds risk of malware, risky behavior,
and corporate policy violations
On-Premises and Remote / VPN Employees
Web gateway, Firewall, IPS, etc.
CASBs
“Blind spots” still exist for mobile usage
© 2016 IBM Corporation
IBM Security
13
MOBILE
BYOD
ON PREM
RISKY APPS
APPROVED APPS
Leverage SaaS solutions to help securely deploy Cloud Services
EMPLOYEES
Identity and Access Control
Threat Prevention
Policy Enforcement
Discovery and Visibility
Cloud Event Correlation
DETECT CONNECT PROTECT
Cloud Access Security
Broker
© 2016 IBM Corporation
IBM Security
14
Underneath the Hood
User, App, Device Analytics & Event Correlator
Application Federated SSO
Connectors
App
Application Discovery
App App
App
Delegated Entitlement
Management
End User Launchpad & Application Catalog
Access Policy Enforcement
Cloud Registry
IBM Cloud Security Enforcer
. . . (plus many more)
Enterprise Bridge Appliance Log
Collection ID
Bridge Directory
Sync
World Wide Mobile Cloud Proxy
Client Gateway [VPN] Threat Prevention
Microsoft Active Directory
ENTERPRISE
© 2016 IBM Corporation
IBM Security
15
How to make Cloud an opportunity to enhance security?
Initiate a dialogue with your line of business partners on Shadow IT
Build out your organization’s Security strategy to embrace Cloud, Mobile and SaaS Choose a Cloud Access Security Broker that incorporates Identity, Cognitive and SaaS
©2016 IBM Corporation 15
© 2016 IBM Corporation
IBM Security
16
Resources
White Papers: IDC – CISO’s Guide to Enabling a Cloud Strategic Focus on SAAS (http://idcdocserv.com/259429) Gartner - How to Evaluate and Operate a Cloud Access Security Broker (http://www.gartner.com/technology/reprints.do?id=12U47O25&ct=151215&st=sb) 451 Research - Big Blue goes all ‘startup’ with homegrown SaaS security offering (ask IBM for a copy)
Seminar: SecurityIntelligence.com - The New Cloud Security Hero: Cloud Security Enforcer Thought Leadership and Articles: • Major Misconceptions About Cloud Security in European Financial Sector, New Survey Shows • Treat Technical Debt Like a Bad Relationship • 2015 Was the Year of the Health Care Data Breach, But Cloud Sails Around the Storm • Taking Notice: Security Analysts Weigh In on IBM Cloud Security Enforcer • Is Cloud Security Enforcer on Your Radar?
IBMatReboot @IBMSecurity
17
DropoffyourfeedbackformforaFREEGi:atIBMBooth#16
© 2016 IBM Corporation
IBM Security
18
www.ibm.com/security
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.