securing your journey to the cloud - convergeone oma...jun 06, 2019 · and journey to cloud are...

© Copyright 2019. Private and confidential.

SECURING YOUR JOURNEY

TO THE CLOUD

Craig StorkCyberSecurity Solutions [email protected]

CONVERGEONECYBERSECURITY


AGENDA> Cloud Security Landscape

> Why Cloud?

> Cloud Security Strategy

> How can we help?


SECURITY LANDSCAPE


6

#2 CONCERN OF FORTUNE 500 CEOS?A: Cyber Security

Source: 2017 Fortune.com CEO Survey


CYBERSECURITY IN THE NEWSRecent Publications around CyberSecurity

8


WHERE ARE MOST OF US?

1990 2000 2010 2015 2017

THREATS

PROTECTIONSNetworks

Gen II

Applications

Gen III

Payload

Gen IV

GRADE I

GRADE II

GRADE III

GRADE V

GRADE IV

Virus

Gen I

Most Enterprises are between Gen

2-3

2.8

Mega

Gen V


MARKET TRENDS

10

MARKET TREND MARKET STATISTICS

Executives are deeply concerned over information security

• Cybersecurity reported as #2 biggest challenge by Fortune 500 CEOs (Fortune)• 75% of Chief Information Security Officers (CISOs) and CSOs will report directly to

the CEO, not the CIO in 2018 (IDC)

Organizations are lacking basic, fundamental strategies to address cyber risk

• 30% of enterprises worth over $25B (44% amongst all organizations) lack an overall information security strategy (PwC)

Global workforce shortage is limiting ability to effectively operate

• 3.5 million information security jobs will go unfilled by 2021 creating a severe workforce shortage (Cybersecurity Ventures)

• Consulting and IT outsourcing are currently the largest categories of spending on information security (Gartner)

Fragmented vendor landscape, pace of change and journey to cloud are generating mass complexity and confusion

• 77% of enterprises consider securing cloud environments a challenge (RightScale)• There are over 1,200 cybersecurity vendors in the market (McAfee)• Venture Capital firms invested $7.6B in 2017 in cybersecurity startups (CB Insights)

© Copyright 2019. Private and confidential. 11

IT’S A BIG, BIG WORLD

Source: Momentum Partners


WHY MOVE TO THE CLOUD?


INFRASTRUCTURE HAS CHANGED

EARLY 2000’s MID 2000’s NOW

OpEx & IaaSCapEx/Depreciate

1414

TRADITIONAL NETWORK

HOW IT USED TO BE

PERIMETER ASSETS

15

TRADITIONAL NETWORK

PERIMETER

BUT NOW IT’S THIS.

ASSETS

TRADITIONAL ENTERPRISE

16

AND THIS.

ASSETS

17

ATTENTION: YOU’RE FREE TO MOVE ABOUT THE NETWORK.

TRADITIONAL ENTERPRISE

TRUSTED VS UNTRUSTED

THE PERIMETER IS THE WRONG PARAMETER


> Centralized Security

> Reduced Costs

> Reduced Administration

> Reliability and Flexibility

CLOUD SECURITY BENEFITS


A

B

C

D


STRATEGY


CLOUD SECURITY – NEW APPROACH

The Principles of security do not change but your Approach to security needs to change:

> Security best practices are no different in the cloud

> You need to apply the same security standards to cloud workloads as applied to on-premises

> FedRAMP

> Understand the Cloud Providers Shared Responsibility Model


BEST PRACTICES FOR SECURITY

> Microsoft will secure most of the underlying infrastructure such as access to datacenters, servers & hypervisors & part of the networking infrastructure

> Customer is responsible for rest. Know your Data!


> Inventory your critical applications

> Data Security and Access Management

> Secure Your code

> Data Classification

> Patch Management

> Review Logs Regularly

> Use Cool Tools!

BEST PRACTICES FOR SECURITY


TAKING A DEEPER LOOK – URLS IN ATTACHMENTS

26

> Enable lookups in attachments via a Content or Message Filter to perform URL reputation of

links in documents

> Office / OLE objects can be analyzed (i.e doc, docx, xls, ppt, pdf)

> If a malicious URL is found, action is taken on the message, not just the attachment

http://website.comhttps://newssite.com

http://malwaresite.comhttp://sportsnews.com


27

> This feature will allow for URLs that are using a shortening service will be pre-expanded to get

base the URLs

> The ESA will query the service directly to get the base URL

> Up to 10 redirections / queries will be supported before the URL is marked as malicious

http://www.badsite.com

Services supported (23):• bit.ly

• tinyurl.com

• ow.ly

• tumblr.com

• formspring.me

• ff.im

• youtu.be

• chatter.com

• tl.gd

• plurk.com

• url4.eu

• j.mp

• goo.gl

• yfrog.com

• su.pr

• wp.me

• post.ly

• tiny.cc

• ustre.am

• tr.im

• ur.ly

• fb.me

• alturl.com

http://bit.ly/xyz123s34

TAKING A DEEPER LOOK – MANAGED URLS


Cisco CloudlockCloud Access Security Broker (CASB)

Users Data Apps

SaaS


CISCO CLOUDLOCK ADDRESSES ORGANIZATIONS’ MOST CRITICAL CLOUD SECURITY USE CASES

Discover and Control

User and Entity

Behavior Analytics

Cloud Data Loss

Prevention (DLP)Apps Firewall

OAuth Discovery and

Control

Shadow IT

Data Exposures

and Leakages

Privacy and

Compliance Violations

Compromised

Accounts

Insider Threats


Public APIs

Cisco NGFW / Umbrella

ManagedUsers

ManagedDevices

ManagedNetwork

UnmanagedUsers

UnmanagedDevices

UnmanagedNetwork

CASB – API ACCESS (CLOUD TO CLOUD)


First line of defense against internet threats

Umbrella

SeeVisibility to protect access everywhere

LearnIntelligence to see attacks

before they launch

BlockStop threats before

connections are made

CLOUD ACCESS HAS SECURITY RISKS IN THREE AREAS


MAKE OUR TOOLS WORK TOGETHER


CISCO THREAT RESPONSE AND CISCO UMBRELLA UNLEASHING THE POWER OF OUR INTEGRATED SECURITY ARCHITECTURE

INTEGRATION

• Cisco Threat Response automates integrations across Cisco security products

• Reduces the time and effort spent on key security operations functions:

▪ Detection▪ Investigation▪ Remediation

• Integrates with Umbrella to offer rich visibility into internet activity

• Aggregates intelligence across Cisco security products, Cisco Talos & 3rd party sources

• Available at no additional charge for Umbrella customers


HOW CAN WE HELP?


Next Generation Firewall

PORTFOLIO AT A GLANCE

CLOUD SERVICES

PROFESSIONAL SERVICES

MANAGED SERVICES

Email Security

Endpoint Security

Network Access Control

Web Content Security/DNS

Cloud Access Security Broker

Web Application Firewall

Penetration Testing

Security Awareness

Multi-Factor Authentication

Mobile Device Manager

SIEM


MAINTENANCE SERVICES

© Copyright 2019. Private and confidential. 36

WAVES METHODOLOGYWorkshop

• Qualitative information gathering process reviewing the overall security environment

• Transforms a firewall upgrade discussion to a security architecture conversation

Assessment

• Quantitative real-time discovery of active threats and risks

• Maps perceived efficacy identified in the workshop to reality

Validation

• Pairs Workshop and Assessment data to determine required security controls

• Recommended solution environment is displayed live to validate solution meets requirements

Enterprise Architecture

• Validated solution are reviewed against a best practice Enterprise Architecture

Security as a Service

• Enterprise Agreement is slotted into a structured security program with recurring monthly payments

WWAWAV

WAVE

WAVES


SECURITY VALIDATION CENTER> Dedicated demo center features the latest

solutions> Solutions are fully integrated to each other> Great opportunity for customers to see their

future environment prior to purchase> Cisco’s ability to demo currently is highly limited> Solutions include:

> Cisco FirePOWER> Cisco Identity Services Engine (ISE)> Cisco Stealthwatch> Cisco Meraki> LiveAction (Cisco GPL)> InfoBlox> And more…

> Schedule a Validation Center Workshop through a Security Architect

37

[Question: You mentioned Cisco is recommending ISE and Stealthwatch. Have you had a chance to see the interface and demo the solution yet?]


CYBER SECURITY OPERATIONS

38

> 30+ dedicated FTE across the ConvergeOne Cyber Security Business Unit

> 30+ FTE across Cyber Security Extended Team

> Hiring 15-20 additional FTE over next 18 months

> 28 CCIE, CISSP and CCNP Certifications within dedicated group

> Additional certifications and achievements including PhD, CISM, GCIA, CRISC, GSEC and more

[1] Locations placements are representative



SECURING YOUR JOURNEY

TO THE CLOUD

Craig StorkCyberSecurity Solutions [email protected]


securing your journey to the cloud - convergeone oma...jun 06, 2019 · and journey to cloud are...

Documents