SlideShare ist ein Scribd-Unternehmen logo

Predicting The Future: Security and Compliance in the Cloud Age

Als PPTX, PDF herunterladen
Alert Logic
Alert Logic

The emergence of the Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) models are just two of many inflection points as IT migrates away from the traditional data centers and into the cloud, shifting more control over security from the enterprise to the service provider. How will your security and compliance strategy change when this transformation is complete? This presentation will explore technologies and strategies you need to adopt today to prepare to support security and compliance in the cloud age.

Technologie
1 von 17
Predicting the Future: Security and Compliance in the Cloud Age
Introduction Misha Govshteyn – CTO, Alert Logic Work in security and web-scale architecture; operate high performance LAMP environment and Erlang-based compute grid Help hosting/cloud service providers deliver security services Secure Cloud Review blog -> http://www.securecloudreview.com/ What we do at Alert Logic
About this session Objective:Help you make security & compliance decisions that prepare your company for the future This presentation addresses a broad trend of consuming IT as a service Cloud in this context includes IaaS PaaS SaaS Why take such a broad view? Because each of these models has potential to significantly alter the way you protect your most critical assets
Putting 2010 questions in perspective Questions of today are less important than this fact : IT is increasingly delivered as a service Your IT footprint is already changing… probably adopting some form of cloud services network is already becoming decentralized Some of your data may already be off-premise IaaS? PaaS? SaaS? Private vs Public? IT vs Cloud?
Formulating a Security Strategy
Your Enterprise in 2015 platform ISV virtualdesktop saas     burst private HR CRM Finance POS web storefront Cloud Enabled Functions Enterprise Software Enterprise Platforms
Cloud questions today and tomorrow
Your enterprise 5 years from now Perimeter is less important than ever More than 50% of your critical data is offsite Some in environments you do not control Some users don’t need your VPN to do their jobs Securing the enterprise will be characterized by Continuous transfer of security responsibility to service providers of all types Application/protocol level attacks Even more compliance requirements than today
Security trends in next 5 years ,[object Object],Cloud providers will use security as a differentiator Become increasingly more transparent Provide automated attestation and auditing of key controls, including access to logs Native data encryption available & heavily promoted, but sparingly used Most will offer enterprise-level Security-as-a-Service within 2-3 years Changes in security industry Identity management is likely to become the first cloud sec “killer app” Netsec vendors, less strategic to enterprises, will focus on CSPs Application/protocol security and Data Leak Prevention are likely to become increasingly important due to PCI mandates
Cloud impact on network security Most network security products are unable to deal with complexity of CSP networks Big pipes: CSPs already see speeds well in excess of 50gbps Small customers: thousands of customers, some with very little traffic (no native multi-tenancy) Rapid elasticity – changing topology, new IP allocations, new VLANS, more traffic flows Today’s notions of trusted users, networks and computing resources will need to be re-thought ,[object Object],[object Object]
Network firewalls will fade in importance as perimeter disappears
Network security functions subsumed by service providers
Increasingly offered as a service
Become embedded in CSP and NSP network fabric
New security focus:
Applications
Protocols

Empfohlen

Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2
Priyanka Aash
 
How to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloudHow to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloud
DATA SECURITY SOLUTIONS
 
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Netskope
 
5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases
Netskope
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
Faiza Mehar
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020
Cynthia Hsieh
 
Meet Secure Messaging
Meet Secure MessagingMeet Secure Messaging
Meet Secure Messaging
RapidScale
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera Technologies
 

Empfohlen

Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2
Priyanka Aash
 
How to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloudHow to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloud
DATA SECURITY SOLUTIONS
 
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Netskope
 
5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases
Netskope
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
Faiza Mehar
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020
Cynthia Hsieh
 
Meet Secure Messaging
Meet Secure MessagingMeet Secure Messaging
Meet Secure Messaging
RapidScale
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera Technologies
 
Cloud Security 101 by Madhav Chablani
Cloud Security 101 by Madhav ChablaniCloud Security 101 by Madhav Chablani
Cloud Security 101 by Madhav Chablani
OWASP Delhi
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
Shankar Subramaniyan
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
Moshe Ferber
 
Demystifying Prisma Access
Demystifying Prisma AccessDemystifying Prisma Access
Demystifying Prisma Access
Haris Chughtai
 
Understanding SASE
Understanding SASE Understanding SASE
Understanding SASE
Haris Chughtai
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
Susanne Tedrick
 
Introducing S.A.M.S Connecting the Dots – your SMART technology partner
Introducing S.A.M.S Connecting the Dots – your SMART technology partnerIntroducing S.A.M.S Connecting the Dots – your SMART technology partner
Introducing S.A.M.S Connecting the Dots – your SMART technology partner
Ricky Homem
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
Cloudflare
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
Cloud Standards Customer Council
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with Cloudflare
Cloudflare
 
The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing
Moshe Ferber
 
What is SASE
What is SASEWhat is SASE
What is SASE
Adi Ruppin
 
Cloud security what to expect (introduction to cloud security)
Cloud security what to expect (introduction to cloud security)Cloud security what to expect (introduction to cloud security)
Cloud security what to expect (introduction to cloud security)
Moshe Ferber
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
Moshe Ferber
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
George Fares
 
John Merline - How make your cloud SASE
John Merline - How make your cloud SASE John Merline - How make your cloud SASE
John Merline - How make your cloud SASE
AWS Chicago
 
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferberDefcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Moshe Ferber
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security Brokers
Abhishek Tripathi
 
Thin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud SecurityThin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud Security
Dan Fitzgerald, CISSP, CIPM
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack Overview
Valdez Ladd MBA, CISSP, CISA,
 
Cloud services and it security
Cloud services and it securityCloud services and it security
Cloud services and it security
East Midlands Cyber Security Forum
 
The Cloud Is Rockin' and Rollin' In
The Cloud Is Rockin' and Rollin' InThe Cloud Is Rockin' and Rollin' In
The Cloud Is Rockin' and Rollin' In
Krishnan Subramanian
 

Weitere ähnliche Inhalte

Was ist angesagt?

Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
Cloud Standards Customer Council
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with Cloudflare
Cloudflare
 
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferberDefcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Moshe Ferber
 
Thin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud SecurityThin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud Security
Dan Fitzgerald, CISSP, CIPM
 

Was ist angesagt? (20)

Cloud Security 101 by Madhav Chablani
Cloud Security 101 by Madhav ChablaniCloud Security 101 by Madhav Chablani
Cloud Security 101 by Madhav Chablani
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
 
Demystifying Prisma Access
Demystifying Prisma AccessDemystifying Prisma Access
Demystifying Prisma Access
 
Understanding SASE
Understanding SASE Understanding SASE
Understanding SASE
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
 
Introducing S.A.M.S Connecting the Dots – your SMART technology partner
Introducing S.A.M.S Connecting the Dots – your SMART technology partnerIntroducing S.A.M.S Connecting the Dots – your SMART technology partner
Introducing S.A.M.S Connecting the Dots – your SMART technology partner
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with Cloudflare
 
The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing
 
What is SASE
What is SASEWhat is SASE
What is SASE
 
Cloud security what to expect (introduction to cloud security)
Cloud security what to expect (introduction to cloud security)Cloud security what to expect (introduction to cloud security)
Cloud security what to expect (introduction to cloud security)
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
John Merline - How make your cloud SASE
John Merline - How make your cloud SASE John Merline - How make your cloud SASE
John Merline - How make your cloud SASE
 
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferberDefcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security Brokers
 
Thin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud SecurityThin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud Security
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack Overview
 

Ähnlich wie Predicting The Future: Security and Compliance in the Cloud Age

Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
David Spinks
 
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
EuroCloud
 
Cloud computing and_saas
Cloud computing and_saasCloud computing and_saas
Cloud computing and_saas
kavinalli
 
Cloud computing and_saas
Cloud computing and_saasCloud computing and_saas
Cloud computing and_saas
Rahul Parmar
 
(Dee fleming) Ccloud computing_la_press_final
(Dee fleming) Ccloud computing_la_press_final(Dee fleming) Ccloud computing_la_press_final
(Dee fleming) Ccloud computing_la_press_final
LA_IBM_Cloud_Event
 
Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...
Cyrus Sorab
 

Ähnlich wie Predicting The Future: Security and Compliance in the Cloud Age (20)

Cloud services and it security
Cloud services and it securityCloud services and it security
Cloud services and it security
 
The Cloud Is Rockin' and Rollin' In
The Cloud Is Rockin' and Rollin' InThe Cloud Is Rockin' and Rollin' In
The Cloud Is Rockin' and Rollin' In
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud Ecosystems A Perspective
Cloud Ecosystems A PerspectiveCloud Ecosystems A Perspective
Cloud Ecosystems A Perspective
 
The Trouble with Saas and Hybrid Cloud
The Trouble with Saas and Hybrid CloudThe Trouble with Saas and Hybrid Cloud
The Trouble with Saas and Hybrid Cloud
 
IEEE PHM Cloud Computing
IEEE PHM Cloud ComputingIEEE PHM Cloud Computing
IEEE PHM Cloud Computing
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelines
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelines
 
Cloud Computing 101
Cloud Computing 101Cloud Computing 101
Cloud Computing 101
 
Cloud Computing.pptx
Cloud Computing.pptxCloud Computing.pptx
Cloud Computing.pptx
 
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
 
Cloud computing and_saas
Cloud computing and_saasCloud computing and_saas
Cloud computing and_saas
 
Cloud computing and_saas
Cloud computing and_saasCloud computing and_saas
Cloud computing and_saas
 
Cloud computing and_saas
Cloud computing and_saasCloud computing and_saas
Cloud computing and_saas
 
(Dee fleming) Ccloud computing_la_press_final
(Dee fleming) Ccloud computing_la_press_final(Dee fleming) Ccloud computing_la_press_final
(Dee fleming) Ccloud computing_la_press_final
 
Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...
 
Cloud computing adoption in sap technologies
Cloud computing adoption in sap technologiesCloud computing adoption in sap technologies
Cloud computing adoption in sap technologies
 
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
 

Kürzlich hochgeladen

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Kürzlich hochgeladen (20)

DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 

Predicting The Future: Security and Compliance in the Cloud Age

  • 1. Predicting the Future: Security and Compliance in the Cloud Age
  • 2. Introduction Misha Govshteyn – CTO, Alert Logic Work in security and web-scale architecture; operate high performance LAMP environment and Erlang-based compute grid Help hosting/cloud service providers deliver security services Secure Cloud Review blog -> http://www.securecloudreview.com/ What we do at Alert Logic
  • 3. About this session Objective:Help you make security & compliance decisions that prepare your company for the future This presentation addresses a broad trend of consuming IT as a service Cloud in this context includes IaaS PaaS SaaS Why take such a broad view? Because each of these models has potential to significantly alter the way you protect your most critical assets
  • 4. Putting 2010 questions in perspective Questions of today are less important than this fact : IT is increasingly delivered as a service Your IT footprint is already changing… probably adopting some form of cloud services network is already becoming decentralized Some of your data may already be off-premise IaaS? PaaS? SaaS? Private vs Public? IT vs Cloud?
  • 5. Formulating a Security Strategy
  • 6. Your Enterprise in 2015 platform ISV virtualdesktop saas     burst private HR CRM Finance POS web storefront Cloud Enabled Functions Enterprise Software Enterprise Platforms
  • 7. Cloud questions today and tomorrow
  • 8. Your enterprise 5 years from now Perimeter is less important than ever More than 50% of your critical data is offsite Some in environments you do not control Some users don’t need your VPN to do their jobs Securing the enterprise will be characterized by Continuous transfer of security responsibility to service providers of all types Application/protocol level attacks Even more compliance requirements than today
  • 9.
  • 10.
  • 11. Network firewalls will fade in importance as perimeter disappears
  • 12. Network security functions subsumed by service providers
  • 14. Become embedded in CSP and NSP network fabric
  • 18.
  • 19. CSP vs Customer responsibility Customer /Managed Service Cloud Service Provider
  • 20.
  • 21. Auditing of key controls
  • 24. X-Factor: the Auditors Passing a compliance audit in the cloud in next 5 years will require equal parts luck and planning Improving your chances Distant future: find an auditor that understands and has experience in cloud environments Today: help your auditor understand your environment API? CSA? XML? A6? Hadoop? EC2? VPC? XEN?
  • 25. First steps Engage with your IT security and auditors Build a roadmap for dealing with the dissolving perimeter and set realistic goals for your team Understand how Security SaaS fits into your current and future strategy Explore technologies/efforts important to secure cloud adoption: IDM, OWASP, WAF, CSA, A6 Choose cloud environments that understand and plan to address your evolving security needs
  • 26. Alert Logic http://www.alertlogic.com/ Secure Cloud Review Blog http://www.securecloudreview.com/ Email: misha@alertlogic.com Twitter: @CToMG