SlideShare ist ein Scribd-Unternehmen logo

Security architect's guide to cloud security architecture

Als PPTX, PDF herunterladen
NSC42 Ltd
NSC42 Ltd

This document outlines an agenda for a talk on cloud security architecture. The agenda includes an introduction to security architecture in traditional vs cloud environments, challenges of a security architect in cloud, Camelot's journey to AWS, how to sell cloud security architecture internally, examples of what worked and didn't work for Camelot, and key takeaways. The document provides an overview of the topics that will be discussed during the presentation.

Technologie
1 von 21
I’m a security architect with my head in the cloud Oct 2018 Francesco Cipollone David Boda Public
Intro to the talk Public
Agenda • Security architecture – traditional vs cloud • Cloud – what’s different? • Intro to Camelot and our AWS journey • How to sell cloud security architecture to the business • What worked for us and what did not work so well • Key Take aways Our Agenda Public
Intro Francesco Cipollone Cloud Security Architect @ Camelot Francesco is a security Consultant focused on Cloud problems working as Security Architect in Camelot @FraSEC42 David Boda Head of Information security @ Camelot David Boda is the Head of information security at Camelot Public
Intro to Security Architecture • What is a security architect? • What’s the architect role in the strategy? • What is the role of a security architect in this modern word ? • What is the added value? Public
What is this cloud and can I have a piece of it • Cloud: Just someone else’s computer • Comes in different flavours and acronyms: IaaS, PaaS, SaaS, IDaaS… • Scalable and ‘rapid’ • Different models: Cloud provider or specific service providers Public
Challenges of a Security Architect • Traditional challenge of a security architect • Cloud challenges plus a bag of classical security issues • Tech Stack constant changing
Bringing it all together • Why is the cloud different? • Note – we will be focusing on AWS • Due diligence on SaaS and PaaS Public
Security @ Camelot APPs interfaces code Terminals Datacentre Physical/Cloud Payment Interfaces Infrastructure Cloud solution (SaaS) accounts ...as well as supporting our sister business and it’s customers VSATs Retailers Draws Offices Staff 800+ High tier prize payments / yr 5000 investigations / yr Public
Journey to AWS Public
How to sell security architecture to the business? • How do we do it in Camelot? • What has worked and what has not worked? Public
Security Architecture – Selling Point • Security by design – avoid delays • Minimal incremental security improvements • Effective and efficient controls • Strategy and vision built in each project
Cloud Architecture – Is it just blueprint right? • Architecting in cloud is different Technology • Leveraging on blueprints • Looking forward and thinking strategically is challenging • Everyone thinks is an architect in the cloud • Challenges for Security as anyone spins services Public
Traditional vs Cloud Security Architecture • Traditional vs cloud • Different Technology • Different patterns • Some similarities (e.g. IaaS traditional) Public
Cloud Architecture – Examples – where it did work Where it did work: • Cloud transformation supported by strategy • Strong Foundation • Use of native controls • Monitoring and alerting • Make use of automation • Train and plan hiring Public
Cloud Architecture – Examples – where it didn't work Where it didn’t work: • Weak Foundation • No management involved/strategy • Weak Processes • No monitoring/Alerting • No plan in hiring Public
Cloud Security Incidents management in the cloud • You can’t pull cables in the cloud • Incident management and detecting can be harder • Monitor and alerting on billing and your resources • Education on the various services…is not just another VM in the Datacentre • Prevention of spinning up expensive service with policies Public
Key Take Away Cloud transformations can be a treacherous journey especially for security professionals: - Cloud is different than traditional - Do your due diligence up front - Start early create a solid foundation - Automate where possible - Native cloud controls! Use them - Decisions based on risk - Skill shortage: be prepared to learn Public
Why do we do all this - Video Public
Q&A Public
Get in touch Get in touch: FC-LinkedIn Camelot Careers Thank you @FraSEC42 DB-LinkedIn Public

Empfohlen

Demystifying the Cloud by ScrivenerJam
Demystifying the Cloud by ScrivenerJamDemystifying the Cloud by ScrivenerJam
Demystifying the Cloud by ScrivenerJamACTDigitalEnterprise
 
Eric Blassin (Lionbridge) at the Industry Leaders Forum 2015
Eric Blassin (Lionbridge) at the Industry Leaders Forum 2015Eric Blassin (Lionbridge) at the Industry Leaders Forum 2015
Eric Blassin (Lionbridge) at the Industry Leaders Forum 2015TAUS - The Language Data Network
 
The do's and dont's of cloud computing - StatPro Cloud Summit 2012
The do's and dont's of cloud computing - StatPro Cloud Summit 2012The do's and dont's of cloud computing - StatPro Cloud Summit 2012
The do's and dont's of cloud computing - StatPro Cloud Summit 2012StatPro Group
 
What is cloud computing and why should I use it?
What is cloud computing and why should I use it?What is cloud computing and why should I use it?
What is cloud computing and why should I use it?DARRIN SALT
 
Cloud Native Enterprises
Cloud Native EnterprisesCloud Native Enterprises
Cloud Native EnterprisesIwan Eising
 
What is cloud native and why should you care - Infracoders / DevOps / CloudNa...
What is cloud native and why should you care - Infracoders / DevOps / CloudNa...What is cloud native and why should you care - Infracoders / DevOps / CloudNa...
What is cloud native and why should you care - Infracoders / DevOps / CloudNa...Infralovers
 
Cloud Computing: A Revoluntionary for all Industries
Cloud Computing: A Revoluntionary for all IndustriesCloud Computing: A Revoluntionary for all Industries
Cloud Computing: A Revoluntionary for all IndustriesRamneek Kalra
 
Dell Cloud Solutions
Dell Cloud SolutionsDell Cloud Solutions
Dell Cloud SolutionsJuergen Domnik
 

Empfohlen

Demystifying the Cloud by ScrivenerJam
Demystifying the Cloud by ScrivenerJamDemystifying the Cloud by ScrivenerJam
Demystifying the Cloud by ScrivenerJamACTDigitalEnterprise
 
Eric Blassin (Lionbridge) at the Industry Leaders Forum 2015
Eric Blassin (Lionbridge) at the Industry Leaders Forum 2015Eric Blassin (Lionbridge) at the Industry Leaders Forum 2015
Eric Blassin (Lionbridge) at the Industry Leaders Forum 2015TAUS - The Language Data Network
 
The do's and dont's of cloud computing - StatPro Cloud Summit 2012
The do's and dont's of cloud computing - StatPro Cloud Summit 2012The do's and dont's of cloud computing - StatPro Cloud Summit 2012
The do's and dont's of cloud computing - StatPro Cloud Summit 2012StatPro Group
 
What is cloud computing and why should I use it?
What is cloud computing and why should I use it?What is cloud computing and why should I use it?
What is cloud computing and why should I use it?DARRIN SALT
 
Cloud Native Enterprises
Cloud Native EnterprisesCloud Native Enterprises
Cloud Native EnterprisesIwan Eising
 
What is cloud native and why should you care - Infracoders / DevOps / CloudNa...
What is cloud native and why should you care - Infracoders / DevOps / CloudNa...What is cloud native and why should you care - Infracoders / DevOps / CloudNa...
What is cloud native and why should you care - Infracoders / DevOps / CloudNa...Infralovers
 
Cloud Computing: A Revoluntionary for all Industries
Cloud Computing: A Revoluntionary for all IndustriesCloud Computing: A Revoluntionary for all Industries
Cloud Computing: A Revoluntionary for all IndustriesRamneek Kalra
 
Dell Cloud Solutions
Dell Cloud SolutionsDell Cloud Solutions
Dell Cloud SolutionsJuergen Domnik
 
Fog Computing & Emerging Technologies
Fog Computing & Emerging TechnologiesFog Computing & Emerging Technologies
Fog Computing & Emerging TechnologiesRamneek Kalra
 
Sask 3.0 Summit David G. Brown
Sask 3.0 Summit David G. BrownSask 3.0 Summit David G. Brown
Sask 3.0 Summit David G. BrownSaskSummit
 
Codestone Cloud in a Box Overview
Codestone Cloud in a Box OverviewCodestone Cloud in a Box Overview
Codestone Cloud in a Box OverviewSimonFenech
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingDavid Strom
 
Fundraising and Technology: A Match Made in the Cloud
Fundraising and Technology: A Match Made in the CloudFundraising and Technology: A Match Made in the Cloud
Fundraising and Technology: A Match Made in the CloudBlackbaud
 
Domain Driven Design - garajco Education 2017
Domain Driven Design - garajco Education 2017Domain Driven Design - garajco Education 2017
Domain Driven Design - garajco Education 2017Can Pekdemir
 
Capacity Management for a Digital and Agile World
Capacity Management for a Digital and Agile WorldCapacity Management for a Digital and Agile World
Capacity Management for a Digital and Agile WorldPrecisely
 
Cloud overview slideshare
Cloud overview slideshareCloud overview slideshare
Cloud overview slideshareSebastian Krueger
 
Storage as a service v4 eng
Storage as a service v4 engStorage as a service v4 eng
Storage as a service v4 engDell EMC
 
Cloud computing elisheba wiggins
Cloud computing elisheba wigginsCloud computing elisheba wiggins
Cloud computing elisheba wigginsElisheba Wiggins
 
Group 2 - Cloud Storage
Group 2 - Cloud StorageGroup 2 - Cloud Storage
Group 2 - Cloud Storage12201375
 
IoT 2014 global challenges
IoT 2014 global challengesIoT 2014 global challenges
IoT 2014 global challengesDunavNET
 
Introduction to the Typesafe Reactive Platform
Introduction to the Typesafe Reactive PlatformIntroduction to the Typesafe Reactive Platform
Introduction to the Typesafe Reactive PlatformBoldRadius Solutions
 
Cloud computing-pdf
Cloud computing-pdfCloud computing-pdf
Cloud computing-pdfSubash Basnet
 
Romi tech cloud workspace overview
Romi tech cloud workspace overviewRomi tech cloud workspace overview
Romi tech cloud workspace overviewromitech
 
The Future of IT Infrastructure is Hybrid and on Demand
The Future of IT Infrastructure is Hybrid and on DemandThe Future of IT Infrastructure is Hybrid and on Demand
The Future of IT Infrastructure is Hybrid and on DemandCodero
 
Barriers to mana
Barriers to manaBarriers to mana
Barriers to manaKarl Donert
 
Webinar: All in the Cloud - Data Protection Up, Costs Down
Webinar: All in the Cloud - Data Protection Up, Costs DownWebinar: All in the Cloud - Data Protection Up, Costs Down
Webinar: All in the Cloud - Data Protection Up, Costs DownStorage Switzerland
 
Using OpenStack to Control VM Chaos
Using OpenStack to Control VM ChaosUsing OpenStack to Control VM Chaos
Using OpenStack to Control VM ChaosDavid Strom
 
Shamit Khemka talks about facts on cloud computing helping small business to ...
Shamit Khemka talks about facts on cloud computing helping small business to ...Shamit Khemka talks about facts on cloud computing helping small business to ...
Shamit Khemka talks about facts on cloud computing helping small business to ...SynapseIndia
 
Practical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdfPractical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdfAhmed Misbah
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackLaurenWendler
 

Weitere ähnliche Inhalte

Was ist angesagt?

Fog Computing & Emerging Technologies
Fog Computing & Emerging TechnologiesFog Computing & Emerging Technologies
Fog Computing & Emerging TechnologiesRamneek Kalra
 
Sask 3.0 Summit David G. Brown
Sask 3.0 Summit David G. BrownSask 3.0 Summit David G. Brown
Sask 3.0 Summit David G. BrownSaskSummit
 
Codestone Cloud in a Box Overview
Codestone Cloud in a Box OverviewCodestone Cloud in a Box Overview
Codestone Cloud in a Box OverviewSimonFenech
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingDavid Strom
 
Fundraising and Technology: A Match Made in the Cloud
Fundraising and Technology: A Match Made in the CloudFundraising and Technology: A Match Made in the Cloud
Fundraising and Technology: A Match Made in the CloudBlackbaud
 
Domain Driven Design - garajco Education 2017
Domain Driven Design - garajco Education 2017Domain Driven Design - garajco Education 2017
Domain Driven Design - garajco Education 2017Can Pekdemir
 
Capacity Management for a Digital and Agile World
Capacity Management for a Digital and Agile WorldCapacity Management for a Digital and Agile World
Capacity Management for a Digital and Agile WorldPrecisely
 
Storage as a service v4 eng
Storage as a service v4 engStorage as a service v4 eng
Storage as a service v4 engDell EMC
 
Cloud computing elisheba wiggins
Cloud computing elisheba wigginsCloud computing elisheba wiggins
Cloud computing elisheba wigginsElisheba Wiggins
 
Group 2 - Cloud Storage
Group 2 - Cloud StorageGroup 2 - Cloud Storage
Group 2 - Cloud Storage12201375
 
IoT 2014 global challenges
IoT 2014 global challengesIoT 2014 global challenges
IoT 2014 global challengesDunavNET
 
Introduction to the Typesafe Reactive Platform
Introduction to the Typesafe Reactive PlatformIntroduction to the Typesafe Reactive Platform
Introduction to the Typesafe Reactive PlatformBoldRadius Solutions
 
Romi tech cloud workspace overview
Romi tech cloud workspace overviewRomi tech cloud workspace overview
Romi tech cloud workspace overviewromitech
 
The Future of IT Infrastructure is Hybrid and on Demand
The Future of IT Infrastructure is Hybrid and on DemandThe Future of IT Infrastructure is Hybrid and on Demand
The Future of IT Infrastructure is Hybrid and on DemandCodero
 
Barriers to mana
Barriers to manaBarriers to mana
Barriers to manaKarl Donert
 
Webinar: All in the Cloud - Data Protection Up, Costs Down
Webinar: All in the Cloud - Data Protection Up, Costs DownWebinar: All in the Cloud - Data Protection Up, Costs Down
Webinar: All in the Cloud - Data Protection Up, Costs DownStorage Switzerland
 
Using OpenStack to Control VM Chaos
Using OpenStack to Control VM ChaosUsing OpenStack to Control VM Chaos
Using OpenStack to Control VM ChaosDavid Strom
 
Shamit Khemka talks about facts on cloud computing helping small business to ...
Shamit Khemka talks about facts on cloud computing helping small business to ...Shamit Khemka talks about facts on cloud computing helping small business to ...
Shamit Khemka talks about facts on cloud computing helping small business to ...SynapseIndia
 

Was ist angesagt? (20)

Fog Computing & Emerging Technologies
Fog Computing & Emerging TechnologiesFog Computing & Emerging Technologies
Fog Computing & Emerging Technologies
 
Sask 3.0 Summit David G. Brown
Sask 3.0 Summit David G. BrownSask 3.0 Summit David G. Brown
Sask 3.0 Summit David G. Brown
 
Codestone Cloud in a Box Overview
Codestone Cloud in a Box OverviewCodestone Cloud in a Box Overview
Codestone Cloud in a Box Overview
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computing
 
Fundraising and Technology: A Match Made in the Cloud
Fundraising and Technology: A Match Made in the CloudFundraising and Technology: A Match Made in the Cloud
Fundraising and Technology: A Match Made in the Cloud
 
Domain Driven Design - garajco Education 2017
Domain Driven Design - garajco Education 2017Domain Driven Design - garajco Education 2017
Domain Driven Design - garajco Education 2017
 
Capacity Management for a Digital and Agile World
Capacity Management for a Digital and Agile WorldCapacity Management for a Digital and Agile World
Capacity Management for a Digital and Agile World
 
Cloud overview slideshare
Cloud overview slideshareCloud overview slideshare
Cloud overview slideshare
 
Storage as a service v4 eng
Storage as a service v4 engStorage as a service v4 eng
Storage as a service v4 eng
 
Cloud computing elisheba wiggins
Cloud computing elisheba wigginsCloud computing elisheba wiggins
Cloud computing elisheba wiggins
 
Group 2 - Cloud Storage
Group 2 - Cloud StorageGroup 2 - Cloud Storage
Group 2 - Cloud Storage
 
IoT 2014 global challenges
IoT 2014 global challengesIoT 2014 global challenges
IoT 2014 global challenges
 
Introduction to the Typesafe Reactive Platform
Introduction to the Typesafe Reactive PlatformIntroduction to the Typesafe Reactive Platform
Introduction to the Typesafe Reactive Platform
 
Cloud computing-pdf
Cloud computing-pdfCloud computing-pdf
Cloud computing-pdf
 
Romi tech cloud workspace overview
Romi tech cloud workspace overviewRomi tech cloud workspace overview
Romi tech cloud workspace overview
 
The Future of IT Infrastructure is Hybrid and on Demand
The Future of IT Infrastructure is Hybrid and on DemandThe Future of IT Infrastructure is Hybrid and on Demand
The Future of IT Infrastructure is Hybrid and on Demand
 
Barriers to mana
Barriers to manaBarriers to mana
Barriers to mana
 
Webinar: All in the Cloud - Data Protection Up, Costs Down
Webinar: All in the Cloud - Data Protection Up, Costs DownWebinar: All in the Cloud - Data Protection Up, Costs Down
Webinar: All in the Cloud - Data Protection Up, Costs Down
 
Using OpenStack to Control VM Chaos
Using OpenStack to Control VM ChaosUsing OpenStack to Control VM Chaos
Using OpenStack to Control VM Chaos
 
Shamit Khemka talks about facts on cloud computing helping small business to ...
Shamit Khemka talks about facts on cloud computing helping small business to ...Shamit Khemka talks about facts on cloud computing helping small business to ...
Shamit Khemka talks about facts on cloud computing helping small business to ...
 

Ähnlich wie Security architect's guide to cloud security architecture

Practical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdfPractical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdfAhmed Misbah
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackLaurenWendler
 
Bmit cloud market_survey_visterin_2013
Bmit cloud market_survey_visterin_2013Bmit cloud market_survey_visterin_2013
Bmit cloud market_survey_visterin_2013William Visterin
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackLaurenWendler
 
So you’ve bought into the concept of “cloud” technology
So you’ve bought into the concept of “cloud” technologySo you’ve bought into the concept of “cloud” technology
So you’ve bought into the concept of “cloud” technologyCisco Canada
 
Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Tudor Damian
 
MCM_Publicv1.01.pptx
MCM_Publicv1.01.pptxMCM_Publicv1.01.pptx
MCM_Publicv1.01.pptxKai Viljanen
 
Neo4j + Process Tempo present Plan Your Cloud Migration with Confidence
Neo4j + Process Tempo present Plan Your Cloud Migration with ConfidenceNeo4j + Process Tempo present Plan Your Cloud Migration with Confidence
Neo4j + Process Tempo present Plan Your Cloud Migration with ConfidenceNeo4j
 
Choosing Public vs. Private vs. Hybrid Cloud Computing
Choosing Public vs. Private vs. Hybrid Cloud ComputingChoosing Public vs. Private vs. Hybrid Cloud Computing
Choosing Public vs. Private vs. Hybrid Cloud ComputingSkytap Cloud
 
Avoiding Cloud Computing Planning & Implementation Failure
Avoiding Cloud Computing Planning & Implementation FailureAvoiding Cloud Computing Planning & Implementation Failure
Avoiding Cloud Computing Planning & Implementation FailureNathaniel Payne
 
Thin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud SecurityThin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud SecurityDan Fitzgerald, CISSP, CIPM
 
The Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeThe Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeBen Rothke
 
Cloud computing essentials
Cloud computing essentialsCloud computing essentials
Cloud computing essentialsGhanshyam Baheti
 
Single Realm Multi-Cloud Security Management with Palo Alto Networks
Single Realm Multi-Cloud Security Management with Palo Alto NetworksSingle Realm Multi-Cloud Security Management with Palo Alto Networks
Single Realm Multi-Cloud Security Management with Palo Alto Networks2nd Watch
 
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP ITHow To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP ITSkytap Cloud
 
Conversations in the Cloud
Conversations in the CloudConversations in the Cloud
Conversations in the CloudJames Kelly
 
How Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITHow Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITPeter HJ van Eijk
 
What the auditor need to know about cloud computing
What the auditor need to know about cloud computingWhat the auditor need to know about cloud computing
What the auditor need to know about cloud computingMoshe Ferber
 
Moving to the Cloud-How to Develop Cloud Strategy for Your Organization
Moving to the Cloud-How to Develop Cloud Strategy for Your OrganizationMoving to the Cloud-How to Develop Cloud Strategy for Your Organization
Moving to the Cloud-How to Develop Cloud Strategy for Your OrganizationEmtec Inc.
 

Ähnlich wie Security architect's guide to cloud security architecture (20)

Practical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdfPractical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdf
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover Track
 
Bmit cloud market_survey_visterin_2013
Bmit cloud market_survey_visterin_2013Bmit cloud market_survey_visterin_2013
Bmit cloud market_survey_visterin_2013
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover Track
 
So you’ve bought into the concept of “cloud” technology
So you’ve bought into the concept of “cloud” technologySo you’ve bought into the concept of “cloud” technology
So you’ve bought into the concept of “cloud” technology
 
Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]
 
MCM_Publicv1.01.pptx
MCM_Publicv1.01.pptxMCM_Publicv1.01.pptx
MCM_Publicv1.01.pptx
 
Neo4j + Process Tempo present Plan Your Cloud Migration with Confidence
Neo4j + Process Tempo present Plan Your Cloud Migration with ConfidenceNeo4j + Process Tempo present Plan Your Cloud Migration with Confidence
Neo4j + Process Tempo present Plan Your Cloud Migration with Confidence
 
Choosing Public vs. Private vs. Hybrid Cloud Computing
Choosing Public vs. Private vs. Hybrid Cloud ComputingChoosing Public vs. Private vs. Hybrid Cloud Computing
Choosing Public vs. Private vs. Hybrid Cloud Computing
 
Architecting your way up in the cloud
Architecting your way up in the cloudArchitecting your way up in the cloud
Architecting your way up in the cloud
 
Avoiding Cloud Computing Planning & Implementation Failure
Avoiding Cloud Computing Planning & Implementation FailureAvoiding Cloud Computing Planning & Implementation Failure
Avoiding Cloud Computing Planning & Implementation Failure
 
Thin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud SecurityThin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud Security
 
The Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeThe Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - Rothke
 
Cloud computing essentials
Cloud computing essentialsCloud computing essentials
Cloud computing essentials
 
Single Realm Multi-Cloud Security Management with Palo Alto Networks
Single Realm Multi-Cloud Security Management with Palo Alto NetworksSingle Realm Multi-Cloud Security Management with Palo Alto Networks
Single Realm Multi-Cloud Security Management with Palo Alto Networks
 
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP ITHow To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
 
Conversations in the Cloud
Conversations in the CloudConversations in the Cloud
Conversations in the Cloud
 
How Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITHow Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run IT
 
What the auditor need to know about cloud computing
What the auditor need to know about cloud computingWhat the auditor need to know about cloud computing
What the auditor need to know about cloud computing
 
Moving to the Cloud-How to Develop Cloud Strategy for Your Organization
Moving to the Cloud-How to Develop Cloud Strategy for Your OrganizationMoving to the Cloud-How to Develop Cloud Strategy for Your Organization
Moving to the Cloud-How to Develop Cloud Strategy for Your Organization
 

Mehr von NSC42 Ltd

Nsc42 the security phoenix
Nsc42 the security phoenixNsc42 the security phoenix
Nsc42 the security phoenixNSC42 Ltd
 
Nsc42 - the security phoenix devsecops - risk-present_0_3 share
Nsc42 - the security phoenix devsecops - risk-present_0_3 shareNsc42 - the security phoenix devsecops - risk-present_0_3 share
Nsc42 - the security phoenix devsecops - risk-present_0_3 shareNSC42 Ltd
 
The security phoenix - from the ashes of DEV-OPS Appsec California 2020
The security phoenix - from the ashes of DEV-OPS Appsec California 2020The security phoenix - from the ashes of DEV-OPS Appsec California 2020
The security phoenix - from the ashes of DEV-OPS Appsec California 2020NSC42 Ltd
 
Nsc42 security knights slayer of dragons 0-5_very_short_15m_share
Nsc42 security knights slayer of dragons 0-5_very_short_15m_shareNsc42 security knights slayer of dragons 0-5_very_short_15m_share
Nsc42 security knights slayer of dragons 0-5_very_short_15m_shareNSC42 Ltd
 
Nsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smartNsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smartNSC42 Ltd
 
Nsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC ConferenceNsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC ConferenceNSC42 Ltd
 
Nsc42 - is the cloud secure - is easy if you do it smart UNICOM
Nsc42 - is the cloud secure - is easy if you do it smart UNICOMNsc42 - is the cloud secure - is easy if you do it smart UNICOM
Nsc42 - is the cloud secure - is easy if you do it smart UNICOMNSC42 Ltd
 
Nsc42 - is the cloud secure - is easy if you do it smart Cybersecurity&Cloud ...
Nsc42 - is the cloud secure - is easy if you do it smart Cybersecurity&Cloud ...Nsc42 - is the cloud secure - is easy if you do it smart Cybersecurity&Cloud ...
Nsc42 - is the cloud secure - is easy if you do it smart Cybersecurity&Cloud ...NSC42 Ltd
 
CSA - Nsc42 - London chapter keynote - cloud transformation security challenges
CSA - Nsc42 - London chapter keynote - cloud transformation security challenges CSA - Nsc42 - London chapter keynote - cloud transformation security challenges
CSA - Nsc42 - London chapter keynote - cloud transformation security challengesNSC42 Ltd
 

Mehr von NSC42 Ltd (9)

Nsc42 the security phoenix
Nsc42 the security phoenixNsc42 the security phoenix
Nsc42 the security phoenix
 
Nsc42 - the security phoenix devsecops - risk-present_0_3 share
Nsc42 - the security phoenix devsecops - risk-present_0_3 shareNsc42 - the security phoenix devsecops - risk-present_0_3 share
Nsc42 - the security phoenix devsecops - risk-present_0_3 share
 
The security phoenix - from the ashes of DEV-OPS Appsec California 2020
The security phoenix - from the ashes of DEV-OPS Appsec California 2020The security phoenix - from the ashes of DEV-OPS Appsec California 2020
The security phoenix - from the ashes of DEV-OPS Appsec California 2020
 
Nsc42 security knights slayer of dragons 0-5_very_short_15m_share
Nsc42 security knights slayer of dragons 0-5_very_short_15m_shareNsc42 security knights slayer of dragons 0-5_very_short_15m_share
Nsc42 security knights slayer of dragons 0-5_very_short_15m_share
 
Nsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smartNsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smart
 
Nsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC ConferenceNsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC Conference
 
Nsc42 - is the cloud secure - is easy if you do it smart UNICOM
Nsc42 - is the cloud secure - is easy if you do it smart UNICOMNsc42 - is the cloud secure - is easy if you do it smart UNICOM
Nsc42 - is the cloud secure - is easy if you do it smart UNICOM
 
Nsc42 - is the cloud secure - is easy if you do it smart Cybersecurity&Cloud ...
Nsc42 - is the cloud secure - is easy if you do it smart Cybersecurity&Cloud ...Nsc42 - is the cloud secure - is easy if you do it smart Cybersecurity&Cloud ...
Nsc42 - is the cloud secure - is easy if you do it smart Cybersecurity&Cloud ...
 
CSA - Nsc42 - London chapter keynote - cloud transformation security challenges
CSA - Nsc42 - London chapter keynote - cloud transformation security challenges CSA - Nsc42 - London chapter keynote - cloud transformation security challenges
CSA - Nsc42 - London chapter keynote - cloud transformation security challenges
 

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Kürzlich hochgeladen (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

Security architect's guide to cloud security architecture

  • 1. I’m a security architect with my head in the cloud Oct 2018 Francesco Cipollone David Boda Public
  • 2. Intro to the talk Public
  • 3. Agenda • Security architecture – traditional vs cloud • Cloud – what’s different? • Intro to Camelot and our AWS journey • How to sell cloud security architecture to the business • What worked for us and what did not work so well • Key Take aways Our Agenda Public
  • 4. Intro Francesco Cipollone Cloud Security Architect @ Camelot Francesco is a security Consultant focused on Cloud problems working as Security Architect in Camelot @FraSEC42 David Boda Head of Information security @ Camelot David Boda is the Head of information security at Camelot Public
  • 5. Intro to Security Architecture • What is a security architect? • What’s the architect role in the strategy? • What is the role of a security architect in this modern word ? • What is the added value? Public
  • 6. What is this cloud and can I have a piece of it • Cloud: Just someone else’s computer • Comes in different flavours and acronyms: IaaS, PaaS, SaaS, IDaaS… • Scalable and ‘rapid’ • Different models: Cloud provider or specific service providers Public
  • 7. Challenges of a Security Architect • Traditional challenge of a security architect • Cloud challenges plus a bag of classical security issues • Tech Stack constant changing
  • 8. Bringing it all together • Why is the cloud different? • Note – we will be focusing on AWS • Due diligence on SaaS and PaaS Public
  • 9. Security @ Camelot APPs interfaces code Terminals Datacentre Physical/Cloud Payment Interfaces Infrastructure Cloud solution (SaaS) accounts ...as well as supporting our sister business and it’s customers VSATs Retailers Draws Offices Staff 800+ High tier prize payments / yr 5000 investigations / yr Public
  • 11. How to sell security architecture to the business? • How do we do it in Camelot? • What has worked and what has not worked? Public
  • 12. Security Architecture – Selling Point • Security by design – avoid delays • Minimal incremental security improvements • Effective and efficient controls • Strategy and vision built in each project
  • 13. Cloud Architecture – Is it just blueprint right? • Architecting in cloud is different Technology • Leveraging on blueprints • Looking forward and thinking strategically is challenging • Everyone thinks is an architect in the cloud • Challenges for Security as anyone spins services Public
  • 14. Traditional vs Cloud Security Architecture • Traditional vs cloud • Different Technology • Different patterns • Some similarities (e.g. IaaS traditional) Public
  • 15. Cloud Architecture – Examples – where it did work Where it did work: • Cloud transformation supported by strategy • Strong Foundation • Use of native controls • Monitoring and alerting • Make use of automation • Train and plan hiring Public
  • 16. Cloud Architecture – Examples – where it didn't work Where it didn’t work: • Weak Foundation • No management involved/strategy • Weak Processes • No monitoring/Alerting • No plan in hiring Public
  • 17. Cloud Security Incidents management in the cloud • You can’t pull cables in the cloud • Incident management and detecting can be harder • Monitor and alerting on billing and your resources • Education on the various services…is not just another VM in the Datacentre • Prevention of spinning up expensive service with policies Public
  • 18. Key Take Away Cloud transformations can be a treacherous journey especially for security professionals: - Cloud is different than traditional - Do your due diligence up front - Start early create a solid foundation - Automate where possible - Native cloud controls! Use them - Decisions based on risk - Skill shortage: be prepared to learn Public
  • 19. Why do we do all this - Video Public
  • 21. Get in touch Get in touch: FC-LinkedIn Camelot Careers Thank you @FraSEC42 DB-LinkedIn Public