SlideShare a Scribd company logo

Cloud Cybersecurity Beyond SaaS

CloudLock
CloudLock

Whether you’ve got SaaS apps deployed, depend on IaaS solutions like AWS, run on a PaaS platform lik Force.com, or have an IDaaS solution in place, finding common ground for your entire cloud ecosystem's security is tough. It’s where all these come together that security becomes chaotic and fascinating.

Technology
1 of 41
Download to read offline
April 28, 2015 Cloud Cybersecurity Beyond SaaS Tsahy Shapsa Co-Founder Russell Miller Director of Product Marketing
The Enterprise Cloud IT Backbone & Cloud Factory Business Backbone People Factory (PaaS & IaaS) Legacy Security Solutions ON-PREMISECLOUD CyberSecurity Fabric Messaging & Collaboration Sales & marketing HR & Skills Finance Sharepoint Apps App Server Database force.com CloudLock Confidential - DO NOT DISTRIBUTE 2
Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack To Proxy or Not To Proxy CloudLock Cybersecurity Fabric 3 05 Requirements for a Cloud Security Solution
The 1% Who Can Take Down Your Organization 4
Disproportionate Cloud Risk 5 Cyberlab
Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack To Proxy or Not To Proxy CloudLock Cybersecurity Fabric 6 05 Requirements for a Cloud Security Solution
Anatomy of a pure cloud cyberattack Deliver ActRecon 1 2 3
Recon - Person / Location / Activity / Relevance
Deliver - Pure Cloud Weapon - Delivery
Deliver - Pure Cloud Weapon - Authorization
Act - Cyberattack - Escalate / Impersonate / Exfiltrate
Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack CloudLock Cybersecurity Fabric 12 05 Requirements for a Cloud Security Solution To Proxy or Not To Proxy
People Centric Approach to Cloud Cybersecurity 13 IDENTITY CLOUD DEVICE ACCOUNTS APPS DATA
ACCOUNTS APPS DATA Cloud Cybersecurity - Compromised Accounts 14 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
15 To detect account compromises, look across platforms! ▪ ▪ ● Distance from the US to the Central African Republic: 7,362 miles ● At a speed of 800 mph, it would take 9.2 hours to travel between them
ACCOUNTS APPS DATA Cloud Cybersecurity - Cloud Malware 16 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
Cloud Cybersecurity - Cloud Malware 17 Multiple Users Amount & Type of Data & Appsx x 3rd Party OAuth App
ACCOUNTS APPS DATA Cloud Cybersecurity - Data Breaches 18 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
Data Breaches: Where is my sensitive data?.. SaaS force.com PaaS and IaaS force.com IDaaS
ACCOUNTS APPS DATA Cloud Cybersecurity - Compliance 20 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
Compliance: Responding to audit requests SaaS force.com PaaS and IaaS force.com IDaaS
ACCOUNTS APPS DATA Cloud Cybersecurity - SecOps & Forensics 22 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
SecOps & Forensics SaaS force.com PaaS and IaaS force.com IDaaS EnterpriseEnterprise
Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack CloudLock Cybersecurity Fabric 24 05 Requirements for a Cloud Security Solution To Proxy or Not To Proxy
Questions You Must Ask Yourself SaaS force.com PaaS and IaaS force.com IDaaS What do users do in my Cloud Apps? How do I identify compromised Accounts? What Shadow Apps are my users using? Are Shadow Apps connected to sanctioned Ones ? Do I have sensitive Toxic/regulated data in the cloud? How do I encrypt/ Quarantine sensitive data in the cloud?
SaaS force.com PaaS and IaaS force.com IDaaS To Proxy or Not To Proxy... 26 Proxy Hybrid API
“I fear not the man who has practiced 10,000 kicks once, but I fear the man who has practiced one kick 10,000 times.” Focus is Success
Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack CloudLock Cybersecurity Fabric 28 05 Requirements for a Cloud Security Solution To Proxy or Not To Proxy
Enterprise Cloud Cybersecurity Platform App Developer Homegrown Apps ISV Cloud Apps End - User 29CloudLock Confidential - DO NOT DISTRIBUTE DLP / Content Classification Encryption Management Apps Firewall Configuration Security ITSecurity User Behavior Analytics . . . Enterprise SaaS force.com PaaS and IaaS IDaaS
Cybersecurity is much more than just SaaS
Case Study: PCI Compliance on AWS ● ACME Runs a Video Streaming Service on AWS ● Home-grown apps process CC info ● Recent Data Breaches sparked audit board to assess ‘PCI risk profile’ Company Profile Business Requirements ● PCI Risk Assessment of data stored in S3 ● Establish on-going PCI compliance enforcement controls on S3 ● Create a PCI Compliance reporting Readiness for internal & external audit ● ‘Everything-as-a-Service’ DNA
Solution: PCI-Compliance-as-a-Service Enterprise ■ POC - one day ■ Subscribe to CloudLock’s ‘Content Classification’ API service ■ Minor modification to home-grown app Solution CloudLock APIs File / Object Query: PCI Data? 10 ‘hits’ of PCI Data
Next Step: Get a Cybersecurity Assessment bit.ly/cloudlock-assessment
Q&A Tsahy Shapsa Co-Founder Russell Miller Director of Product Marketing
CloudLock Cybersecurity Report CloudLock Cloud Cybersecurity Report: 1% Who Can Take Down Your Organization Key Findings: FREE DOWNLOAD 35 Apps Top 25 apps that connect to corporate accounts comprise 62% of all installs - each representing a digital inroad to your organization, yet there is a long tail of hundreds of apps with fewer installs but higher risk profiles Collaboration 75% of inter-organization collaboration is with 25 other organizations, despite an average of 865 collaborative organizations per company Users The Top 1% of Users Create 75% of Cloud Cybersecurity Risk
36 CloudLock: Proven Leader for Cloud Cybersecurity 91,000 APPS DISCOVERED 10 Million USERS FILES MONITORED DAILY 1 Billion
Thank You Questions & Answers www.cloudlock.com info@cloudlock.com 781.996.4332 37
Q1 2015 Cloud Cybersecurity Report: The Extended Perimeter 38
CloudLock’s DNA Business Investors Trust Value Prop Approach Founded in 2011, 135 Employees, global offices Unified multi-cloud solution for Cloud Data Protection & Governance, Risk & Compliance, App Discovery & Control, Auditing & Forensics, Threat Protection & User Behavior Analytics SaaS: Cloud-Native and 100% API-based No gateways, no proxies, no impact on workflows, users, or platform performance
40 Cloud Security Fabric
Inc. 500 (Aug. 2015) 41 3-year growth: 3,557% Overall: No. 93 Security: No. 1 in U.S. Technology: No 1 in Mass

Recommended

Cloud 2.0: Containers, Microservices and Cloud Hybridization
Cloud 2.0: Containers, Microservices and Cloud HybridizationCloud 2.0: Containers, Microservices and Cloud Hybridization
Cloud 2.0: Containers, Microservices and Cloud HybridizationMark Hinkle
 
Cloud Computing and Free Software: the eyeOS Project
Cloud Computing and Free Software: the eyeOS ProjectCloud Computing and Free Software: the eyeOS Project
Cloud Computing and Free Software: the eyeOS ProjectPau Garcia-Milà
 
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds Capacity
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds CapacityCloud Bursting 101: What to do When Cloud Computing Demand Exceeds Capacity
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds CapacityAvere Systems
 
Cloud 2.0 - How Containers, Microservices and Open Source Software are Redefi...
Cloud 2.0 - How Containers, Microservices and Open Source Software are Redefi...Cloud 2.0 - How Containers, Microservices and Open Source Software are Redefi...
Cloud 2.0 - How Containers, Microservices and Open Source Software are Redefi...Mark Hinkle
 
Overcoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to CloudOvercoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to CloudTrustmarque
 
Cloud Computing: Helping Financial Institutions Leverage the Cloud to Improve...
Cloud Computing: Helping Financial Institutions Leverage the Cloud to Improve...Cloud Computing: Helping Financial Institutions Leverage the Cloud to Improve...
Cloud Computing: Helping Financial Institutions Leverage the Cloud to Improve...IBM Banking
 
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftProgress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftMind the Byte
 
6 trends that will shape Cloud computing in 2017 - An Infograph
6 trends that will shape Cloud computing in 2017 - An Infograph6 trends that will shape Cloud computing in 2017 - An Infograph
6 trends that will shape Cloud computing in 2017 - An InfographInApp
 

Recommended

Cloud 2.0: Containers, Microservices and Cloud Hybridization
Cloud 2.0: Containers, Microservices and Cloud HybridizationCloud 2.0: Containers, Microservices and Cloud Hybridization
Cloud 2.0: Containers, Microservices and Cloud HybridizationMark Hinkle
 
Cloud Computing and Free Software: the eyeOS Project
Cloud Computing and Free Software: the eyeOS ProjectCloud Computing and Free Software: the eyeOS Project
Cloud Computing and Free Software: the eyeOS ProjectPau Garcia-Milà
 
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds Capacity
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds CapacityCloud Bursting 101: What to do When Cloud Computing Demand Exceeds Capacity
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds CapacityAvere Systems
 
Cloud 2.0 - How Containers, Microservices and Open Source Software are Redefi...
Cloud 2.0 - How Containers, Microservices and Open Source Software are Redefi...Cloud 2.0 - How Containers, Microservices and Open Source Software are Redefi...
Cloud 2.0 - How Containers, Microservices and Open Source Software are Redefi...Mark Hinkle
 
Overcoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to CloudOvercoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to CloudTrustmarque
 
Cloud Computing: Helping Financial Institutions Leverage the Cloud to Improve...
Cloud Computing: Helping Financial Institutions Leverage the Cloud to Improve...Cloud Computing: Helping Financial Institutions Leverage the Cloud to Improve...
Cloud Computing: Helping Financial Institutions Leverage the Cloud to Improve...IBM Banking
 
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftProgress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftMind the Byte
 
6 trends that will shape Cloud computing in 2017 - An Infograph
6 trends that will shape Cloud computing in 2017 - An Infograph6 trends that will shape Cloud computing in 2017 - An Infograph
6 trends that will shape Cloud computing in 2017 - An InfographInApp
 
Information Technology in the Cloud
Information Technology in the CloudInformation Technology in the Cloud
Information Technology in the CloudWelch LLP
 
Cloud Computing for Startups
Cloud Computing for StartupsCloud Computing for Startups
Cloud Computing for StartupsYong Li
 
Top 10 benefits of cloud computing - By Techvedic
Top 10 benefits of cloud computing - By TechvedicTop 10 benefits of cloud computing - By Techvedic
Top 10 benefits of cloud computing - By TechvedicTechvedic
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingPECB
 
Protecting Yourself from the Heartbleed Bug
Protecting Yourself from the Heartbleed BugProtecting Yourself from the Heartbleed Bug
Protecting Yourself from the Heartbleed BugDavid Sweigert
 
Cloud Computing & Cybersecurity
Cloud Computing & CybersecurityCloud Computing & Cybersecurity
Cloud Computing & CybersecurityDavid Sweigert
 
Why Enterprise Architecture Must drive Cloud Strategy and Planning
Why Enterprise Architecture Must drive Cloud Strategy and PlanningWhy Enterprise Architecture Must drive Cloud Strategy and Planning
Why Enterprise Architecture Must drive Cloud Strategy and PlanningRateb Abu Hawieleh
 
Trends in Cloud Computing 2016
Trends in Cloud Computing 2016Trends in Cloud Computing 2016
Trends in Cloud Computing 2016CompTIA
 
Cloud computing Basics
Cloud computing BasicsCloud computing Basics
Cloud computing BasicsSagar Sane
 
2016 Future of Cloud Computing Study
2016 Future of Cloud Computing Study2016 Future of Cloud Computing Study
2016 Future of Cloud Computing StudyNorth Bridge
 
Cloud computing simple ppt
Cloud computing simple pptCloud computing simple ppt
Cloud computing simple pptAgarwaljay
 
Introduction of Cloud computing
Introduction of Cloud computingIntroduction of Cloud computing
Introduction of Cloud computingRkrishna Mishra
 
cloud computing ppt
cloud computing pptcloud computing ppt
cloud computing ppthimanshuawasthi2109
 
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockBe A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockCloudLock
 
Codeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCodeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCloudLock
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
 
The 1% Who Can Take Down your Organization
The 1% Who Can Take Down your OrganizationThe 1% Who Can Take Down your Organization
The 1% Who Can Take Down your OrganizationCloudLock
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachCloudLock
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StoryCloudLock
 
The Riskiest Industries in the Cloud
The Riskiest Industries in the CloudThe Riskiest Industries in the Cloud
The Riskiest Industries in the CloudCloudLock
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 

More Related Content

Viewers also liked

Information Technology in the Cloud
Information Technology in the CloudInformation Technology in the Cloud
Information Technology in the CloudWelch LLP
 
Cloud Computing for Startups
Cloud Computing for StartupsCloud Computing for Startups
Cloud Computing for StartupsYong Li
 
Top 10 benefits of cloud computing - By Techvedic
Top 10 benefits of cloud computing - By TechvedicTop 10 benefits of cloud computing - By Techvedic
Top 10 benefits of cloud computing - By TechvedicTechvedic
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingPECB
 
Protecting Yourself from the Heartbleed Bug
Protecting Yourself from the Heartbleed BugProtecting Yourself from the Heartbleed Bug
Protecting Yourself from the Heartbleed BugDavid Sweigert
 
Cloud Computing & Cybersecurity
Cloud Computing & CybersecurityCloud Computing & Cybersecurity
Cloud Computing & CybersecurityDavid Sweigert
 
Why Enterprise Architecture Must drive Cloud Strategy and Planning
Why Enterprise Architecture Must drive Cloud Strategy and PlanningWhy Enterprise Architecture Must drive Cloud Strategy and Planning
Why Enterprise Architecture Must drive Cloud Strategy and PlanningRateb Abu Hawieleh
 
Trends in Cloud Computing 2016
Trends in Cloud Computing 2016Trends in Cloud Computing 2016
Trends in Cloud Computing 2016CompTIA
 
Cloud computing Basics
Cloud computing BasicsCloud computing Basics
Cloud computing BasicsSagar Sane
 
2016 Future of Cloud Computing Study
2016 Future of Cloud Computing Study2016 Future of Cloud Computing Study
2016 Future of Cloud Computing StudyNorth Bridge
 
Cloud computing simple ppt
Cloud computing simple pptCloud computing simple ppt
Cloud computing simple pptAgarwaljay
 
Introduction of Cloud computing
Introduction of Cloud computingIntroduction of Cloud computing
Introduction of Cloud computingRkrishna Mishra
 

Viewers also liked (13)

Information Technology in the Cloud
Information Technology in the CloudInformation Technology in the Cloud
Information Technology in the Cloud
 
Cloud Computing for Startups
Cloud Computing for StartupsCloud Computing for Startups
Cloud Computing for Startups
 
Top 10 benefits of cloud computing - By Techvedic
Top 10 benefits of cloud computing - By TechvedicTop 10 benefits of cloud computing - By Techvedic
Top 10 benefits of cloud computing - By Techvedic
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud Computing
 
Protecting Yourself from the Heartbleed Bug
Protecting Yourself from the Heartbleed BugProtecting Yourself from the Heartbleed Bug
Protecting Yourself from the Heartbleed Bug
 
Cloud Computing & Cybersecurity
Cloud Computing & CybersecurityCloud Computing & Cybersecurity
Cloud Computing & Cybersecurity
 
Why Enterprise Architecture Must drive Cloud Strategy and Planning
Why Enterprise Architecture Must drive Cloud Strategy and PlanningWhy Enterprise Architecture Must drive Cloud Strategy and Planning
Why Enterprise Architecture Must drive Cloud Strategy and Planning
 
Trends in Cloud Computing 2016
Trends in Cloud Computing 2016Trends in Cloud Computing 2016
Trends in Cloud Computing 2016
 
Cloud computing Basics
Cloud computing BasicsCloud computing Basics
Cloud computing Basics
 
2016 Future of Cloud Computing Study
2016 Future of Cloud Computing Study2016 Future of Cloud Computing Study
2016 Future of Cloud Computing Study
 
Cloud computing simple ppt
Cloud computing simple pptCloud computing simple ppt
Cloud computing simple ppt
 
Introduction of Cloud computing
Introduction of Cloud computingIntroduction of Cloud computing
Introduction of Cloud computing
 
cloud computing ppt
cloud computing pptcloud computing ppt
cloud computing ppt
 

More from CloudLock

Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockBe A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockCloudLock
 
Codeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCodeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCloudLock
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
 
The 1% Who Can Take Down your Organization
The 1% Who Can Take Down your OrganizationThe 1% Who Can Take Down your Organization
The 1% Who Can Take Down your OrganizationCloudLock
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachCloudLock
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StoryCloudLock
 
The Riskiest Industries in the Cloud
The Riskiest Industries in the CloudThe Riskiest Industries in the Cloud
The Riskiest Industries in the CloudCloudLock
 

More from CloudLock (7)

Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockBe A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
 
Codeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCodeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWS
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS Security
 
The 1% Who Can Take Down your Organization
The 1% Who Can Take Down your OrganizationThe 1% Who Can Take Down your Organization
The 1% Who Can Take Down your Organization
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security Breach
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's Story
 
The Riskiest Industries in the Cloud
The Riskiest Industries in the CloudThe Riskiest Industries in the Cloud
The Riskiest Industries in the Cloud
 

Recently uploaded

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 

Recently uploaded (20)

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 

Cloud Cybersecurity Beyond SaaS

  • 1. April 28, 2015 Cloud Cybersecurity Beyond SaaS Tsahy Shapsa Co-Founder Russell Miller Director of Product Marketing
  • 2. The Enterprise Cloud IT Backbone & Cloud Factory Business Backbone People Factory (PaaS & IaaS) Legacy Security Solutions ON-PREMISECLOUD CyberSecurity Fabric Messaging & Collaboration Sales & marketing HR & Skills Finance Sharepoint Apps App Server Database force.com CloudLock Confidential - DO NOT DISTRIBUTE 2
  • 3. Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack To Proxy or Not To Proxy CloudLock Cybersecurity Fabric 3 05 Requirements for a Cloud Security Solution
  • 4. The 1% Who Can Take Down Your Organization 4
  • 6. Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack To Proxy or Not To Proxy CloudLock Cybersecurity Fabric 6 05 Requirements for a Cloud Security Solution
  • 7. Anatomy of a pure cloud cyberattack Deliver ActRecon 1 2 3
  • 8. Recon - Person / Location / Activity / Relevance
  • 9. Deliver - Pure Cloud Weapon - Delivery
  • 10. Deliver - Pure Cloud Weapon - Authorization
  • 11. Act - Cyberattack - Escalate / Impersonate / Exfiltrate
  • 12. Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack CloudLock Cybersecurity Fabric 12 05 Requirements for a Cloud Security Solution To Proxy or Not To Proxy
  • 13. People Centric Approach to Cloud Cybersecurity 13 IDENTITY CLOUD DEVICE ACCOUNTS APPS DATA
  • 14. ACCOUNTS APPS DATA Cloud Cybersecurity - Compromised Accounts 14 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
  • 15. 15 To detect account compromises, look across platforms! ▪ ▪ ● Distance from the US to the Central African Republic: 7,362 miles ● At a speed of 800 mph, it would take 9.2 hours to travel between them
  • 16. ACCOUNTS APPS DATA Cloud Cybersecurity - Cloud Malware 16 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
  • 17. Cloud Cybersecurity - Cloud Malware 17 Multiple Users Amount & Type of Data & Appsx x 3rd Party OAuth App
  • 18. ACCOUNTS APPS DATA Cloud Cybersecurity - Data Breaches 18 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
  • 19. Data Breaches: Where is my sensitive data?.. SaaS force.com PaaS and IaaS force.com IDaaS
  • 20. ACCOUNTS APPS DATA Cloud Cybersecurity - Compliance 20 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
  • 21. Compliance: Responding to audit requests SaaS force.com PaaS and IaaS force.com IDaaS
  • 22. ACCOUNTS APPS DATA Cloud Cybersecurity - SecOps & Forensics 22 #1 Compromised Accounts #2 Cloud Malware #3 Data Breaches #4 Compliance #5 SecOps & Forensics
  • 23. SecOps & Forensics SaaS force.com PaaS and IaaS force.com IDaaS EnterpriseEnterprise
  • 24. Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack CloudLock Cybersecurity Fabric 24 05 Requirements for a Cloud Security Solution To Proxy or Not To Proxy
  • 25. Questions You Must Ask Yourself SaaS force.com PaaS and IaaS force.com IDaaS What do users do in my Cloud Apps? How do I identify compromised Accounts? What Shadow Apps are my users using? Are Shadow Apps connected to sanctioned Ones ? Do I have sensitive Toxic/regulated data in the cloud? How do I encrypt/ Quarantine sensitive data in the cloud?
  • 26. SaaS force.com PaaS and IaaS force.com IDaaS To Proxy or Not To Proxy... 26 Proxy Hybrid API
  • 27. “I fear not the man who has practiced 10,000 kicks once, but I fear the man who has practiced one kick 10,000 times.” Focus is Success
  • 28. Agenda 01 02 03 04 Cyberlab Research: The 1% Who Can Take Down Your Organization The Anatomy of a Cloud Cyberattack CloudLock Cybersecurity Fabric 28 05 Requirements for a Cloud Security Solution To Proxy or Not To Proxy
  • 29. Enterprise Cloud Cybersecurity Platform App Developer Homegrown Apps ISV Cloud Apps End - User 29CloudLock Confidential - DO NOT DISTRIBUTE DLP / Content Classification Encryption Management Apps Firewall Configuration Security ITSecurity User Behavior Analytics . . . Enterprise SaaS force.com PaaS and IaaS IDaaS
  • 30. Cybersecurity is much more than just SaaS
  • 31. Case Study: PCI Compliance on AWS ● ACME Runs a Video Streaming Service on AWS ● Home-grown apps process CC info ● Recent Data Breaches sparked audit board to assess ‘PCI risk profile’ Company Profile Business Requirements ● PCI Risk Assessment of data stored in S3 ● Establish on-going PCI compliance enforcement controls on S3 ● Create a PCI Compliance reporting Readiness for internal & external audit ● ‘Everything-as-a-Service’ DNA
  • 32. Solution: PCI-Compliance-as-a-Service Enterprise ■ POC - one day ■ Subscribe to CloudLock’s ‘Content Classification’ API service ■ Minor modification to home-grown app Solution CloudLock APIs File / Object Query: PCI Data? 10 ‘hits’ of PCI Data
  • 33. Next Step: Get a Cybersecurity Assessment bit.ly/cloudlock-assessment
  • 34. Q&A Tsahy Shapsa Co-Founder Russell Miller Director of Product Marketing
  • 35. CloudLock Cybersecurity Report CloudLock Cloud Cybersecurity Report: 1% Who Can Take Down Your Organization Key Findings: FREE DOWNLOAD 35 Apps Top 25 apps that connect to corporate accounts comprise 62% of all installs - each representing a digital inroad to your organization, yet there is a long tail of hundreds of apps with fewer installs but higher risk profiles Collaboration 75% of inter-organization collaboration is with 25 other organizations, despite an average of 865 collaborative organizations per company Users The Top 1% of Users Create 75% of Cloud Cybersecurity Risk
  • 36. 36 CloudLock: Proven Leader for Cloud Cybersecurity 91,000 APPS DISCOVERED 10 Million USERS FILES MONITORED DAILY 1 Billion
  • 37. Thank You Questions & Answers www.cloudlock.com info@cloudlock.com 781.996.4332 37
  • 38. Q1 2015 Cloud Cybersecurity Report: The Extended Perimeter 38
  • 39. CloudLock’s DNA Business Investors Trust Value Prop Approach Founded in 2011, 135 Employees, global offices Unified multi-cloud solution for Cloud Data Protection & Governance, Risk & Compliance, App Discovery & Control, Auditing & Forensics, Threat Protection & User Behavior Analytics SaaS: Cloud-Native and 100% API-based No gateways, no proxies, no impact on workflows, users, or platform performance
  • 41. Inc. 500 (Aug. 2015) 41 3-year growth: 3,557% Overall: No. 93 Security: No. 1 in U.S. Technology: No 1 in Mass