SlideShare a Scribd company logo

Security: Enabling the Journey to the Cloud

Download as PPTX, PDF
Capgemini
Capgemini

Andy Powell VP UK Cybersecurity - Capgemini Doug Davidson UK CTO for Cybersecurity - Capgemini Organisations are moving to the Cloud in order to rationalise their legacy application estates and improve the quality of their application services, business performance, and business agility, whilst at the same time reducing their IT cost base. However, the road to Cloud services adoption is fraught with many risks and issues that can trip up the unwary. In this presentation Andy and Doug will outline some of the areas of security risk and threats that customers adopting Cloud services routinely come across. They will also talk through some of the security controls and approaches that you can use to avoid or mitigate business impacts to your cloud services, and will describe how organisations can follow a methodology to securely transition to the Cloud.

Presentations & Public Speaking
1 of 20
1Copyright © 2016 Capgemini and Sogeti – Internal use only. All Rights Reserved. Security: Enabling the Journey to the Cloud Andy Powell VP UK Cybersecurity - Capgemini Doug Davidson UK CTO for Cybersecurity- Capgemini
2Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Agenda  Cloud Security Overview  Cloud Security Challenges  Cloud Security Transformation  Lessons and takeaways  Q&A
3Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Countering the Threat – ‘a truly Medieval Approach’ …with Cloud Services, where’s the perimeter now? Once we knew where the Enterprise boundary was...
4Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Adopting cloud requires an organization to rethink security to effectively safeguard assets and data  Leasing computing power in the cloud, sharing the security responsibility with CSPs  Utilising an ecosystem of cloud security solution providers  No customization of solutions, shift to informed selection upfront  Control moved to the business users (end-point devices) and partners (servers)  Identity and Access Management in the Cloud (IDaaS) as key control and business enabler for organisations  Focus on Shared Responsibility and holistic risk management to prioritise mitigation actions  Cloud aligned policies and procedures aligned with the shared responsibility model Traditional Enterprise IT Cloud  Building and maintaining IT and Security capabilities in-house  Working with a selective group IT and Security suppliers  In house developed systems or far reaching customisation of commercial packages  IT having direct control on all assets, data and devices  Identity and Access Management as one of the control elements in the Security Managers toolkit  Focus on vulnerability and patch management from a product perspective  Policies and procedures tailored to an in-house IT landscape Hybridised Enterprise/Cloud services will be here for some time to come..
5Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 CloudSupplierManages CustomerManages Applications Data Virtualization Runtime Middleware O/S Servers Storage Networking Applications Data Virtualization Runtime Middleware O/S Servers Storage Networking Applications Data Virtualization Runtime Middleware O/S Servers Storage Networking Applications Data Virtualization Runtime Middleware O/S Servers Storage Networking On-Premises Infrastructure (as a Service) Platform (as a Service) Software (as a Service) Information and Data Protection Identity & Access Management Governance Risk & Compliance Information and Data Protection Identity & Access Management Governance Risk & Compliance Information and Data Protection Identity & Access Management Governance Risk & Compliance Information and Data Protection Identity & Access Management Governance Risk & Compliance CloudSupplierManages CloudSupplierManages CustomerManages CustomerManages CustomerManages Shared Responsibility – The New Paradigm Governance, Risk and Compliance, Identity & Access Management and Information & Data Protection will always be the responsibility of the data owner
6Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 With Cloud Services, Identity is literally the Key… Identity Management is always the responsibility of the data owner. This is never shared or outsourced An IDAM Strategy must be in place to reduce potential Cloud Identity security issues Enterprise Identity management reviews and remediation should be undertaken prior to adopting Cloud Services Federation or replication of existing Enterprise Identity’s into the Cloud can introduce a significant risk Many organisations already have extensive issues within their existing Enterprise Identity Management systems
7Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Data and Information Protection Data assets and Information Protection are always the responsibility of the data owner. This is never shared or outsourced Robust automated Security tools and controls must be used to control, monitor and alert over data access, usage, release and destruction Staff Education and Awareness and ongoing guidance is critical to support new ways of secure working The organisations data types, use cases and security risk management approaches must be published in an agreed Data Handling Model (DHM). Organisations must create a Cloud Security Strategy and align their existing IT Security Strategy to this Data Sensitivity Create Store Use ShareArchive Destroy Assure information assets throughout the data Lifecycle
8Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Currently this is a Layered Cake approach... • Still an emergent area in Cloud Services • Demonstrating Cloud Service Provider compliance is still a challenge for regulated industries • SOC, SIEM, GRC Integration is challenging • Poor Platform integration (generic API’s etc) • Cloud Service Provider Logs and reports • Generally individually tailored Governance, Risk & Compliance Governance Risk and Compliance is always the responsibility of the data owner. This is never shared or outsourced. Additional security controls and services may be required to demonstrate assurance over and above that supplied by the Cloud Service Provider
9Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Enforcing Security across the Enterprise and Cloud Design security in from the outset: • AD remediation prior to Migration/Federation • Network design and connectivity • Secure Apps design and Testing • Managed Platform and Tennant Configurations • Virtual Firewalls, Micro-Segmentation, IRM, DLP, etc • No Loss Encryption, HSM’s, Tokenisation, etc • Cloud Access Security Brokers (CASB) • API monitoring, regulation and control • Shadow IT & Cloud Discovery Enterprises have Gateway security Services … Cloud based services don’t.. Automated Security tools and controls must be used to protect, control and alert on data usage Business Use Cases - design supportive security around current and projected business needs Cloud Access Security Broker Cloud Apps Protected Cloud traffic Cloud traffic logs Cloud Discovery App connectors Your organization from any location Firewalls Proxies API
10Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Cloud Security Transformation
11Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Cloud Security Transformation Lifecycle ProcurePrepare Operate & Monitor Transform & Recycle Implement & Orchestrate CCSRMCSRM • Oversight and Management • Service Management • Supplier Management • High Level Architecture • Low Level Architecture • Technical Implementation • Testing & Integration • Contract Review • Technology Gap Analysis • SLA negotiation • Scaling Plan • Cloud Security Reference Model • Security Strategy • Risk Assessment • Control Framework • Technology Roadmap •Whitespot Analysis •Framing & Vendor Selection •Value Prototype Cloud Security Transformation to the Cloud is the same for every company but with different starting points and ambition levels
12Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 The Cloud Security Reference Model (CSRM) Our CSRM identifies 14 key information security control domains that are Essential to ensuring that cloud services are consumed and managed in a secure manner. Governance Risk & Compliance Company Security BaselineCloud Service Provider Security Baseline Cloud Security Baseline Responsive Security Management Secure Application Development Identity & Access Management Threat & Vulnerability Management Information & Data Protection Security Monitoring Services Cloud Supplier Management Change Management Secure Development Security Testing IR & Crisis Management Disaster Recovery & BCM Legal & Electronic Discovery Training & Awareness
13Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Prepare Define Customer Security Baseline Define CSP Security Baseline Define new Cloud Security Baseline for the service(s)  Review:  Security strategy  Information Protection requirements  Current compliance regime  Create:  Revised Cloud Security Strategy  Data classification and asset inventory  High Level Target Architecture  Risk Register and align Control frameworks  Security Capabilities Catalogue  Review:  CSP Platform Infrastructure security  Physical and environmental security  Security incident procedures & plans : Contingency planning and disaster recovery policies and procedures, etc  Security of data storage, transmission, residency and audit controls  Gap Assessment  CSP v’s Customer Baseline  Create New:  Security Reference Model  Cloud Security Strategy  Risk Assessment model  Control Framework  Data Handling Model  Cloud Security Target Operating Model  Technology Roadmap
14 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Procure Depth of analysis and alignment to enable Leadership decisions White Spot Analysis IT driven research  Identifies and evaluates leading security solutions  Long-list to shortlist  Output: IT target application recommendation. Framing  Vendor driven functional demonstrations  Engages business stakeholders to assess solution fit  Develops initial view of roll out options & value  3 short-listed solutions  Output: Aligned business and IT recommendation Value Prototyping  Business driven validation  Based on Business, IT and program proof points  Involves a working prototype showcasing real customer scenarios and data  Confirms program strategy and business case  1 solution  Output: Aligned business and IT decision with Executive sign off
15 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Implement & Orchestrate  Identify Shadow IT cloud services  Evaluate and select cloud services that meet security and compliance requirements using a registry of cloud services and their security controls  Protect enterprise data in the cloud by preventing certain types of sensitive data from being uploaded, and encrypting and tokenizing data  Identify threats, malware, viruses and potential misuse of cloud services  Enforce and monitor Enterprise GRC policies and practices in cloud services  Enforce differing levels of data access, Apps utilisation and cloud service functionality based on the user, the user’s device, location, and operating system Enterprise SaaS IaaSManaged Security Provider (MSP) Ensuring visibility Data Security Regulatory & policy compliance Threat protection
16 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Operate & Monitor  A centralised view of all cloud services is best practice, providing a single pane of glass to manage and monitor service delivery against business need and defined security requirements  Visibility is key to deal with evolving threats and maintaining control  Enterprise wide security must be kept, irrespective of Cloud provider, service or application  The security operation and monitoring aspects must also be flexible enough to adapt in an agile and extensible way to support business need.  e.g. use of pre-defined “templated” cloud security controls that can be implemented at short notice to respond to recognised or potential business use-cases Operating in the Cloud brings the need to control and monitor the various Cloud service providers and applications:
17 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Transform & Recycle  Sun setting of end-of-life applications which are unsecure or no longer meet the business needs  Sun setting of security applications or services which do not meet security objectives or do not deliver sufficient protection  Identification of next generation solutions which will improve cloud security  Update and reuse of effective standards and practices  Compliance with legal data retention requirements – both in current and successor cloud offerings  Secure migration of services to new cloud offerings  Secure migration/deletion/archiving of data retained in existing or legacy cloud services  Update, reuse and integration of effective supporting security services (e.g. CASB) Transformation and migration to new applications and platforms requires:
18 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Lessons Learned Understand the changed risks landscape1 Rethink your existing Security Strategy to address this and shared responsibility model with the Cloud Security Provider (CSP) 2 Align disparate security initiatives under one uniform Information Security Strategy3 Align the revised Information Security Strategy with the overall Cloud Strategy of the organization4 Build the Cloud Security Target Operating Model5 Plan for change with a Cloud Security Transformation Roadmap6 Procure and implement appropriate technical controls7 Monitor, Manage, Revise and maintain…8
19 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Cloud Services Security is Possible! Any Questions?
20Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Contact information Andy Powell Head of Cybersecurity BD/Sales UK andy.powell@capgemini.com Doug Davidson Head of Cloud Security Offers & UK Cyber Security CTO doug.davidson@capgemini.com Partnership House Hollingswood road Central park Telford TF29TZ Insert contact picture Insert contact picture

Recommended

The (R)evolution of Predictive Operations & Maintenance
The (R)evolution of Predictive Operations & MaintenanceThe (R)evolution of Predictive Operations & Maintenance
The (R)evolution of Predictive Operations & MaintenanceCapgemini
 
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCapgemini
 
Top Ten Trends in Insurance 2017
Top Ten Trends in Insurance 2017Top Ten Trends in Insurance 2017
Top Ten Trends in Insurance 2017Capgemini
 
Banking Trends for 2016
Banking Trends for 2016Banking Trends for 2016
Banking Trends for 2016Capgemini
 
Breaking Bad Data: The Journey to Data-fuelled Digital Transformation
Breaking Bad Data: The Journey to Data-fuelled Digital TransformationBreaking Bad Data: The Journey to Data-fuelled Digital Transformation
Breaking Bad Data: The Journey to Data-fuelled Digital TransformationCapgemini
 
Top-10 Trends in Property & Casualty Insurance: 2018
Top-10 Trends in Property & Casualty Insurance: 2018Top-10 Trends in Property & Casualty Insurance: 2018
Top-10 Trends in Property & Casualty Insurance: 2018Capgemini
 
Applied Innovation for the Unorganization
Applied Innovation for the UnorganizationApplied Innovation for the Unorganization
Applied Innovation for the UnorganizationCapgemini
 
Digital Transformation Trends in Insurance
Digital Transformation Trends in InsuranceDigital Transformation Trends in Insurance
Digital Transformation Trends in InsuranceInformation Services Group (ISG)
 

Recommended

The (R)evolution of Predictive Operations & Maintenance
The (R)evolution of Predictive Operations & MaintenanceThe (R)evolution of Predictive Operations & Maintenance
The (R)evolution of Predictive Operations & MaintenanceCapgemini
 
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCapgemini
 
Top Ten Trends in Insurance 2017
Top Ten Trends in Insurance 2017Top Ten Trends in Insurance 2017
Top Ten Trends in Insurance 2017Capgemini
 
Banking Trends for 2016
Banking Trends for 2016Banking Trends for 2016
Banking Trends for 2016Capgemini
 
Breaking Bad Data: The Journey to Data-fuelled Digital Transformation
Breaking Bad Data: The Journey to Data-fuelled Digital TransformationBreaking Bad Data: The Journey to Data-fuelled Digital Transformation
Breaking Bad Data: The Journey to Data-fuelled Digital TransformationCapgemini
 
Top-10 Trends in Property & Casualty Insurance: 2018
Top-10 Trends in Property & Casualty Insurance: 2018Top-10 Trends in Property & Casualty Insurance: 2018
Top-10 Trends in Property & Casualty Insurance: 2018Capgemini
 
Applied Innovation for the Unorganization
Applied Innovation for the UnorganizationApplied Innovation for the Unorganization
Applied Innovation for the UnorganizationCapgemini
 
Digital Transformation Trends in Insurance
Digital Transformation Trends in InsuranceDigital Transformation Trends in Insurance
Digital Transformation Trends in InsuranceInformation Services Group (ISG)
 
Data Center of the Future: Designing a modernized, high performance computing...
Data Center of the Future: Designing a modernized, high performance computing...Data Center of the Future: Designing a modernized, high performance computing...
Data Center of the Future: Designing a modernized, high performance computing...Capgemini
 
A new era for the chemicals industry: Cloud computing changes the game
A new era for the chemicals industry: Cloud computing changes the gameA new era for the chemicals industry: Cloud computing changes the game
A new era for the chemicals industry: Cloud computing changes the gameaccenture
 
Machine Learning in Banking
Machine Learning in BankingMachine Learning in Banking
Machine Learning in Bankingaccenture
 
Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?
Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?
Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?Capgemini
 
Fabrizio Biscotti Gartner - SMAU Milano 2017
Fabrizio Biscotti Gartner - SMAU Milano 2017Fabrizio Biscotti Gartner - SMAU Milano 2017
Fabrizio Biscotti Gartner - SMAU Milano 2017SMAU
 
Intelligent Enterprise Unleashed
Intelligent Enterprise UnleashedIntelligent Enterprise Unleashed
Intelligent Enterprise Unleashedaccenture
 
CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...
CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...
CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...Capgemini
 
Top Ten Trends in Capital Markets 2017
Top Ten Trends in Capital Markets 2017Top Ten Trends in Capital Markets 2017
Top Ten Trends in Capital Markets 2017Capgemini
 
Overcoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to CloudOvercoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to CloudTrustmarque
 
ICGEB adopts UNiversePath on Microsoft Azure
ICGEB adopts UNiversePath on Microsoft AzureICGEB adopts UNiversePath on Microsoft Azure
ICGEB adopts UNiversePath on Microsoft AzureCapgemini
 
Accenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber ResilienceAccenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber Resilienceaccenture
 
The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...
The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...
The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...accenture
 
Back Office Transformation | Accenture
Back Office Transformation | AccentureBack Office Transformation | Accenture
Back Office Transformation | Accentureaccenture
 
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini
 
Double the profits through digital transformation - digital insurance in Africa
Double the profits through digital transformation - digital insurance in AfricaDouble the profits through digital transformation - digital insurance in Africa
Double the profits through digital transformation - digital insurance in AfricaThe Digital Insurer
 
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...Capgemini
 
Pensions on the Blockchain
Pensions on the BlockchainPensions on the Blockchain
Pensions on the Blockchainaccenture
 
The Digital Shift in Financial Services
The Digital Shift in Financial ServicesThe Digital Shift in Financial Services
The Digital Shift in Financial ServicesTrustmarque
 
Big Data: Real-life Examples of Business Value Generation
Big Data: Real-life Examples of Business Value GenerationBig Data: Real-life Examples of Business Value Generation
Big Data: Real-life Examples of Business Value GenerationCapgemini
 
Redefining Public Sector Finance in a Digital World
Redefining Public Sector Finance in a Digital WorldRedefining Public Sector Finance in a Digital World
Redefining Public Sector Finance in a Digital Worldaccenture
 
Top Ten Trends in Wealth Management 2017
Top Ten Trends in Wealth Management 2017Top Ten Trends in Wealth Management 2017
Top Ten Trends in Wealth Management 2017Capgemini
 
UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017Phil Wilkins
 

More Related Content

What's hot

Data Center of the Future: Designing a modernized, high performance computing...
Data Center of the Future: Designing a modernized, high performance computing...Data Center of the Future: Designing a modernized, high performance computing...
Data Center of the Future: Designing a modernized, high performance computing...Capgemini
 
A new era for the chemicals industry: Cloud computing changes the game
A new era for the chemicals industry: Cloud computing changes the gameA new era for the chemicals industry: Cloud computing changes the game
A new era for the chemicals industry: Cloud computing changes the gameaccenture
 
Machine Learning in Banking
Machine Learning in BankingMachine Learning in Banking
Machine Learning in Bankingaccenture
 
Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?
Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?
Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?Capgemini
 
Fabrizio Biscotti Gartner - SMAU Milano 2017
Fabrizio Biscotti Gartner - SMAU Milano 2017Fabrizio Biscotti Gartner - SMAU Milano 2017
Fabrizio Biscotti Gartner - SMAU Milano 2017SMAU
 
Intelligent Enterprise Unleashed
Intelligent Enterprise UnleashedIntelligent Enterprise Unleashed
Intelligent Enterprise Unleashedaccenture
 
CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...
CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...
CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...Capgemini
 
Top Ten Trends in Capital Markets 2017
Top Ten Trends in Capital Markets 2017Top Ten Trends in Capital Markets 2017
Top Ten Trends in Capital Markets 2017Capgemini
 
Overcoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to CloudOvercoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to CloudTrustmarque
 
ICGEB adopts UNiversePath on Microsoft Azure
ICGEB adopts UNiversePath on Microsoft AzureICGEB adopts UNiversePath on Microsoft Azure
ICGEB adopts UNiversePath on Microsoft AzureCapgemini
 
Accenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber ResilienceAccenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber Resilienceaccenture
 
The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...
The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...
The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...accenture
 
Back Office Transformation | Accenture
Back Office Transformation | AccentureBack Office Transformation | Accenture
Back Office Transformation | Accentureaccenture
 
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini
 
Double the profits through digital transformation - digital insurance in Africa
Double the profits through digital transformation - digital insurance in AfricaDouble the profits through digital transformation - digital insurance in Africa
Double the profits through digital transformation - digital insurance in AfricaThe Digital Insurer
 
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...Capgemini
 
Pensions on the Blockchain
Pensions on the BlockchainPensions on the Blockchain
Pensions on the Blockchainaccenture
 
The Digital Shift in Financial Services
The Digital Shift in Financial ServicesThe Digital Shift in Financial Services
The Digital Shift in Financial ServicesTrustmarque
 
Big Data: Real-life Examples of Business Value Generation
Big Data: Real-life Examples of Business Value GenerationBig Data: Real-life Examples of Business Value Generation
Big Data: Real-life Examples of Business Value GenerationCapgemini
 
Redefining Public Sector Finance in a Digital World
Redefining Public Sector Finance in a Digital WorldRedefining Public Sector Finance in a Digital World
Redefining Public Sector Finance in a Digital Worldaccenture
 

What's hot (20)

Data Center of the Future: Designing a modernized, high performance computing...
Data Center of the Future: Designing a modernized, high performance computing...Data Center of the Future: Designing a modernized, high performance computing...
Data Center of the Future: Designing a modernized, high performance computing...
 
A new era for the chemicals industry: Cloud computing changes the game
A new era for the chemicals industry: Cloud computing changes the gameA new era for the chemicals industry: Cloud computing changes the game
A new era for the chemicals industry: Cloud computing changes the game
 
Machine Learning in Banking
Machine Learning in BankingMachine Learning in Banking
Machine Learning in Banking
 
Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?
Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?
Failing and Failing Fast in AppDev – How Do We Keep up in AppSec?
 
Fabrizio Biscotti Gartner - SMAU Milano 2017
Fabrizio Biscotti Gartner - SMAU Milano 2017Fabrizio Biscotti Gartner - SMAU Milano 2017
Fabrizio Biscotti Gartner - SMAU Milano 2017
 
Intelligent Enterprise Unleashed
Intelligent Enterprise UnleashedIntelligent Enterprise Unleashed
Intelligent Enterprise Unleashed
 
CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...
CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...
CWIN17 san francisco-blockchain three ways to prevent it from failing in the ...
 
Top Ten Trends in Capital Markets 2017
Top Ten Trends in Capital Markets 2017Top Ten Trends in Capital Markets 2017
Top Ten Trends in Capital Markets 2017
 
Overcoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to CloudOvercoming Operational & Financial Barriers to Cloud
Overcoming Operational & Financial Barriers to Cloud
 
ICGEB adopts UNiversePath on Microsoft Azure
ICGEB adopts UNiversePath on Microsoft AzureICGEB adopts UNiversePath on Microsoft Azure
ICGEB adopts UNiversePath on Microsoft Azure
 
Accenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber ResilienceAccenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber Resilience
 
The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...
The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...
The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...
 
Back Office Transformation | Accenture
Back Office Transformation | AccentureBack Office Transformation | Accenture
Back Office Transformation | Accenture
 
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
 
Double the profits through digital transformation - digital insurance in Africa
Double the profits through digital transformation - digital insurance in AfricaDouble the profits through digital transformation - digital insurance in Africa
Double the profits through digital transformation - digital insurance in Africa
 
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
 
Pensions on the Blockchain
Pensions on the BlockchainPensions on the Blockchain
Pensions on the Blockchain
 
The Digital Shift in Financial Services
The Digital Shift in Financial ServicesThe Digital Shift in Financial Services
The Digital Shift in Financial Services
 
Big Data: Real-life Examples of Business Value Generation
Big Data: Real-life Examples of Business Value GenerationBig Data: Real-life Examples of Business Value Generation
Big Data: Real-life Examples of Business Value Generation
 
Redefining Public Sector Finance in a Digital World
Redefining Public Sector Finance in a Digital WorldRedefining Public Sector Finance in a Digital World
Redefining Public Sector Finance in a Digital World
 

Viewers also liked

Top Ten Trends in Wealth Management 2017
Top Ten Trends in Wealth Management 2017Top Ten Trends in Wealth Management 2017
Top Ten Trends in Wealth Management 2017Capgemini
 
UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017Phil Wilkins
 
Lessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journeyLessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journeyHardway Hou
 
Journey to the cloud
Journey to the cloudJourney to the cloud
Journey to the cloudChris Avis
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudTrend Micro (EMEA) Limited
 
soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...Fawaz Fernand PARAISO
 
Agile - Transforming Small Team Thinking Into Big Business Results
Agile - Transforming Small Team Thinking Into Big Business ResultsAgile - Transforming Small Team Thinking Into Big Business Results
Agile - Transforming Small Team Thinking Into Big Business ResultsKurt Solarte
 
Cloud,beyond the hype, looking at the journey to Cloud
Cloud,beyond the hype, looking at the journey to CloudCloud,beyond the hype, looking at the journey to Cloud
Cloud,beyond the hype, looking at the journey to CloudChristian Verstraete
 
Philip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begunPhilip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begunSecurity Bootcamp
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingJohn D. Johnson
 
Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...PRISMACLOUD Project
 
Software Association of Oregon Cloud Computing Presentation
Software Association of Oregon Cloud Computing PresentationSoftware Association of Oregon Cloud Computing Presentation
Software Association of Oregon Cloud Computing Presentationddcarr
 
The Journey to Becoming Cloud Native – A Three Step Path to Modernizing Appli...
The Journey to Becoming Cloud Native – A Three Step Path to Modernizing Appli...The Journey to Becoming Cloud Native – A Three Step Path to Modernizing Appli...
The Journey to Becoming Cloud Native – A Three Step Path to Modernizing Appli...VMware Tanzu
 
Journey to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or OpportunityJourney to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or OpportunityCapgemini
 
Dimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real ExamplesDimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real Examplesitnewsafrica
 
Physical Security Domain
Physical Security DomainPhysical Security Domain
Physical Security Domainamiable_indian
 
Chela stress test
Chela stress testChela stress test
Chela stress testsuperserch
 

Viewers also liked (20)

Top Ten Trends in Wealth Management 2017
Top Ten Trends in Wealth Management 2017Top Ten Trends in Wealth Management 2017
Top Ten Trends in Wealth Management 2017
 
UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017
 
Lessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journeyLessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journey
 
Journey to the cloud
Journey to the cloudJourney to the cloud
Journey to the cloud
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the Cloud
 
soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...
 
Adopting Agile Testing
Adopting Agile TestingAdopting Agile Testing
Adopting Agile Testing
 
Agile - Transforming Small Team Thinking Into Big Business Results
Agile - Transforming Small Team Thinking Into Big Business ResultsAgile - Transforming Small Team Thinking Into Big Business Results
Agile - Transforming Small Team Thinking Into Big Business Results
 
Standing on the clouds
Standing on the cloudsStanding on the clouds
Standing on the clouds
 
Cloud,beyond the hype, looking at the journey to Cloud
Cloud,beyond the hype, looking at the journey to CloudCloud,beyond the hype, looking at the journey to Cloud
Cloud,beyond the hype, looking at the journey to Cloud
 
Philip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begunPhilip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begun
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud Computing
 
Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...
 
Software Association of Oregon Cloud Computing Presentation
Software Association of Oregon Cloud Computing PresentationSoftware Association of Oregon Cloud Computing Presentation
Software Association of Oregon Cloud Computing Presentation
 
The Journey to Becoming Cloud Native – A Three Step Path to Modernizing Appli...
The Journey to Becoming Cloud Native – A Three Step Path to Modernizing Appli...The Journey to Becoming Cloud Native – A Three Step Path to Modernizing Appli...
The Journey to Becoming Cloud Native – A Three Step Path to Modernizing Appli...
 
Journey to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or OpportunityJourney to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or Opportunity
 
Dimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real ExamplesDimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real Examples
 
DDS Security
DDS SecurityDDS Security
DDS Security
 
Physical Security Domain
Physical Security DomainPhysical Security Domain
Physical Security Domain
 
Chela stress test
Chela stress testChela stress test
Chela stress test
 

Similar to Security: Enabling the Journey to the Cloud

Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloudpatmisasi
 
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...Amazon Web Services
 
2014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v012014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v01promediakw
 
Itmgen 4317 security
Itmgen 4317 securityItmgen 4317 security
Itmgen 4317 securityCisco
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxinfosec train
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxBabatundeAbioye2
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingPhil Agcaoili
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxInfosectrain3
 
Top Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxTop Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxSaadZaman23
 
Larry Whiteside - Optiv Cloud ready or steam rolled csa version
Larry Whiteside - Optiv Cloud ready or steam rolled csa versionLarry Whiteside - Optiv Cloud ready or steam rolled csa version
Larry Whiteside - Optiv Cloud ready or steam rolled csa versionTrish McGinity, CCSK
 
Evolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesEvolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesHugo Rodrigues
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceKeith Purves
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PiecePaul Richards
 
Zero trust strategy: cloud security by design
Zero trust strategy: cloud security by designZero trust strategy: cloud security by design
Zero trust strategy: cloud security by designaccenture
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Cloud Security By Dr. Anton Ravindran
Cloud Security By Dr. Anton RavindranCloud Security By Dr. Anton Ravindran
Cloud Security By Dr. Anton RavindranGSTF
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Carry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitCarry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitAmazon Web Services
 
Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2jeffirby
 

Similar to Security: Enabling the Journey to the Cloud (20)

Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloud
 
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
 
2014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v012014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v01
 
Itmgen 4317 security
Itmgen 4317 securityItmgen 4317 security
Itmgen 4317 security
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptx
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptx
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter Meeting
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptx
 
Top Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxTop Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptx
 
Larry Whiteside - Optiv Cloud ready or steam rolled csa version
Larry Whiteside - Optiv Cloud ready or steam rolled csa versionLarry Whiteside - Optiv Cloud ready or steam rolled csa version
Larry Whiteside - Optiv Cloud ready or steam rolled csa version
 
Evolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesEvolution security controls towards Cloud Services
Evolution security controls towards Cloud Services
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_Piece
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_Piece
 
Zero trust strategy: cloud security by design
Zero trust strategy: cloud security by designZero trust strategy: cloud security by design
Zero trust strategy: cloud security by design
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
Cloud Security By Dr. Anton Ravindran
Cloud Security By Dr. Anton RavindranCloud Security By Dr. Anton Ravindran
Cloud Security By Dr. Anton Ravindran
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Carry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitCarry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS Summit
 
Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2
 

More from Capgemini

Top Healthcare Trends 2022
Top Healthcare Trends 2022Top Healthcare Trends 2022
Top Healthcare Trends 2022Capgemini
 
Top P&C Insurance Trends 2022
Top P&C Insurance Trends 2022Top P&C Insurance Trends 2022
Top P&C Insurance Trends 2022Capgemini
 
Commercial Banking Trends book 2022
Commercial Banking Trends book 2022Commercial Banking Trends book 2022
Commercial Banking Trends book 2022Capgemini
 
Top Trends in Payments 2022
Top Trends in Payments 2022Top Trends in Payments 2022
Top Trends in Payments 2022Capgemini
 
Top Trends in Wealth Management 2022
Top Trends in Wealth Management 2022Top Trends in Wealth Management 2022
Top Trends in Wealth Management 2022Capgemini
 
Retail Banking Trends book 2022
Retail Banking Trends book 2022Retail Banking Trends book 2022
Retail Banking Trends book 2022Capgemini
 
Top Life Insurance Trends 2022
Top Life Insurance Trends 2022Top Life Insurance Trends 2022
Top Life Insurance Trends 2022Capgemini
 
キャップジェミニ、あなたの『RISE WITH SAP』のパートナーです
キャップジェミニ、あなたの『RISE WITH SAP』のパートナーですキャップジェミニ、あなたの『RISE WITH SAP』のパートナーです
キャップジェミニ、あなたの『RISE WITH SAP』のパートナーですCapgemini
 
Property & Casualty Insurance Top Trends 2021
Property & Casualty Insurance Top Trends 2021Property & Casualty Insurance Top Trends 2021
Property & Casualty Insurance Top Trends 2021Capgemini
 
Life Insurance Top Trends 2021
Life Insurance Top Trends 2021Life Insurance Top Trends 2021
Life Insurance Top Trends 2021Capgemini
 
Top Trends in Commercial Banking: 2021
Top Trends in Commercial Banking: 2021Top Trends in Commercial Banking: 2021
Top Trends in Commercial Banking: 2021Capgemini
 
Top Trends in Wealth Management: 2021
Top Trends in Wealth Management: 2021Top Trends in Wealth Management: 2021
Top Trends in Wealth Management: 2021Capgemini
 
Top Trends in Payments: 2021
Top Trends in Payments: 2021Top Trends in Payments: 2021
Top Trends in Payments: 2021Capgemini
 
Health Insurance Top Trends 2021
Health Insurance Top Trends 2021Health Insurance Top Trends 2021
Health Insurance Top Trends 2021Capgemini
 
Top Trends in Retail Banking: 2021
Top Trends in Retail Banking: 2021Top Trends in Retail Banking: 2021
Top Trends in Retail Banking: 2021Capgemini
 
Capgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous PlanningCapgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous PlanningCapgemini
 
Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020Capgemini
 
Top Trends in Life Insurance: 2020
Top Trends in Life Insurance: 2020Top Trends in Life Insurance: 2020
Top Trends in Life Insurance: 2020Capgemini
 
Top Trends in Health Insurance: 2020
Top Trends in Health Insurance: 2020Top Trends in Health Insurance: 2020
Top Trends in Health Insurance: 2020Capgemini
 
Top Trends in Payments: 2020
Top Trends in Payments: 2020Top Trends in Payments: 2020
Top Trends in Payments: 2020Capgemini
 

More from Capgemini (20)

Top Healthcare Trends 2022
Top Healthcare Trends 2022Top Healthcare Trends 2022
Top Healthcare Trends 2022
 
Top P&C Insurance Trends 2022
Top P&C Insurance Trends 2022Top P&C Insurance Trends 2022
Top P&C Insurance Trends 2022
 
Commercial Banking Trends book 2022
Commercial Banking Trends book 2022Commercial Banking Trends book 2022
Commercial Banking Trends book 2022
 
Top Trends in Payments 2022
Top Trends in Payments 2022Top Trends in Payments 2022
Top Trends in Payments 2022
 
Top Trends in Wealth Management 2022
Top Trends in Wealth Management 2022Top Trends in Wealth Management 2022
Top Trends in Wealth Management 2022
 
Retail Banking Trends book 2022
Retail Banking Trends book 2022Retail Banking Trends book 2022
Retail Banking Trends book 2022
 
Top Life Insurance Trends 2022
Top Life Insurance Trends 2022Top Life Insurance Trends 2022
Top Life Insurance Trends 2022
 
キャップジェミニ、あなたの『RISE WITH SAP』のパートナーです
キャップジェミニ、あなたの『RISE WITH SAP』のパートナーですキャップジェミニ、あなたの『RISE WITH SAP』のパートナーです
キャップジェミニ、あなたの『RISE WITH SAP』のパートナーです
 
Property & Casualty Insurance Top Trends 2021
Property & Casualty Insurance Top Trends 2021Property & Casualty Insurance Top Trends 2021
Property & Casualty Insurance Top Trends 2021
 
Life Insurance Top Trends 2021
Life Insurance Top Trends 2021Life Insurance Top Trends 2021
Life Insurance Top Trends 2021
 
Top Trends in Commercial Banking: 2021
Top Trends in Commercial Banking: 2021Top Trends in Commercial Banking: 2021
Top Trends in Commercial Banking: 2021
 
Top Trends in Wealth Management: 2021
Top Trends in Wealth Management: 2021Top Trends in Wealth Management: 2021
Top Trends in Wealth Management: 2021
 
Top Trends in Payments: 2021
Top Trends in Payments: 2021Top Trends in Payments: 2021
Top Trends in Payments: 2021
 
Health Insurance Top Trends 2021
Health Insurance Top Trends 2021Health Insurance Top Trends 2021
Health Insurance Top Trends 2021
 
Top Trends in Retail Banking: 2021
Top Trends in Retail Banking: 2021Top Trends in Retail Banking: 2021
Top Trends in Retail Banking: 2021
 
Capgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous PlanningCapgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous Planning
 
Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020
 
Top Trends in Life Insurance: 2020
Top Trends in Life Insurance: 2020Top Trends in Life Insurance: 2020
Top Trends in Life Insurance: 2020
 
Top Trends in Health Insurance: 2020
Top Trends in Health Insurance: 2020Top Trends in Health Insurance: 2020
Top Trends in Health Insurance: 2020
 
Top Trends in Payments: 2020
Top Trends in Payments: 2020Top Trends in Payments: 2020
Top Trends in Payments: 2020
 

Recently uploaded

Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Escort Service
 
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSebastiano Panichella
 
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxmavinoikein
 
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.KathleenAnnCordero2
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Krijn Poppe
 
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxAnne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxnoorehahmad
 
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxGenshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxJohnree4
 
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxmiladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxCarrieButtitta
 
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSimulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSebastiano Panichella
 
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringThe 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringSebastiano Panichella
 
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxChizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxogubuikealex
 
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power
 
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...marjmae69
 
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comSaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comsaastr
 
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRachelAnnTenibroAmaz
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxaryanv1753
 
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationThe Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationNathan Young
 
Quality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEMQuality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEMCharmi13
 
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...Henrik Hanke
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRsarwankumar4524
 

Recently uploaded (20)

Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170
 
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation Track
 
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptx
 
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
 
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxAnne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
 
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxGenshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptx
 
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxmiladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptx
 
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSimulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
 
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringThe 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software Engineering
 
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxChizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptx
 
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
 
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
 
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comSaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
 
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptx
 
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationThe Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism Presentation
 
Quality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEMQuality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEM
 
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
 

Security: Enabling the Journey to the Cloud

  • 1. 1Copyright © 2016 Capgemini and Sogeti – Internal use only. All Rights Reserved. Security: Enabling the Journey to the Cloud Andy Powell VP UK Cybersecurity - Capgemini Doug Davidson UK CTO for Cybersecurity- Capgemini
  • 2. 2Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Agenda  Cloud Security Overview  Cloud Security Challenges  Cloud Security Transformation  Lessons and takeaways  Q&A
  • 3. 3Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Countering the Threat – ‘a truly Medieval Approach’ …with Cloud Services, where’s the perimeter now? Once we knew where the Enterprise boundary was...
  • 4. 4Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Adopting cloud requires an organization to rethink security to effectively safeguard assets and data  Leasing computing power in the cloud, sharing the security responsibility with CSPs  Utilising an ecosystem of cloud security solution providers  No customization of solutions, shift to informed selection upfront  Control moved to the business users (end-point devices) and partners (servers)  Identity and Access Management in the Cloud (IDaaS) as key control and business enabler for organisations  Focus on Shared Responsibility and holistic risk management to prioritise mitigation actions  Cloud aligned policies and procedures aligned with the shared responsibility model Traditional Enterprise IT Cloud  Building and maintaining IT and Security capabilities in-house  Working with a selective group IT and Security suppliers  In house developed systems or far reaching customisation of commercial packages  IT having direct control on all assets, data and devices  Identity and Access Management as one of the control elements in the Security Managers toolkit  Focus on vulnerability and patch management from a product perspective  Policies and procedures tailored to an in-house IT landscape Hybridised Enterprise/Cloud services will be here for some time to come..
  • 5. 5Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 CloudSupplierManages CustomerManages Applications Data Virtualization Runtime Middleware O/S Servers Storage Networking Applications Data Virtualization Runtime Middleware O/S Servers Storage Networking Applications Data Virtualization Runtime Middleware O/S Servers Storage Networking Applications Data Virtualization Runtime Middleware O/S Servers Storage Networking On-Premises Infrastructure (as a Service) Platform (as a Service) Software (as a Service) Information and Data Protection Identity & Access Management Governance Risk & Compliance Information and Data Protection Identity & Access Management Governance Risk & Compliance Information and Data Protection Identity & Access Management Governance Risk & Compliance Information and Data Protection Identity & Access Management Governance Risk & Compliance CloudSupplierManages CloudSupplierManages CustomerManages CustomerManages CustomerManages Shared Responsibility – The New Paradigm Governance, Risk and Compliance, Identity & Access Management and Information & Data Protection will always be the responsibility of the data owner
  • 6. 6Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 With Cloud Services, Identity is literally the Key… Identity Management is always the responsibility of the data owner. This is never shared or outsourced An IDAM Strategy must be in place to reduce potential Cloud Identity security issues Enterprise Identity management reviews and remediation should be undertaken prior to adopting Cloud Services Federation or replication of existing Enterprise Identity’s into the Cloud can introduce a significant risk Many organisations already have extensive issues within their existing Enterprise Identity Management systems
  • 7. 7Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Data and Information Protection Data assets and Information Protection are always the responsibility of the data owner. This is never shared or outsourced Robust automated Security tools and controls must be used to control, monitor and alert over data access, usage, release and destruction Staff Education and Awareness and ongoing guidance is critical to support new ways of secure working The organisations data types, use cases and security risk management approaches must be published in an agreed Data Handling Model (DHM). Organisations must create a Cloud Security Strategy and align their existing IT Security Strategy to this Data Sensitivity Create Store Use ShareArchive Destroy Assure information assets throughout the data Lifecycle
  • 8. 8Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Currently this is a Layered Cake approach... • Still an emergent area in Cloud Services • Demonstrating Cloud Service Provider compliance is still a challenge for regulated industries • SOC, SIEM, GRC Integration is challenging • Poor Platform integration (generic API’s etc) • Cloud Service Provider Logs and reports • Generally individually tailored Governance, Risk & Compliance Governance Risk and Compliance is always the responsibility of the data owner. This is never shared or outsourced. Additional security controls and services may be required to demonstrate assurance over and above that supplied by the Cloud Service Provider
  • 9. 9Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Enforcing Security across the Enterprise and Cloud Design security in from the outset: • AD remediation prior to Migration/Federation • Network design and connectivity • Secure Apps design and Testing • Managed Platform and Tennant Configurations • Virtual Firewalls, Micro-Segmentation, IRM, DLP, etc • No Loss Encryption, HSM’s, Tokenisation, etc • Cloud Access Security Brokers (CASB) • API monitoring, regulation and control • Shadow IT & Cloud Discovery Enterprises have Gateway security Services … Cloud based services don’t.. Automated Security tools and controls must be used to protect, control and alert on data usage Business Use Cases - design supportive security around current and projected business needs Cloud Access Security Broker Cloud Apps Protected Cloud traffic Cloud traffic logs Cloud Discovery App connectors Your organization from any location Firewalls Proxies API
  • 10. 10Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Cloud Security Transformation
  • 11. 11Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Cloud Security Transformation Lifecycle ProcurePrepare Operate & Monitor Transform & Recycle Implement & Orchestrate CCSRMCSRM • Oversight and Management • Service Management • Supplier Management • High Level Architecture • Low Level Architecture • Technical Implementation • Testing & Integration • Contract Review • Technology Gap Analysis • SLA negotiation • Scaling Plan • Cloud Security Reference Model • Security Strategy • Risk Assessment • Control Framework • Technology Roadmap •Whitespot Analysis •Framing & Vendor Selection •Value Prototype Cloud Security Transformation to the Cloud is the same for every company but with different starting points and ambition levels
  • 12. 12Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 The Cloud Security Reference Model (CSRM) Our CSRM identifies 14 key information security control domains that are Essential to ensuring that cloud services are consumed and managed in a secure manner. Governance Risk & Compliance Company Security BaselineCloud Service Provider Security Baseline Cloud Security Baseline Responsive Security Management Secure Application Development Identity & Access Management Threat & Vulnerability Management Information & Data Protection Security Monitoring Services Cloud Supplier Management Change Management Secure Development Security Testing IR & Crisis Management Disaster Recovery & BCM Legal & Electronic Discovery Training & Awareness
  • 13. 13Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Prepare Define Customer Security Baseline Define CSP Security Baseline Define new Cloud Security Baseline for the service(s)  Review:  Security strategy  Information Protection requirements  Current compliance regime  Create:  Revised Cloud Security Strategy  Data classification and asset inventory  High Level Target Architecture  Risk Register and align Control frameworks  Security Capabilities Catalogue  Review:  CSP Platform Infrastructure security  Physical and environmental security  Security incident procedures & plans : Contingency planning and disaster recovery policies and procedures, etc  Security of data storage, transmission, residency and audit controls  Gap Assessment  CSP v’s Customer Baseline  Create New:  Security Reference Model  Cloud Security Strategy  Risk Assessment model  Control Framework  Data Handling Model  Cloud Security Target Operating Model  Technology Roadmap
  • 14. 14 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Procure Depth of analysis and alignment to enable Leadership decisions White Spot Analysis IT driven research  Identifies and evaluates leading security solutions  Long-list to shortlist  Output: IT target application recommendation. Framing  Vendor driven functional demonstrations  Engages business stakeholders to assess solution fit  Develops initial view of roll out options & value  3 short-listed solutions  Output: Aligned business and IT recommendation Value Prototyping  Business driven validation  Based on Business, IT and program proof points  Involves a working prototype showcasing real customer scenarios and data  Confirms program strategy and business case  1 solution  Output: Aligned business and IT decision with Executive sign off
  • 15. 15 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Implement & Orchestrate  Identify Shadow IT cloud services  Evaluate and select cloud services that meet security and compliance requirements using a registry of cloud services and their security controls  Protect enterprise data in the cloud by preventing certain types of sensitive data from being uploaded, and encrypting and tokenizing data  Identify threats, malware, viruses and potential misuse of cloud services  Enforce and monitor Enterprise GRC policies and practices in cloud services  Enforce differing levels of data access, Apps utilisation and cloud service functionality based on the user, the user’s device, location, and operating system Enterprise SaaS IaaSManaged Security Provider (MSP) Ensuring visibility Data Security Regulatory & policy compliance Threat protection
  • 16. 16 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Operate & Monitor  A centralised view of all cloud services is best practice, providing a single pane of glass to manage and monitor service delivery against business need and defined security requirements  Visibility is key to deal with evolving threats and maintaining control  Enterprise wide security must be kept, irrespective of Cloud provider, service or application  The security operation and monitoring aspects must also be flexible enough to adapt in an agile and extensible way to support business need.  e.g. use of pre-defined “templated” cloud security controls that can be implemented at short notice to respond to recognised or potential business use-cases Operating in the Cloud brings the need to control and monitor the various Cloud service providers and applications:
  • 17. 17 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Transform & Recycle  Sun setting of end-of-life applications which are unsecure or no longer meet the business needs  Sun setting of security applications or services which do not meet security objectives or do not deliver sufficient protection  Identification of next generation solutions which will improve cloud security  Update and reuse of effective standards and practices  Compliance with legal data retention requirements – both in current and successor cloud offerings  Secure migration of services to new cloud offerings  Secure migration/deletion/archiving of data retained in existing or legacy cloud services  Update, reuse and integration of effective supporting security services (e.g. CASB) Transformation and migration to new applications and platforms requires:
  • 18. 18 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Lessons Learned Understand the changed risks landscape1 Rethink your existing Security Strategy to address this and shared responsibility model with the Cloud Security Provider (CSP) 2 Align disparate security initiatives under one uniform Information Security Strategy3 Align the revised Information Security Strategy with the overall Cloud Strategy of the organization4 Build the Cloud Security Target Operating Model5 Plan for change with a Cloud Security Transformation Roadmap6 Procure and implement appropriate technical controls7 Monitor, Manage, Revise and maintain…8
  • 19. 19 Securing the Journey to the Cloud | 2016 Copyright © 2016 Capgemini and Sogeti. All Rights Reserved Cloud Services Security is Possible! Any Questions?
  • 20. 20Copyright © 2016 Capgemini and Sogeti. All Rights Reserved. Securing the Journey to the Cloud | #CWIN16 Sept 2016 Contact information Andy Powell Head of Cybersecurity BD/Sales UK andy.powell@capgemini.com Doug Davidson Head of Cloud Security Offers & UK Cyber Security CTO doug.davidson@capgemini.com Partnership House Hollingswood road Central park Telford TF29TZ Insert contact picture Insert contact picture