This document summarizes a webinar presented by CloudLock on lessons learned from their CyberLab research facility. Some of the key points covered include:
- CloudLock's CyberLab conducts threat intelligence, proactive monitoring, independent research and breach investigations based on data from over 10 million users and 1 billion files.
- Their research found the riskiest industries for cloud security are financial services, healthcare, and technology due to factors like excessive sharing of sensitive data.
- A real world example was presented of a credentials reaping attack at a technology company that compromised 3 users and spread to over 2,500 emails through password recycling and geographic hopping over 2 weeks.
- Recommendations to help prevent these types
2. Continuing Professional Education (CPE) Credits
Claim your CPE credit for attending this webinar
https://www.isc2.org/
For more information or questions please contact us
info@cloudlock.com
2
6. CloudLock CyberLab
Based in Tel-Aviv,
CyberLab is
CloudLock’s formal
cybersecurity
research facility.
CyberLab Leverages
CloudLock’s unique
background from
Israeli and U.S.
Intelligence
communities
6
11. Attack Surface is Increasing While Cloud Usage is Exploding
111111
10x
Files Stored in Public
Cloud Apps increase in
1 Year
52,000
Third-Party App Installs
by Privileged &
Administrative Users
4,000
per organization contain
usernames and passwords
exposed files
18. Riskiest Industries in the Cloud: Where Do You Stand?
Concerned with Excessive Sharing Concerned with Password Protection
18
19. Riskiest Industries in the Cloud: Where Do You Stand?
Concerned with PII Concerned with PCI
19
20. Riskiest Industries in the Cloud: Where Do You Stand?
Public Exposures Caused by 1% of Users Organization-Wide Exposures Caused by 1% of Users
Highly Concentrated Exposure Risk in Financial Services
20
34. Credentials Reaping - Recommendations
User & Entity Behavior Analytics (UEBA) to detect
Forensics to determine impact
User education - every user counts
Broad password recycling
34
37. Customer Story - Rapid ROI
37
● US based company in the
travel industry.
● 62% of decrease in public
exposures in one day by
leveraging UEBA
● Reached out to top users
with public exposures
● Rapid return on investment
● Revealed gaps in employee
security training
38. Next Step: Get a Cybersecurity Assessment
bit.ly/cloudlock-assessment