The Riskiest Industries in the Cloud
•
0 j'aime•193 vues
This document summarizes a webinar presented by CloudLock on lessons learned from their CyberLab research facility. Some of the key points covered include: - CloudLock's CyberLab conducts threat intelligence, proactive monitoring, independent research and breach investigations based on data from over 10 million users and 1 billion files. - Their research found the riskiest industries for cloud security are financial services, healthcare, and technology due to factors like excessive sharing of sensitive data. - A real world example was presented of a credentials reaping attack at a technology company that compromised 3 users and spread to over 2,500 emails through password recycling and geographic hopping over 2 weeks. - Recommendations to help prevent these types
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (20)
En vedette
Similaire à The Riskiest Industries in the Cloud
Similaire à The Riskiest Industries in the Cloud (20)
Dernier
Dernier (20)
The Riskiest Industries in the Cloud
- 1. Lessons Learned from Our CyberLab Riskiest Industries in the Cloud 1
- 2. Continuing Professional Education (CPE) Credits Claim your CPE credit for attending this webinar https://www.isc2.org/ For more information or questions please contact us info@cloudlock.com 2
- 3. Q4 2015 Cloudlock CyberLab Report
- 4. Presenters Bernd Leger VP of Marketing Yishai Beeri Director of Cybersecurity Research 4
- 5. Agenda 01 02 03 04 CloudLock’s CyberLab We All Want (World Peace and) Security Where The Differences Lie Real World Example 5 05 Lessons Learned
- 6. CloudLock CyberLab Based in Tel-Aviv, CyberLab is CloudLock’s formal cybersecurity research facility. CyberLab Leverages CloudLock’s unique background from Israeli and U.S. Intelligence communities 6
- 7. CyberLab Services 7 Threat Intelligence CyberLab Proactive Monitoring Independent Research Threat Assessment Breach Investigations
- 9. Basis for CyberLab Research 9 10 Million Users 1 Billion Files 101,000+ Unique Apps CloudLock based findings on anonymized usage data across:
- 10. Agenda 01 02 03 04 CloudLock’s CyberLab We All Want (World Peace and) Security Where The Differences Lie Real World Example 10 05 Lessons Learned
- 11. Attack Surface is Increasing While Cloud Usage is Exploding 111111 10x Files Stored in Public Cloud Apps increase in 1 Year 52,000 Third-Party App Installs by Privileged & Administrative Users 4,000 per organization contain usernames and passwords exposed files
- 12. External Collaboration on the Rise 12
- 13. If Done the Wrong Way... 13
- 14. The 1% who can take down your Organization: Quantifying the Risk 14
- 15. Key Findings
- 16. The 1% Who Can Take Down Your Organization 16 No Industry is Immune
- 17. Agenda 01 02 03 04 CloudLock’s CyberLab We All Want (World Peace and) Security Where The Differences Lie Real World Example 17 05 Lessons Learned
- 18. Riskiest Industries in the Cloud: Where Do You Stand? Concerned with Excessive Sharing Concerned with Password Protection 18
- 19. Riskiest Industries in the Cloud: Where Do You Stand? Concerned with PII Concerned with PCI 19
- 20. Riskiest Industries in the Cloud: Where Do You Stand? Public Exposures Caused by 1% of Users Organization-Wide Exposures Caused by 1% of Users Highly Concentrated Exposure Risk in Financial Services 20
- 21. Top Cloud Cybersecurity Concerns in Retail 21
- 22. Top Cloud Cybersecurity Concerns in Manufacturing 22
- 23. Top Cloud Cybersecurity Concerns in K-12 23
- 24. Top Cloud Cybersecurity Concerns in Higher Ed 24
- 25. Top Cloud Cybersecurity Concerns in Government 25
- 26. Top Cloud Cybersecurity Concerns in Technology 26
- 27. Top Cloud Cybersecurity Concerns in Healthcare 27
- 28. Top Cloud Cybersecurity Concerns in Financial Services 28
- 29. Agenda 01 02 03 04 CloudLock’s CyberLab We All Want (World Peace and) Security Where The Differences Lie Real World Example 29 05 Lessons Learned
- 30. Real world example - Cloud Credentials Reaping ● Technology Services ● 1,000+ Employees ● Global presence 30 ● Basic phishing email ● Targets Google Apps ● 3 breached users ● 2,500 emails (spread) ● 2-week wait ● No data leak (yet) Victim Profile Attack Profile
- 31. Credentials Reaping - Timeline 31 Dec 2 Incoming phishing email wave Several accounts compromised Dec 3 2 accounts breached Outgoing ~600 emails Password changes & cleanup Dec 16 3rd account breached ~1800 emails in 2nd wave Dec 17 Request to engage CyberLab
- 32. Credentials Reaping - Actual Breach 32
- 33. Credentials Reaping - Takeaways High spread (3 users → 2500 emails) Geography Hopping Longer attack durations 33
- 34. Credentials Reaping - Recommendations User & Entity Behavior Analytics (UEBA) to detect Forensics to determine impact User education - every user counts Broad password recycling 34
- 36. 16% Decrease in Risk in 1 Day 36
- 37. Customer Story - Rapid ROI 37 ● US based company in the travel industry. ● 62% of decrease in public exposures in one day by leveraging UEBA ● Reached out to top users with public exposures ● Rapid return on investment ● Revealed gaps in employee security training
- 38. Next Step: Get a Cybersecurity Assessment bit.ly/cloudlock-assessment
- 39. Q&A Bernd Leger VP of Marketing 39 Yishai Beeri Director of Cybersecurity Research
- 40. Thank You Questions & Answers www.cloudlock.com info@cloudlock.com 781.996.4332 40