SlideShare une entreprise Scribd logo

Avoiding Limitations of Traditional Approaches to Security

Mighty Guides, Inc.
Mighty Guides, Inc.

The document discusses some key limitations of stitching together multiple security solutions in a cloud infrastructure. Experts note that integration between security tools is important, as lack of interoperability can weaken security. They also emphasize that tools need to be carefully selected to avoid redundancy and provide unique advantages. Additionally, prioritizing risks and tuning tools accordingly is important when dealing with large amounts of cloud data and events. Standards and automation are also highlighted as important to allow for effective security at scale.

Logiciels
1  sur  15
Télécharger pour lire hors ligne
AVOIDINGLIMITATIONS OFTRADITIONAL APPROACHESTO SECURITY Best practice advice for cloud and container security. Sponsored by
2 INTRODUCTION In securing cloud and hybrid environments, some organizations try to replicate the traditional security stack they use for their on-premises infrastructure. Although they typically face the same security requirements when locking down cloud assets, the tools they have available to them and how they implement those tools are different. To get a better understanding of the practical differences between the traditional security stack and building a layered security strategy for a cloud infrastructure, we asked our experts the following question: What limitations can you expect when stitching together multiple security solutions in a cloud infrastructure? Mighty Guides make you stronger. These authoritative and diverse guides provide a full view of a topic. They help you explore, compare, and contrast a variety of viewpoints so that you can determine what will work best for you. Reading a Mighty Guide is kind of like having your own team of experts. Each heartfelt and sincere piece of advice in this guide sits right next to the contributor’s name, biography, and links so that you can learn more about their work. This background information gives you the proper context for each expert’s independent perspective. Credible advice from top experts helps you make strong decisions. Strong decisions make you mighty. © 2019 Mighty Guides, Inc. I 62 Nassau Drive I Great Neck, NY 11021 I 516-360-2622 I www.mightyguides.com
3 FOREWORD Traditional Approaches to Security Have Severe Limitations We all know the attributes of the cloud; agile, dynamic, adaptable. Doesn’t it make sense to use security products that operate the way the cloud does? From a business standpoint, the answer is yes. From a security perspective, there simply is no other way. Many organizations have built elaborate network-based security systems based on endpoints and linear flow of data. In these infrastructures, the key was to build a hard outer shell and prevent unwanted and unwarranted entry. The cloud, however, can only be effective when data can be shared and integrated among users and resources. It’s ad hoc and agile, but it helps companies achieve business goals with efficiency. All those users and data, however, can’t be protected in an infrastructure that’s using outdated concepts for risk management and threat detection. Cloud security demands an end-to-end experience that delivers better context, greater intelligence, and more sophisticated threat detection in order for customers to make sense of the data and workloads they’re running in the cloud. In this book are excellent examples of adept practitioners who have adopted cloud strategies within their enterprise cloud security, and who operate with a framework of protection while still enabling fast, scalable growth. The individuals interviewed in this book live the challenge of security every day; we hope it’s enlightening and helpful. Lacework is a SaaS platform that automates threat defense, intrusion detection, and compliance for cloud workloads & containers. Lacework monitors all your critical assets in the cloud and automatically detects threats and anomalous activity so you can take action before your company is at risk. The result? Deeper security visibility and greater threat defense for your critical cloud workloads, containers, and IaaS accounts. Based in Mountain View, California, Lacework is a privately held company funded by Sutter Hill Ventures, Liberty Global Ventures, Spike Ventures, the Webb Investment Network (WIN), and AME Cloud Ventures. Find out more at www. lacework.com. Regards, Dan Hubbard Chief Product Officer
4 © 2019 Lacework, Inc. Lacework and Polygraph are registered trademarks of Lacework. All  other marks mentioned herein may be trademarks of their respective companies. Lacework  reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Get actionable recommendations on how to improve your security and compliance posture for your AWS, Azure, GCP, and private cloud environments. FREE ASSESSMENT Streamline security for AWS, Azure,  and GCP.  Gain unmatched visibility,  ensure compliance, and enable  actionable threat intelligence.
5 TABLE OF CONTENTS Kathrine Riley, Director of Information Security & Compliance Braintrace.......................................................... 07 Mauro Loda, Senior Security Architect McKesson.......................................................... 09 Paul Dackiewicz, Lead Security Consulting Engineer Advanced Network Management (ANM)..................................... 08 James P. Courtney, Certified Chief Information Security Officer Courtney Consultants, LLC......................... 12 Darrell Shack Cloud Engineer Cox Automotive Inc....................................... 11 Milinda Rambel Stone, Vice President & CISO Provation Medical.......................................... 06 Ross Young, Director Capital One........................................................ 13
6 “YOU NEED TO DEFINE ACCEPTABLE LEVELS OF RISK OR TOLERANCE, AND TUNE YOUR TOOLS IN TERMS OF RISK.” One of the challenges and limitations of complex security stacks is making sure the tools you are using are actually delivering their expected value. We want to implement the latest tools, but if you have too many running at once, you can lose focus of their value. It’s not just about implementation. You need to think about the value you’re going to get out of those tools in the context of the security control you need within your architecture. Otherwise your resources can’t pay attention to everything, and you accomplish less even though you have more tools. A cloud environment operating at scale generates a huge amount of event activity. You need to prioritize risk so that you can focus attention on the right things. You need to define acceptable levels of risk tolerance, and tune your tools in terms of risk and your business priorities. Once all the security controls are defined in your environment, you can monitor them so that you are able to evaluate how you’re doing in vulnerability management, application security, and other important areas. Then you can see where the weaknesses are and discuss with your teams where you are operating at risk and how to model threats in the context of your environment. You just have to keep looking at it, talking about it, automating it, and measuring it. It’s a continuous process because the cloud environment is constantly changing. n Milinda Rambel Stone, Vice President & CISO, Provation Medical Milinda Rambel Stone is an executive security leader with extensive experience in building and leading security programs, specializing in information-security governance, incident investigation and response, cloud security, security awareness, and risk-management compliance. As a former software engineer, Stone has passion and experience in building cloud security and DevSecOps environments. She currently practices this at Provation, where she is the vice president and chief information security officer (CISO).
7 “WHENMOVINGTOTHECLOUD,YOU CAN’TFORGETTHATANAPPLICA- TIONISSTILLASVULNERABLEASIT EVERWAS.” When orchestrating security in the cloud, you face the same challenges and have to address the same threats as in an on-premises environment. When moving to the cloud, you can’t forget that an application is still as vulnerable as ever, and people still want to get to your data. Yet how you orchestrate your security operations changes. The platform is now orchestrating some of that for you, but you still need to know what is most important, what are your showstoppers, the things you absolutely must see first, what are your ports and access points, so you know what you should be turning on. One key to success in this environment is managing orchestration in a way that tunes out noise. You need to architect all of that before you go to the cloud so you know what functions and services you are choosing, and how to configure them operationally. You still need to know what your firewalls and access points are telling you, but these services are now orchestrated in the platform itself, and the platform’s security center becomes your security operations center where you can monitor alerts, the status of images, patch status, threat activity, and all the things that are important to your operation. Your approach to securing this environment is only as good as your definition of what is critical, what requires timeliness, what alerts you need to have, who gets them, and how to respond. Like any tool, it’s only as good as how you tune if to fit your requirements. n Katherine Riley, Director of Information Security & Compliance, Braintrace Katherine (Kate) Riley is skilled in leading teams to define cloud architecture, and in development of controls. She has developed and implemented security frameworks such as ISO and NIST, and performed compliance reviews such as FFIEC, HIPAA, HITRUST, SOX, GDPR, and GLBA.
8 “THE ONLY WAY TO PROCESS ALL THAT DATA IS THROUGH AUTOMATION, AND FOR THAT TO WORK, YOU NEED TO SELECT YOUR TOOLS CAREFULLY.” One of the biggest challenges is vendor interoperability, or lack thereof. For example, you may have a requirement that involves using a security tool that only supports a particular cloud provider’s storage solutions. However, let’s say the tool you use to parse logs does not work with the type of data storage that particular security tool uses. You may be forced either to parse the data manually, which limits your ability to operate securely at scale, or to invest in and configure new security tools. Operating at scale in the cloud can generate large volumes of security data. The only way to process all that data is through automation, and for that to work, you need to select your tools carefully. n Paul Dackiewicz, Lead Security Consulting Engineer, Advanced Network Management (ANM) Paul Dackiewicz has over 10 years of systems engineering and cybersecurity experience in the fields of healthcare, government, and value- added resellers (VARs). He is currently leading the security operations center (SOC) for a premier managed security services provider (MSSP).
9 “MANY SECURITY SOLUTIONS FOCUS ON SPECIFIC PIECES OF THE SECURITY STRATEGY, AND THEY PERFORM THOSE TASKS VERY WELL. BUT WHEN YOU LOOK AT THE ENTIRE ECOSYSTEM, LACK OF INTEROPERATION CAN WEAKEN A SECURITY PROFILE.” When architecting a security strategy to protect a cloud infrastructure, it’s important that different security tools play well together. Many security solutions focus on specific pieces of the security strategy, and they perform those tasks very well. But when you look at the entire ecosystem, lack of interoperation can weaken a security profile. Sometimes it is even difficult to have products from the same vendor working together. Mauro Loda, Senior Security Architect, McKesson Mauro Loda is a passionate, data- driven cybersecurity professional who helped define and drive the “Cloud First” strategy and culture within a Fortune 100 multinational enterprise. He is a strong believer in offensive security and simple- but-effective architecture-defense topology. Emotional intelligence, pragmatism and reliability are his guiding principles. He has achieved numerous industry certifications and actively participates in forums, technology councils, and committees.
10 It’s often necessary to work closely with the vendor, and in some cases this involves writing custom functions that enable the tools to speak to each other. This is not always easy. Vendors need to be willing to help their customers and write code if necessary. They can often to cooperate with you on temporary solutions, but in most cases you can’t wait six to nine months to add capabilities to an operating platform. When operating in the cloud, solutions are deployed through the continuous integration, continuous delivery (CICD) pipeline in time frames measured in seconds and minutes. When working in a super-dynamic cloud environment, most vendors need to be more agile in the way they adjust to customer needs. n
11 “IT’S IMPORTANT THAT EVERY SECURITY TOOL YOU IMPLEMENT GIVES YOU AN ADDITIONAL ADVANTAGE THAT YOU DO NOT ALREADY HAVE.” One challenge when securing cloud environments is avoiding the adoption of security tools with redundant services. You don’t want to be in a situation where you are monitoring more tool outputs than necessary, so it’s important that every security tool you implement gives you an additional advantage that you do not already have. For example, you may have a tool that monitors resources and configurations that are being used in your cloud environment. To gain further visibility, you don’t need another tool that does the same thing. You might want to implement a tool that has machine-learning capabilities and can look at usage patterns and trends, and then make predictions based on what it sees. This provides deeper insight than you gained from the tool that simply reported on resource usage. n Darrell Shack , Cloud Engineer, Cox Automotive Inc. Darrell Shack is a seasoned system engineer focused on building resilient and high--availability solutions. He has experience in developing solutions in the public cloud Amazon Web Services, helping teams manage their cost, and overall application performance in the cloud.
12 “NOTHINGISGOINGTOBE100% SECURE.GIVENENOUGHTIMEAND DETERMINATION,ANADVERSARY WILLFINDTHEIRWAYIN.” Integration between the security tools in your layered security strategy is the key, and how companies address this integration is itself a limiting factor, because how you solve this problem can introduce vulnerabilities. For example, one company might decide to solve the integration problem by purchasing all of its security tools from one vendor. In this way they can be sure that all the tools work together. But this approach creates a flat security plan. An attacker really only has to attack one product successfully to breach the defenses. Alternatively, a company might choose the best security solutions from different vendors for their layered security strategy. This approach makes a more complex security stack that can be more difficult to attack, but if the solutions do not work well together, there can be gaps. Nothing is going to be 100% secure. Given enough time and determination, an adversary will find their way in. That is why a layered approach with a central monitoring point, such as a security information manager, is necessary. Artificial intelligence and behavior analytics tools are an important part of the layered approach, but if they are not properly configured, they may miss potentially threatening activity. They must be continuously trained for the continuously changing cloud environment, where you can have 100 servers running one minute, and a few minutes later business demands spin up 50 new ones. n James P. Courtney, Certified Chief Information Security Officer, Courtney Consultants, LLC James Courtney is a recognized cybersecurity professional who has spoken at multiple conferences, including the CyberMaryland Conference. He is a Certified Chief Information Security Officer (one of 1,172 in the world), serving as the IT network and operations security manager for a private SIP consulting firm in McLean, Virginia.
13 “ONE SECURITY PERSON FOR EVERY 100 DEVELOPERS…WILL NOT BE ABLE TO DO HIS OR HER JOB REGARDLESS OF SKILL LEVEL AND TECHNICAL EXPERTISE.” The greatest limitation to integrating your security solutions and strategy in the cloud effectively is failing to have agreed-on standards in your DevSecOps environment. For example, let’s say you have 1,000 developers working on your systems, and there are at least 1,000 different ways you can implement an application service. Every one of those developers has their ideas about the best way to meet a requirement, so every developer has a use case for building snowflake instances, which are the enemies of automation. Now let’s also say that like a typical organization with 1,000 developers, you have 10 security people making sure the operational environment stays secure. That’s one security person for every 100 developers out there doing their own unique implementations. That one security person will not be able to do his or her job regardless of skill level and technical expertise. To address this, you need to develop basic frameworks that become starting points for every service implementation. Developers must be limited to just a few acceptable versions of containers or virtual instances, and these can be enforced through automation of the DevOps pipeline. With this kind of discipline, one security person can easily monitor the work of 100 developers. n Ross Young, Director, Capital One Ross Young is a veteran technologist, innovation expert, and transformational leader, having learned DevSecOps, IT infrastructure, and cybersecurity from a young age from both ninjas and pirates. Young currently teaches master-level classes in cybersecurity at Johns Hopkins University and is a director of information security at Capital One.
14 KEY POINTS Tools used to secure a cloud environment are only as good as your definition of what is critical and how to respond. Like any tools, they are only as good as how you tune them to fit your requirements. Integration between the security tools in your layered security strategy is the key, and how companies address this integration is itself a limiting factor, because how you solve this problem can introduce vulnerabilities. When operating at scale in the cloud, if you do not have standards in your DevSecOps practice, you will end up with many snowflake instances that make automation difficult and effective security oversight almost impossible.
15 © 2019 Lacework, Inc. Lacework and Polygraph are registered trademarks of Lacework. All  other marks mentioned herein may be trademarks of their respective companies. Lacework  reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Interested in more? Try Lacework for free and validate the security  of your cloud: TRY FOR FREE Streamline security for AWS, Azure,  and GCP.  Gain unmatched visibility,  ensure compliance, and enable  actionable threat intelligence.

Recommandé

Resetting Your Security Thinking for the Public Cloud
Resetting Your Security Thinking for the Public CloudResetting Your Security Thinking for the Public Cloud
Resetting Your Security Thinking for the Public Cloud
Mighty Guides, Inc.
 
Comprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated ApproachComprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated Approach
CloudPassage
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
Amazon Web Services
 
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar DeckHow PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
Amazon Web Services
 
Security in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataSecurity in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your Data
Procore Technologies
 
Csathreats.v1.0
Csathreats.v1.0Csathreats.v1.0
Csathreats.v1.0
vivek_kale27
 
BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...
Dana Gardner
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
YounesChafi1
 

Recommandé

Resetting Your Security Thinking for the Public Cloud
Resetting Your Security Thinking for the Public CloudResetting Your Security Thinking for the Public Cloud
Resetting Your Security Thinking for the Public Cloud
Mighty Guides, Inc.
 
Comprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated ApproachComprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated Approach
CloudPassage
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
Amazon Web Services
 
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar DeckHow PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
Amazon Web Services
 
Security in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataSecurity in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your Data
Procore Technologies
 
Csathreats.v1.0
Csathreats.v1.0Csathreats.v1.0
Csathreats.v1.0
vivek_kale27
 
BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...
Dana Gardner
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
YounesChafi1
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_Piece
Paul Richards
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
Allessandra Negri
 
Stay Ahead of Risk
Stay Ahead of RiskStay Ahead of Risk
Stay Ahead of Risk
Procore Technologies
 
2022 Q1 Webinar Securite du Cloud public (1).pdf
2022 Q1 Webinar Securite du Cloud public (1).pdf2022 Q1 Webinar Securite du Cloud public (1).pdf
2022 Q1 Webinar Securite du Cloud public (1).pdf
YounesChafi1
 
The Cloud Crossover
The Cloud CrossoverThe Cloud Crossover
The Cloud Crossover
Armor
 
Twistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native SecurityTwistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native Security
Mighty Guides, Inc.
 
netskope-casb-for-microsoft-365.pdf
netskope-casb-for-microsoft-365.pdfnetskope-casb-for-microsoft-365.pdf
netskope-casb-for-microsoft-365.pdf
test888649
 
Cloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesCloud Security for U.S. Military Agencies
Cloud Security for U.S. Military Agencies
NJVC, LLC
 
REDUCING CYBER EXPOSURE From Cloud to Containers
REDUCING CYBER EXPOSURE From Cloud to ContainersREDUCING CYBER EXPOSURE From Cloud to Containers
REDUCING CYBER EXPOSURE From Cloud to Containers
artseremis
 
PRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Project
 
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
Mighty Guides, Inc.
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the Cloud
SafeNet
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud security
David De Vos
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14
L S Subramanian
 
Cloud security (domain11 14)
Cloud security (domain11 14)Cloud security (domain11 14)
Cloud security (domain11 14)
Maganathin Veeraragaloo
 
Tour de France Azure PaaS 5/7 Accélérer avec le DevOps
Tour de France Azure PaaS 5/7 Accélérer avec le DevOpsTour de France Azure PaaS 5/7 Accélérer avec le DevOps
Tour de France Azure PaaS 5/7 Accélérer avec le DevOps
Alex Danvy
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
CloudExpoEurope
 
Avoiding Container Vulnerabilities
Avoiding Container VulnerabilitiesAvoiding Container Vulnerabilities
Avoiding Container Vulnerabilities
Mighty Guides, Inc.
 
Building Security Into Your Cloud IT Practices
Building Security Into Your Cloud IT PracticesBuilding Security Into Your Cloud IT Practices
Building Security Into Your Cloud IT Practices
Mighty Guides, Inc.
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
Mighty Guides, Inc.
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender
Mighty Guides, Inc.
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
Raj Sarode
 

Contenu connexe

Tendances

EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_Piece
Paul Richards
 
netskope-casb-for-microsoft-365.pdf
netskope-casb-for-microsoft-365.pdfnetskope-casb-for-microsoft-365.pdf
netskope-casb-for-microsoft-365.pdf
test888649
 
Cloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesCloud Security for U.S. Military Agencies
Cloud Security for U.S. Military Agencies
NJVC, LLC
 

Tendances (17)

EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_Piece
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
 
Stay Ahead of Risk
Stay Ahead of RiskStay Ahead of Risk
Stay Ahead of Risk
 
2022 Q1 Webinar Securite du Cloud public (1).pdf
2022 Q1 Webinar Securite du Cloud public (1).pdf2022 Q1 Webinar Securite du Cloud public (1).pdf
2022 Q1 Webinar Securite du Cloud public (1).pdf
 
The Cloud Crossover
The Cloud CrossoverThe Cloud Crossover
The Cloud Crossover
 
Twistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native SecurityTwistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native Security
 
netskope-casb-for-microsoft-365.pdf
netskope-casb-for-microsoft-365.pdfnetskope-casb-for-microsoft-365.pdf
netskope-casb-for-microsoft-365.pdf
 
Cloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesCloud Security for U.S. Military Agencies
Cloud Security for U.S. Military Agencies
 
REDUCING CYBER EXPOSURE From Cloud to Containers
REDUCING CYBER EXPOSURE From Cloud to ContainersREDUCING CYBER EXPOSURE From Cloud to Containers
REDUCING CYBER EXPOSURE From Cloud to Containers
 
PRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by Design
 
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the Cloud
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud security
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14
 
Cloud security (domain11 14)
Cloud security (domain11 14)Cloud security (domain11 14)
Cloud security (domain11 14)
 
Tour de France Azure PaaS 5/7 Accélérer avec le DevOps
Tour de France Azure PaaS 5/7 Accélérer avec le DevOpsTour de France Azure PaaS 5/7 Accélérer avec le DevOps
Tour de France Azure PaaS 5/7 Accélérer avec le DevOps
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 

Similaire à Avoiding Limitations of Traditional Approaches to Security

CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docx
mccormicknadine86
 
Five Reasons Why You Need Cloud Investigation & Response Automation
Five Reasons Why You Need Cloud Investigation & Response AutomationFive Reasons Why You Need Cloud Investigation & Response Automation
Five Reasons Why You Need Cloud Investigation & Response Automation
Christopher Doman
 
Azure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 complianceAzure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 compliance
Erlinkencana
 

Similaire à Avoiding Limitations of Traditional Approaches to Security (20)

Avoiding Container Vulnerabilities
Avoiding Container VulnerabilitiesAvoiding Container Vulnerabilities
Avoiding Container Vulnerabilities
 
Building Security Into Your Cloud IT Practices
Building Security Into Your Cloud IT PracticesBuilding Security Into Your Cloud IT Practices
Building Security Into Your Cloud IT Practices
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
WP_ Five Reasons Why_Jan_2023.pdf
WP_ Five Reasons Why_Jan_2023.pdfWP_ Five Reasons Why_Jan_2023.pdf
WP_ Five Reasons Why_Jan_2023.pdf
 
Security operations center inhouse vs outsource
Security operations center inhouse vs outsourceSecurity operations center inhouse vs outsource
Security operations center inhouse vs outsource
 
Security operations center inhouse vs outsource
Security operations center inhouse vs outsourceSecurity operations center inhouse vs outsource
Security operations center inhouse vs outsource
 
7 Experts on Implementing Microsoft Defender for Endpoint
7 Experts on Implementing Microsoft Defender for Endpoint7 Experts on Implementing Microsoft Defender for Endpoint
7 Experts on Implementing Microsoft Defender for Endpoint
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docx
 
4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdf4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdf
 
Five Reasons Why You Need Cloud Investigation & Response Automation
Five Reasons Why You Need Cloud Investigation & Response AutomationFive Reasons Why You Need Cloud Investigation & Response Automation
Five Reasons Why You Need Cloud Investigation & Response Automation
 
Cloud security
Cloud security Cloud security
Cloud security
 
Cloud Architect Company in India
Cloud Architect Company in IndiaCloud Architect Company in India
Cloud Architect Company in India
 
Azure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 complianceAzure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 compliance
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
 
7 cloud security tips
7 cloud security tips7 cloud security tips
7 cloud security tips
 
Microsoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterpriseMicrosoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterprise
 
Cloud Security for Life Science R&D
Cloud Security for Life Science R&DCloud Security for Life Science R&D
Cloud Security for Life Science R&D
 

Plus de Mighty Guides, Inc.

Plus de Mighty Guides, Inc. (20)

8 Experts on Flawless App Delivery
8 Experts on Flawless App Delivery8 Experts on Flawless App Delivery
8 Experts on Flawless App Delivery
 
7 Experts on How to Deliver a Secure, Productive Remote Employee Experience
7 Experts on How to Deliver a Secure, Productive Remote Employee Experience 7 Experts on How to Deliver a Secure, Productive Remote Employee Experience
7 Experts on How to Deliver a Secure, Productive Remote Employee Experience
 
Sharktower: Will AI change the way you manage change?
Sharktower: Will AI change the way you manage change?Sharktower: Will AI change the way you manage change?
Sharktower: Will AI change the way you manage change?
 
Workfront: 7 Experts on Flawless Campaign Execution
Workfront: 7 Experts on Flawless Campaign ExecutionWorkfront: 7 Experts on Flawless Campaign Execution
Workfront: 7 Experts on Flawless Campaign Execution
 
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response StrategyTrustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
 
Workfront - 9 Experts on How to Align IT's Work to Company Strategy
Workfront - 9 Experts on How to Align IT's Work to Company StrategyWorkfront - 9 Experts on How to Align IT's Work to Company Strategy
Workfront - 9 Experts on How to Align IT's Work to Company Strategy
 
Citrix: 7 Experts on Transforming Employee Experience
Citrix: 7 Experts on Transforming Employee ExperienceCitrix: 7 Experts on Transforming Employee Experience
Citrix: 7 Experts on Transforming Employee Experience
 
7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)
 
15 Experts on Reimagining Field Marketing
15 Experts on Reimagining Field Marketing15 Experts on Reimagining Field Marketing
15 Experts on Reimagining Field Marketing
 
Kyriba: 7 Experts on Activating Liquidity
Kyriba: 7 Experts on Activating LiquidityKyriba: 7 Experts on Activating Liquidity
Kyriba: 7 Experts on Activating Liquidity
 
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating ProvidersBlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
 
11 Experts on Using the Content Lifecycle to Maximize Content ROI
11 Experts on Using the Content Lifecycle to Maximize Content ROI 11 Experts on Using the Content Lifecycle to Maximize Content ROI
11 Experts on Using the Content Lifecycle to Maximize Content ROI
 
Defining Marketing Success- 28 Experts Tell You How
Defining Marketing Success- 28 Experts Tell You HowDefining Marketing Success- 28 Experts Tell You How
Defining Marketing Success- 28 Experts Tell You How
 
7 Experts on Using the Content Lifecycle to Maximize Content ROI
7 Experts on Using the Content Lifecycle to Maximize Content ROI7 Experts on Using the Content Lifecycle to Maximize Content ROI
7 Experts on Using the Content Lifecycle to Maximize Content ROI
 
Iron Mountain: 8 Experts on Workplace Transformation
Iron Mountain: 8 Experts on Workplace TransformationIron Mountain: 8 Experts on Workplace Transformation
Iron Mountain: 8 Experts on Workplace Transformation
 
Ntiva: 8 Experts on Outsourcing IT for Strategic Advantage
Ntiva: 8 Experts on Outsourcing IT for Strategic AdvantageNtiva: 8 Experts on Outsourcing IT for Strategic Advantage
Ntiva: 8 Experts on Outsourcing IT for Strategic Advantage
 
Iron Mountain: The Essential Guide To Understanding Digital Transformation
Iron Mountain: The Essential Guide To Understanding Digital TransformationIron Mountain: The Essential Guide To Understanding Digital Transformation
Iron Mountain: The Essential Guide To Understanding Digital Transformation
 
Kyriba: Taking Treasury From Reactive to Proactive- Quotes from the Experts
Kyriba: Taking Treasury From Reactive to Proactive- Quotes from the ExpertsKyriba: Taking Treasury From Reactive to Proactive- Quotes from the Experts
Kyriba: Taking Treasury From Reactive to Proactive- Quotes from the Experts
 
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
 
Carbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint SecurityCarbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint Security
 

Dernier

Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
OnePlan Solutions
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
harshavardhanraghave
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
software pro Development
 

Dernier (20)

Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 

Avoiding Limitations of Traditional Approaches to Security

  • 2. 2 INTRODUCTION In securing cloud and hybrid environments, some organizations try to replicate the traditional security stack they use for their on-premises infrastructure. Although they typically face the same security requirements when locking down cloud assets, the tools they have available to them and how they implement those tools are different. To get a better understanding of the practical differences between the traditional security stack and building a layered security strategy for a cloud infrastructure, we asked our experts the following question: What limitations can you expect when stitching together multiple security solutions in a cloud infrastructure? Mighty Guides make you stronger. These authoritative and diverse guides provide a full view of a topic. They help you explore, compare, and contrast a variety of viewpoints so that you can determine what will work best for you. Reading a Mighty Guide is kind of like having your own team of experts. Each heartfelt and sincere piece of advice in this guide sits right next to the contributor’s name, biography, and links so that you can learn more about their work. This background information gives you the proper context for each expert’s independent perspective. Credible advice from top experts helps you make strong decisions. Strong decisions make you mighty. © 2019 Mighty Guides, Inc. I 62 Nassau Drive I Great Neck, NY 11021 I 516-360-2622 I www.mightyguides.com
  • 3. 3 FOREWORD Traditional Approaches to Security Have Severe Limitations We all know the attributes of the cloud; agile, dynamic, adaptable. Doesn’t it make sense to use security products that operate the way the cloud does? From a business standpoint, the answer is yes. From a security perspective, there simply is no other way. Many organizations have built elaborate network-based security systems based on endpoints and linear flow of data. In these infrastructures, the key was to build a hard outer shell and prevent unwanted and unwarranted entry. The cloud, however, can only be effective when data can be shared and integrated among users and resources. It’s ad hoc and agile, but it helps companies achieve business goals with efficiency. All those users and data, however, can’t be protected in an infrastructure that’s using outdated concepts for risk management and threat detection. Cloud security demands an end-to-end experience that delivers better context, greater intelligence, and more sophisticated threat detection in order for customers to make sense of the data and workloads they’re running in the cloud. In this book are excellent examples of adept practitioners who have adopted cloud strategies within their enterprise cloud security, and who operate with a framework of protection while still enabling fast, scalable growth. The individuals interviewed in this book live the challenge of security every day; we hope it’s enlightening and helpful. Lacework is a SaaS platform that automates threat defense, intrusion detection, and compliance for cloud workloads & containers. Lacework monitors all your critical assets in the cloud and automatically detects threats and anomalous activity so you can take action before your company is at risk. The result? Deeper security visibility and greater threat defense for your critical cloud workloads, containers, and IaaS accounts. Based in Mountain View, California, Lacework is a privately held company funded by Sutter Hill Ventures, Liberty Global Ventures, Spike Ventures, the Webb Investment Network (WIN), and AME Cloud Ventures. Find out more at www. lacework.com. Regards, Dan Hubbard Chief Product Officer
  • 4. 4 © 2019 Lacework, Inc. Lacework and Polygraph are registered trademarks of Lacework. All  other marks mentioned herein may be trademarks of their respective companies. Lacework  reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Get actionable recommendations on how to improve your security and compliance posture for your AWS, Azure, GCP, and private cloud environments. FREE ASSESSMENT Streamline security for AWS, Azure,  and GCP.  Gain unmatched visibility,  ensure compliance, and enable  actionable threat intelligence.
  • 5. 5 TABLE OF CONTENTS Kathrine Riley, Director of Information Security & Compliance Braintrace.......................................................... 07 Mauro Loda, Senior Security Architect McKesson.......................................................... 09 Paul Dackiewicz, Lead Security Consulting Engineer Advanced Network Management (ANM)..................................... 08 James P. Courtney, Certified Chief Information Security Officer Courtney Consultants, LLC......................... 12 Darrell Shack Cloud Engineer Cox Automotive Inc....................................... 11 Milinda Rambel Stone, Vice President & CISO Provation Medical.......................................... 06 Ross Young, Director Capital One........................................................ 13
  • 6. 6 “YOU NEED TO DEFINE ACCEPTABLE LEVELS OF RISK OR TOLERANCE, AND TUNE YOUR TOOLS IN TERMS OF RISK.” One of the challenges and limitations of complex security stacks is making sure the tools you are using are actually delivering their expected value. We want to implement the latest tools, but if you have too many running at once, you can lose focus of their value. It’s not just about implementation. You need to think about the value you’re going to get out of those tools in the context of the security control you need within your architecture. Otherwise your resources can’t pay attention to everything, and you accomplish less even though you have more tools. A cloud environment operating at scale generates a huge amount of event activity. You need to prioritize risk so that you can focus attention on the right things. You need to define acceptable levels of risk tolerance, and tune your tools in terms of risk and your business priorities. Once all the security controls are defined in your environment, you can monitor them so that you are able to evaluate how you’re doing in vulnerability management, application security, and other important areas. Then you can see where the weaknesses are and discuss with your teams where you are operating at risk and how to model threats in the context of your environment. You just have to keep looking at it, talking about it, automating it, and measuring it. It’s a continuous process because the cloud environment is constantly changing. n Milinda Rambel Stone, Vice President & CISO, Provation Medical Milinda Rambel Stone is an executive security leader with extensive experience in building and leading security programs, specializing in information-security governance, incident investigation and response, cloud security, security awareness, and risk-management compliance. As a former software engineer, Stone has passion and experience in building cloud security and DevSecOps environments. She currently practices this at Provation, where she is the vice president and chief information security officer (CISO).
  • 7. 7 “WHENMOVINGTOTHECLOUD,YOU CAN’TFORGETTHATANAPPLICA- TIONISSTILLASVULNERABLEASIT EVERWAS.” When orchestrating security in the cloud, you face the same challenges and have to address the same threats as in an on-premises environment. When moving to the cloud, you can’t forget that an application is still as vulnerable as ever, and people still want to get to your data. Yet how you orchestrate your security operations changes. The platform is now orchestrating some of that for you, but you still need to know what is most important, what are your showstoppers, the things you absolutely must see first, what are your ports and access points, so you know what you should be turning on. One key to success in this environment is managing orchestration in a way that tunes out noise. You need to architect all of that before you go to the cloud so you know what functions and services you are choosing, and how to configure them operationally. You still need to know what your firewalls and access points are telling you, but these services are now orchestrated in the platform itself, and the platform’s security center becomes your security operations center where you can monitor alerts, the status of images, patch status, threat activity, and all the things that are important to your operation. Your approach to securing this environment is only as good as your definition of what is critical, what requires timeliness, what alerts you need to have, who gets them, and how to respond. Like any tool, it’s only as good as how you tune if to fit your requirements. n Katherine Riley, Director of Information Security & Compliance, Braintrace Katherine (Kate) Riley is skilled in leading teams to define cloud architecture, and in development of controls. She has developed and implemented security frameworks such as ISO and NIST, and performed compliance reviews such as FFIEC, HIPAA, HITRUST, SOX, GDPR, and GLBA.
  • 8. 8 “THE ONLY WAY TO PROCESS ALL THAT DATA IS THROUGH AUTOMATION, AND FOR THAT TO WORK, YOU NEED TO SELECT YOUR TOOLS CAREFULLY.” One of the biggest challenges is vendor interoperability, or lack thereof. For example, you may have a requirement that involves using a security tool that only supports a particular cloud provider’s storage solutions. However, let’s say the tool you use to parse logs does not work with the type of data storage that particular security tool uses. You may be forced either to parse the data manually, which limits your ability to operate securely at scale, or to invest in and configure new security tools. Operating at scale in the cloud can generate large volumes of security data. The only way to process all that data is through automation, and for that to work, you need to select your tools carefully. n Paul Dackiewicz, Lead Security Consulting Engineer, Advanced Network Management (ANM) Paul Dackiewicz has over 10 years of systems engineering and cybersecurity experience in the fields of healthcare, government, and value- added resellers (VARs). He is currently leading the security operations center (SOC) for a premier managed security services provider (MSSP).
  • 9. 9 “MANY SECURITY SOLUTIONS FOCUS ON SPECIFIC PIECES OF THE SECURITY STRATEGY, AND THEY PERFORM THOSE TASKS VERY WELL. BUT WHEN YOU LOOK AT THE ENTIRE ECOSYSTEM, LACK OF INTEROPERATION CAN WEAKEN A SECURITY PROFILE.” When architecting a security strategy to protect a cloud infrastructure, it’s important that different security tools play well together. Many security solutions focus on specific pieces of the security strategy, and they perform those tasks very well. But when you look at the entire ecosystem, lack of interoperation can weaken a security profile. Sometimes it is even difficult to have products from the same vendor working together. Mauro Loda, Senior Security Architect, McKesson Mauro Loda is a passionate, data- driven cybersecurity professional who helped define and drive the “Cloud First” strategy and culture within a Fortune 100 multinational enterprise. He is a strong believer in offensive security and simple- but-effective architecture-defense topology. Emotional intelligence, pragmatism and reliability are his guiding principles. He has achieved numerous industry certifications and actively participates in forums, technology councils, and committees.
  • 10. 10 It’s often necessary to work closely with the vendor, and in some cases this involves writing custom functions that enable the tools to speak to each other. This is not always easy. Vendors need to be willing to help their customers and write code if necessary. They can often to cooperate with you on temporary solutions, but in most cases you can’t wait six to nine months to add capabilities to an operating platform. When operating in the cloud, solutions are deployed through the continuous integration, continuous delivery (CICD) pipeline in time frames measured in seconds and minutes. When working in a super-dynamic cloud environment, most vendors need to be more agile in the way they adjust to customer needs. n
  • 11. 11 “IT’S IMPORTANT THAT EVERY SECURITY TOOL YOU IMPLEMENT GIVES YOU AN ADDITIONAL ADVANTAGE THAT YOU DO NOT ALREADY HAVE.” One challenge when securing cloud environments is avoiding the adoption of security tools with redundant services. You don’t want to be in a situation where you are monitoring more tool outputs than necessary, so it’s important that every security tool you implement gives you an additional advantage that you do not already have. For example, you may have a tool that monitors resources and configurations that are being used in your cloud environment. To gain further visibility, you don’t need another tool that does the same thing. You might want to implement a tool that has machine-learning capabilities and can look at usage patterns and trends, and then make predictions based on what it sees. This provides deeper insight than you gained from the tool that simply reported on resource usage. n Darrell Shack , Cloud Engineer, Cox Automotive Inc. Darrell Shack is a seasoned system engineer focused on building resilient and high--availability solutions. He has experience in developing solutions in the public cloud Amazon Web Services, helping teams manage their cost, and overall application performance in the cloud.
  • 12. 12 “NOTHINGISGOINGTOBE100% SECURE.GIVENENOUGHTIMEAND DETERMINATION,ANADVERSARY WILLFINDTHEIRWAYIN.” Integration between the security tools in your layered security strategy is the key, and how companies address this integration is itself a limiting factor, because how you solve this problem can introduce vulnerabilities. For example, one company might decide to solve the integration problem by purchasing all of its security tools from one vendor. In this way they can be sure that all the tools work together. But this approach creates a flat security plan. An attacker really only has to attack one product successfully to breach the defenses. Alternatively, a company might choose the best security solutions from different vendors for their layered security strategy. This approach makes a more complex security stack that can be more difficult to attack, but if the solutions do not work well together, there can be gaps. Nothing is going to be 100% secure. Given enough time and determination, an adversary will find their way in. That is why a layered approach with a central monitoring point, such as a security information manager, is necessary. Artificial intelligence and behavior analytics tools are an important part of the layered approach, but if they are not properly configured, they may miss potentially threatening activity. They must be continuously trained for the continuously changing cloud environment, where you can have 100 servers running one minute, and a few minutes later business demands spin up 50 new ones. n James P. Courtney, Certified Chief Information Security Officer, Courtney Consultants, LLC James Courtney is a recognized cybersecurity professional who has spoken at multiple conferences, including the CyberMaryland Conference. He is a Certified Chief Information Security Officer (one of 1,172 in the world), serving as the IT network and operations security manager for a private SIP consulting firm in McLean, Virginia.
  • 13. 13 “ONE SECURITY PERSON FOR EVERY 100 DEVELOPERS…WILL NOT BE ABLE TO DO HIS OR HER JOB REGARDLESS OF SKILL LEVEL AND TECHNICAL EXPERTISE.” The greatest limitation to integrating your security solutions and strategy in the cloud effectively is failing to have agreed-on standards in your DevSecOps environment. For example, let’s say you have 1,000 developers working on your systems, and there are at least 1,000 different ways you can implement an application service. Every one of those developers has their ideas about the best way to meet a requirement, so every developer has a use case for building snowflake instances, which are the enemies of automation. Now let’s also say that like a typical organization with 1,000 developers, you have 10 security people making sure the operational environment stays secure. That’s one security person for every 100 developers out there doing their own unique implementations. That one security person will not be able to do his or her job regardless of skill level and technical expertise. To address this, you need to develop basic frameworks that become starting points for every service implementation. Developers must be limited to just a few acceptable versions of containers or virtual instances, and these can be enforced through automation of the DevOps pipeline. With this kind of discipline, one security person can easily monitor the work of 100 developers. n Ross Young, Director, Capital One Ross Young is a veteran technologist, innovation expert, and transformational leader, having learned DevSecOps, IT infrastructure, and cybersecurity from a young age from both ninjas and pirates. Young currently teaches master-level classes in cybersecurity at Johns Hopkins University and is a director of information security at Capital One.
  • 14. 14 KEY POINTS Tools used to secure a cloud environment are only as good as your definition of what is critical and how to respond. Like any tools, they are only as good as how you tune them to fit your requirements. Integration between the security tools in your layered security strategy is the key, and how companies address this integration is itself a limiting factor, because how you solve this problem can introduce vulnerabilities. When operating at scale in the cloud, if you do not have standards in your DevSecOps practice, you will end up with many snowflake instances that make automation difficult and effective security oversight almost impossible.