Security teams are constantly keeping up with complex attacks leveraging the cloud, but traditional security stacks just can’t keep pace with malicious actors or insiders. In the session, we’ll explore Gartner’s new SASE framework and how organizations can utilize Zero Trust, visibility into cloud-based traffic and cloud threat protection to build a modernized cloud-first stack.

1. 2020 © Netskope. All rights reserved.
Reimagine your perimeter
Why everyone needs a cloud-first security program
SASEfaction guaranteed!
JR:JR

2. 2020 © Netskope. All rights reserved.
Introductions
James Robinson Ross Asquith
Deputy CISO,
Netskope
jrobinson@netskope.com
Security Transformation Principal,
Netskope
ross@netskope.com
JR:RA

3. 2020 © Netskope. All rights reserved.
Work from the office
Work from home
RA:RA
For many organizations there is increasingly
little difference between working in the office
and working remotely. This is due to the
network perimeter changing…

4. 2020 © Netskope. All rights reserved.
Source:NetskopeCloudReport,August2019;Security2025
of enterprise
web traffic
consists of
cloud
85%
of enterprise
devices are
mobile and off
the network
half the time
90%
Numbers Don’t Lie – Your Perimeter is Dissolving

5. 2020 © Netskope. All rights reserved.
IaaSSaaSWeb
Data
Center
Apps
FW
SWG
VPN
Endpoint
IPS
Designed for controlled access
RA:RA

6. 2020 © Netskope. All rights reserved.
Inappropriate Content Filtering
Bandwidth Control
Threat Protection
APT & Malware
Phishing Protection
Cloud Delivered
SSL @ Scale
Mobile User Protection
Branch Office Protection
Activity Visibility
Granular App Controls
App Risk Insight
Data Protection
Cloud-Enabled Threat Defenses
Websense ForcePoint
Blue Coat / Symantec
Cisco
McAfee
Zscaler Netskope
Web Filtering On-Prem SWG Cloud Delivered SWG Next Gen SWG
YEARS
VERSION
DESCRIPTION
VENDORS
BUSINESS
DRIVER
0%
10%
30%
85%
0% of enterprise
traffic that is
cloud
1 9 9 9 - 2 0 0 8
1.0
10% of
enterprise traffic
that is cloud
2 0 0 8 - 2 0 1 3
2.0 30% of
enterprise traffic
that is cloud
2 0 1 3 - 2 0 1 7
3.0
85% of
enterprise traffic
that is cloud
2 0 1 8 - 2 0 2 5
4.0
Static Web
(HTML)
App Based
Web (SaaS)
Evolution of Secure Web Gateways
RA:JR

7. 2020 © Netskope. All rights reserved.
7
Top three cloud service workloads
Leading cloud security concerns
Leading cloud security priority
52%apps 48%storage 46%security
52%data privacy 51%data loss and leakage
32%malware protection
Your data is in the cloud, is your security?
Cloud migration and concerns
JR:JR

8. 2020 © Netskope. All rights reserved.
• For the first time, phishing attacks on
SaaS (36%) have surpassed phishing
attacks on payment systems (27%) and
financial institutions (16%).
• Phishing attempts increase 400% 1H19,
many malicious URLs found on trusted
domains.
• So far in 2019, nearly 1 in 4 malicious
URLs (24%) were found on trusted
domains.
• It’s more difficult for security measures to
block URLs on these trusted domains.
WebrootAPWG Phishing Activity Trends Report, May 2019
Evidence
JR:JR

9. 2020 © Netskope. All rights reserved.
9
Profile Cloud Services
Misconfigurations
Open to Public
Rogue Instances
Cloud Hosting & C2
Landing Pages
Phishing SaaS/Cloud (#1)
Cloud Script / File Share
Valid Domain & Certificate
Fake Access Logins
Compromise Credentials
Cloud Payloads / Malware
White Listed Domains/IPs
Facebook, YouTube, Twitter
Slack, GitHub (SLUB)
Cloud Data Exfiltration
Cloud Lateral Movement
Resource Consumption
Cloud-enabled Kill Chain
JR:JR

10. 2020 © Netskope. All rights reserved.

11. 2020 © Netskope. All rights reserved.
Device
Managed
Personal
User, Group, OU
Accounting
Pat Smith Cloud
Storage
App
Managed
Unmanaged
App
Personal
Instance
Company
File
Sharing
100+
Categories
URL Category
Upload
File
(up,
down,
share,
view)
Activity
AV/ML
IOCs
Scripts
Macros
Sandbox
Threat
DLP
Profiles
And
Rules
Content Policy Action
Allow
Block
Coach
Encrypt
Legal Hold
Quarantine
etc.
Risk
Security
Privacy
Legal/Audit
GDPR
50+
Risk
Rating
36K Apps
97
Context is key
Instance Awareness – determine company, personal, and rogue instances
Activity-level Policy – determine 20+ activities for cloud services and apps
Data Protection – determine login credentials (PII) in phishing forms
Threat Protection – prevent known and detect unknown cloud-enabled threats
JR:JR

12. 2020 © Netskope. All rights reserved.
Complexity of trying to implement security at the perimeter

13. 2020 © Netskope. All rights reserved.
What’s the solution?

14. 2020 © Netskope. All rights reserved.

15. 2020 © Netskope. All rights reserved.
HQ + Data center
Firewall
VPN
Sandbox
IPS / IDS
UEBA
Web Sec
DLP
BYOD
Branch
Remote Device
Web and Cloud
RA:RA

16. 2020 © Netskope. All rights reserved.
HQ + Data center
Firewall
BYOD
Branch
Remote Device
Security will no longer be “entombed” in a box in the data center
SASE will be as disruptive to network and network security
architectures as IaaS was to the data center.
Digital business transformation will require SASE
SASE – Secure Access Service Edge
Web and Cloud
RA:RA
VPN
Sandbox
IPS / IDS
UEBA
Web Sec
DLP

17. 2020 © Netskope. All rights reserved.
HQ + Data center
5G Mobile
WiFi APs
Commodity
hardware
SDN fabric
Legacy Apps
IOT Devices
BYOD
Branch
Remote Device
Future operating model
SASE – Secure Access Service Edge
Web and Cloud
RA:RA

18. 2020 © Netskope. All rights reserved.
Future Security Stack is in the Cloud The Future Stack includes:
• SASE
• Identity authentication
• Endpoint Security Management
• Security Operations
• User Behavior Analysis
Endpoint machines
Threat Intel
Exchange
Response Actions
UEBA /
SOAR
SECURE ACCESS
SERVICE EDGE
ENDPOINT
Web SaaS IaaS/PaaS
User Data
Entity Data
IDENTITY
Authentication
and SSO
Response Actions
Private
Access
RA:RA

19. 2020 © Netskope. All rights reserved.
Visit us:
Netskope booth #5981 (Moscone North)
Thank you.
QUESTIONS?
Netskope cloud
security report:
www.netskope.com
RA:RA