SlideShare une entreprise Scribd logo

IDSA Overview at CSA SV

Vishwas Manral
Vishwas Manral

Identity centric security

Technologie
1  sur  21
Confidential.  Copyright  ©  2018  Nanosec1 Zero  Trust  and  Identity  in  the  Enterprise Co-­organized  by   5/  14/  2019
Copyright  ©  2018  Nanosec2 Agenda  Details   6:00PM to 6:25PM: Registration 6:25PM to 7:00PM: A Changing Paradigm: What Happens When You Put Identity at the Center of Security? -> Joe Gottlieb, Executive Advisory Board, Identity Defined Security Alliance and SVP Strategy and BD, SailPoint 7:00PM to 7:10PM: Q&A 7:10PM to 7:45PM: Adobe's Zero Trust Enterprise Network (ZEN) and the Role of Identity -> Den Jones, Director Enterprise Security, Adobe Event  WiFi SSID:  HD-­Events   Password:  f83l7b SSID:  HD-­Guest Password:  hackerdojo
Confidential.  Copyright  ©  2018  Nanosec4 ENTERPRISE CHALLENGES Cybersecurity  is  relentlessly,  cumulatively  challenging Compromised identities are still the leading cause of breaches – “The exploitation of usernames and passwords by nefarious actors continues to be a ripe target…” ITRC 2018 End-of-Year Data Breach Report Single vendor approaches are not working
EVOLUTION OF IDENTITY AND ITS IMPACT Employees Perimeter Employees and Partners Consumers Perimeter-less Federation Cloud / SaaS Things Perimeter-less Federation Cloud / SaaS Mobility Relationships Attributes Context Stateless IT EFFICIENCY IT COMPLIANCE SECURITY API AI API BUSINESS AGILITY UX Perimeter Federation Source: Optiv
Confidential.  Copyright  ©  2018  Nanosec6 Identity  is a  critical  cybersecurity  technology   FOUNDATION FOR A NEW APPROACH Cybersecurity technologies must fundamentally work together if they are to achieve meaningful effectiveness Every business transaction, attack surface or target involves a credential and a service or piece of data Given the cumulative investment in security, each new investment is increasingly measured for its ability to make the whole more effective
GOAL: Become an independent source of education and information on identity-centric security strategies. MISSION: The Identity Defined Security Alliance is a non-profit organization that facilitates community collaboration to develop a framework and practical guidance that helps organizations put identity at the center of their security strategy.
Confidential.  Copyright  ©  2018  Nanosec8 Deliver  on  our  mission  through… Cross  vendor  collaboration Thought  leadership  through  blogs,  webinars,  speaking Identity  Centric  Security  Framework: vendor-­agnostic  best  practices,  security  controls,  use  cases Customer  implementation  stories Virtual  community  for  sharing  experiences  and  validation IDENTITY  DEFINED  SECURITY  ALLIANCE
Confidential.  Copyright  ©  2018  Nanosec9 Steers  the  focus  away  from  single  point   defense  mechanisms  to  include  a  broader  set   of  identity  and  security  components   BENEFITS OF IMPROVING IDENTITY THROUGH SECURITY Delivers a fresh, balanced set of detective and preventive controls Enables organizations to tackle security with a more precise, identity-aware and identity-specific approach Leverages increasingly open and API- first tech stacks
Customer Advisory Board
Confidential.  Copyright  ©  2018  Nanosec11 IDENTITY DEFINED SECURITY ALLIANCE RESOURCES
Once  user  roles  and  entitlements  are   defined,  high  profile  users  should  require  a   level  of  assurance  of  authentication  to  match   the  value  of  the  protected  asset. IAM Best PracticePutting Identity-Centric Security to Work – IAM Best Practice (Sample)
IGA+PAM: Aggregation of Direct & Effective Privileged Access for each IdentityIntegrate Components: • Identity Governance + Privileged Account Management What Happens: • All privileged access provided by the PAM system is imported and maintained in the Identity Governance system Value to Organization: • Understand who has access to privileged accounts Putting Identity-Centric Security to Work – Security Controls
IGA+PAM: SoD Policy Enforcement across Privileged Accounts Integrate Components: • Identity Governance + Privileged Account Management Pre-requisite: • Aggregation of Direct & Effective Privileged Access for each Identity What Happens: • Toxic combinations of privileged access are reduced via detective and preventive controls Value to Organization: • Reduction in fraud and other access abuse scenarios Putting Identity-Centric Security to Work – Security Controls
IGA+PAM: Certification of Privileged Accounts Integrate Components: • Identity Governance + Privileged Account Management Pre-requisite: • Aggregation of Direct & Effective Privileged Access for each Identity What Happens: • Supervisors and/or application owners review and approve/deny privileged access for specific users and groups, either periodically or as driven by a life cycle event Value to Organization: • Continuous pruning of unnecessary privileged access, reducing the risk of privileged credential abuse Putting Identity-Centric Security to Work – Security Controls
IGA+SIEM/UEBA: Semi-automated Identity Governance for Incident Response Integrate Components: • Identity Governance + SIEM or UEBA What Happens: • Security incident involving a specific identity is routed to that identity’s supervisor for review and response Value to Organization: • Business context (e.g., supervisor’s knowledge of an employee’s situation) enables efficient incident response Putting Identity-Centric Security to Work – Security Controls
IGA+SIEM/UEBA: Automated Identity Governance for Incident Response Integrate Components: • Identity Governance + SIEM or UEBA What Happens: • Security incident involving a specific identity automatically triggers entitlement suspension or dynamic re-certification Value to Organization: • Identity- and entitlement-specific control enables a proportional and targeted response to security incident Putting Identity-Centric Security to Work – Security Controls
HOW TO LEVERAGE THE IDSA
LEARN FROM YOUR PEERS Adobe Finds ZEN Using Identity-Centric Security “Working with the IDSA is a great opportunity to help drive innovation across the tech industry with vendors and solution providers alike. Adobe benefits through exposure to vendors, use cases and community best practices that help elevate and strengthen our identity and security teams.” Den Jones Director of Enterprise Security, Adobe
Resources https://www.idsalliance.org/ https://forum.idsalliance.org/
Confidential.  Copyright  ©  2018  Nanosec21 Thank  You!   For  more  information  please  contact: Vishwas Manral CEO  and  Founder VISHWAS@NANOSEC.IO

Recommandé

Zero Trust Enterprise Network at Adobe
Zero Trust Enterprise Network at AdobeZero Trust Enterprise Network at Adobe
Zero Trust Enterprise Network at AdobeVishwas Manral
 
Identity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyIdentity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyOkta-Inc
 
Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1Priyanka Aash
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
Zero Trust Networks
Zero Trust NetworksZero Trust Networks
Zero Trust NetworksPractical Code, LLC
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...Amazon Web Services
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASBKyle Watson
 

Recommandé

Zero Trust Enterprise Network at Adobe
Zero Trust Enterprise Network at AdobeZero Trust Enterprise Network at Adobe
Zero Trust Enterprise Network at AdobeVishwas Manral
 
Identity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyIdentity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyOkta-Inc
 
Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1Priyanka Aash
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
Zero Trust Networks
Zero Trust NetworksZero Trust Networks
Zero Trust NetworksPractical Code, LLC
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...Amazon Web Services
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASBKyle Watson
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? Digital Transformation EXPO Event Series
 
CSA SV Threat detection and prediction
CSA SV Threat detection and predictionCSA SV Threat detection and prediction
CSA SV Threat detection and predictionVishwas Manral
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero TrustOkta-Inc
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessHow Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessIvan Dwyer
 
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019Advanced Technology Consulting (ATC)
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David RossGraeme Wood
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At CompliancePing Identity
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldKatherine Cola
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Bitglass
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensBitglass
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Okta Digital Enterprise Report
Okta Digital Enterprise ReportOkta Digital Enterprise Report
Okta Digital Enterprise ReportOkta-Inc
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020Guido Marchetti
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security PlaybookIntel IT Center
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingCloudSecurityAllianceAustralia
 
Enabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TICEnabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TICAmazon Web Services
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Bitglass
 
Cybersecurity Leadership Forum - Cincinnati
Cybersecurity Leadership Forum - CincinnatiCybersecurity Leadership Forum - Cincinnati
Cybersecurity Leadership Forum - CincinnatiIdentity Defined Security Alliance
 
March Boston Cloud Security Alliance Meetup
March Boston Cloud Security Alliance MeetupMarch Boston Cloud Security Alliance Meetup
March Boston Cloud Security Alliance MeetupIdentity Defined Security Alliance
 

Contenu connexe

Tendances

CSA SV Threat detection and prediction
CSA SV Threat detection and predictionCSA SV Threat detection and prediction
CSA SV Threat detection and predictionVishwas Manral
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero TrustOkta-Inc
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessHow Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessIvan Dwyer
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David RossGraeme Wood
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At CompliancePing Identity
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldKatherine Cola
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Bitglass
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensBitglass
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Okta Digital Enterprise Report
Okta Digital Enterprise ReportOkta Digital Enterprise Report
Okta Digital Enterprise ReportOkta-Inc
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security PlaybookIntel IT Center
 
Enabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TICEnabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TICAmazon Web Services
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Bitglass
 

Tendances (20)

CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption?
 
CSA SV Threat detection and prediction
CSA SV Threat detection and predictionCSA SV Threat detection and prediction
CSA SV Threat detection and prediction
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessHow Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & Access
 
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud World
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
 
Okta Digital Enterprise Report
Okta Digital Enterprise ReportOkta Digital Enterprise Report
Okta Digital Enterprise Report
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust Model
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security Playbook
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud Computing
 
Enabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TICEnabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TIC
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
 

Similaire à IDSA Overview at CSA SV

Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Core Security
 
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceBigML, Inc
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementAleksey Lukatskiy
 
IAM and cybersecurity - June 15
IAM and cybersecurity - June 15IAM and cybersecurity - June 15
IAM and cybersecurity - June 15Capgemini
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxArchana833240
 
Secure Identity: The Future is Now
Secure Identity: The Future is NowSecure Identity: The Future is Now
Secure Identity: The Future is NowLane Billings
 
Security in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualSecurity in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualVMware Tanzu
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAMWSO2
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThreatConnect
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.Chinatu Uzuegbu
 
WatchGuard Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptxWatchGuard Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptxRachatrinTongrungroj1
 
Deploying FIDO Authentication - Business Considerations
Deploying FIDO Authentication - Business ConsiderationsDeploying FIDO Authentication - Business Considerations
Deploying FIDO Authentication - Business ConsiderationsFIDO Alliance
 

Similaire à IDSA Overview at CSA SV (20)

Cybersecurity Leadership Forum - Cincinnati
Cybersecurity Leadership Forum - CincinnatiCybersecurity Leadership Forum - Cincinnati
Cybersecurity Leadership Forum - Cincinnati
 
March Boston Cloud Security Alliance Meetup
March Boston Cloud Security Alliance MeetupMarch Boston Cloud Security Alliance Meetup
March Boston Cloud Security Alliance Meetup
 
Denver ISSA Chapter Meetings - Changing the Security Paradigm
Denver ISSA Chapter Meetings - Changing the Security ParadigmDenver ISSA Chapter Meetings - Changing the Security Paradigm
Denver ISSA Chapter Meetings - Changing the Security Paradigm
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
 
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness Measurement
 
IAM and cybersecurity - June 15
IAM and cybersecurity - June 15IAM and cybersecurity - June 15
IAM and cybersecurity - June 15
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick Harding
 
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
 
Secure Identity: The Future is Now
Secure Identity: The Future is NowSecure Identity: The Future is Now
Secure Identity: The Future is Now
 
Security in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualSecurity in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty Mutual
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence Webinar
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.
 
IAM Solution
IAM SolutionIAM Solution
IAM Solution
 
Security and Data Breach
Security and Data BreachSecurity and Data Breach
Security and Data Breach
 
WatchGuard Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptxWatchGuard Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptx
 
Deploying FIDO Authentication - Business Considerations
Deploying FIDO Authentication - Business ConsiderationsDeploying FIDO Authentication - Business Considerations
Deploying FIDO Authentication - Business Considerations
 

Dernier

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

Dernier (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

IDSA Overview at CSA SV

  • 1. Confidential.  Copyright  ©  2018  Nanosec1 Zero  Trust  and  Identity  in  the  Enterprise Co-­organized  by   5/  14/  2019
  • 2. Copyright  ©  2018  Nanosec2 Agenda  Details   6:00PM to 6:25PM: Registration 6:25PM to 7:00PM: A Changing Paradigm: What Happens When You Put Identity at the Center of Security? -> Joe Gottlieb, Executive Advisory Board, Identity Defined Security Alliance and SVP Strategy and BD, SailPoint 7:00PM to 7:10PM: Q&A 7:10PM to 7:45PM: Adobe's Zero Trust Enterprise Network (ZEN) and the Role of Identity -> Den Jones, Director Enterprise Security, Adobe Event  WiFi SSID:  HD-­Events   Password:  f83l7b SSID:  HD-­Guest Password:  hackerdojo
  • 3.
  • 4. Confidential.  Copyright  ©  2018  Nanosec4 ENTERPRISE CHALLENGES Cybersecurity  is  relentlessly,  cumulatively  challenging Compromised identities are still the leading cause of breaches – “The exploitation of usernames and passwords by nefarious actors continues to be a ripe target…” ITRC 2018 End-of-Year Data Breach Report Single vendor approaches are not working
  • 5. EVOLUTION OF IDENTITY AND ITS IMPACT Employees Perimeter Employees and Partners Consumers Perimeter-less Federation Cloud / SaaS Things Perimeter-less Federation Cloud / SaaS Mobility Relationships Attributes Context Stateless IT EFFICIENCY IT COMPLIANCE SECURITY API AI API BUSINESS AGILITY UX Perimeter Federation Source: Optiv
  • 6. Confidential.  Copyright  ©  2018  Nanosec6 Identity  is a  critical  cybersecurity  technology   FOUNDATION FOR A NEW APPROACH Cybersecurity technologies must fundamentally work together if they are to achieve meaningful effectiveness Every business transaction, attack surface or target involves a credential and a service or piece of data Given the cumulative investment in security, each new investment is increasingly measured for its ability to make the whole more effective
  • 7. GOAL: Become an independent source of education and information on identity-centric security strategies. MISSION: The Identity Defined Security Alliance is a non-profit organization that facilitates community collaboration to develop a framework and practical guidance that helps organizations put identity at the center of their security strategy.
  • 8. Confidential.  Copyright  ©  2018  Nanosec8 Deliver  on  our  mission  through… Cross  vendor  collaboration Thought  leadership  through  blogs,  webinars,  speaking Identity  Centric  Security  Framework: vendor-­agnostic  best  practices,  security  controls,  use  cases Customer  implementation  stories Virtual  community  for  sharing  experiences  and  validation IDENTITY  DEFINED  SECURITY  ALLIANCE
  • 9. Confidential.  Copyright  ©  2018  Nanosec9 Steers  the  focus  away  from  single  point   defense  mechanisms  to  include  a  broader  set   of  identity  and  security  components   BENEFITS OF IMPROVING IDENTITY THROUGH SECURITY Delivers a fresh, balanced set of detective and preventive controls Enables organizations to tackle security with a more precise, identity-aware and identity-specific approach Leverages increasingly open and API- first tech stacks
  • 11. Confidential.  Copyright  ©  2018  Nanosec11 IDENTITY DEFINED SECURITY ALLIANCE RESOURCES
  • 12. Once  user  roles  and  entitlements  are   defined,  high  profile  users  should  require  a   level  of  assurance  of  authentication  to  match   the  value  of  the  protected  asset. IAM Best PracticePutting Identity-Centric Security to Work – IAM Best Practice (Sample)
  • 13. IGA+PAM: Aggregation of Direct & Effective Privileged Access for each IdentityIntegrate Components: • Identity Governance + Privileged Account Management What Happens: • All privileged access provided by the PAM system is imported and maintained in the Identity Governance system Value to Organization: • Understand who has access to privileged accounts Putting Identity-Centric Security to Work – Security Controls
  • 14. IGA+PAM: SoD Policy Enforcement across Privileged Accounts Integrate Components: • Identity Governance + Privileged Account Management Pre-requisite: • Aggregation of Direct & Effective Privileged Access for each Identity What Happens: • Toxic combinations of privileged access are reduced via detective and preventive controls Value to Organization: • Reduction in fraud and other access abuse scenarios Putting Identity-Centric Security to Work – Security Controls
  • 15. IGA+PAM: Certification of Privileged Accounts Integrate Components: • Identity Governance + Privileged Account Management Pre-requisite: • Aggregation of Direct & Effective Privileged Access for each Identity What Happens: • Supervisors and/or application owners review and approve/deny privileged access for specific users and groups, either periodically or as driven by a life cycle event Value to Organization: • Continuous pruning of unnecessary privileged access, reducing the risk of privileged credential abuse Putting Identity-Centric Security to Work – Security Controls
  • 16. IGA+SIEM/UEBA: Semi-automated Identity Governance for Incident Response Integrate Components: • Identity Governance + SIEM or UEBA What Happens: • Security incident involving a specific identity is routed to that identity’s supervisor for review and response Value to Organization: • Business context (e.g., supervisor’s knowledge of an employee’s situation) enables efficient incident response Putting Identity-Centric Security to Work – Security Controls
  • 17. IGA+SIEM/UEBA: Automated Identity Governance for Incident Response Integrate Components: • Identity Governance + SIEM or UEBA What Happens: • Security incident involving a specific identity automatically triggers entitlement suspension or dynamic re-certification Value to Organization: • Identity- and entitlement-specific control enables a proportional and targeted response to security incident Putting Identity-Centric Security to Work – Security Controls
  • 19. LEARN FROM YOUR PEERS Adobe Finds ZEN Using Identity-Centric Security “Working with the IDSA is a great opportunity to help drive innovation across the tech industry with vendors and solution providers alike. Adobe benefits through exposure to vendors, use cases and community best practices that help elevate and strengthen our identity and security teams.” Den Jones Director of Enterprise Security, Adobe
  • 21. Confidential.  Copyright  ©  2018  Nanosec21 Thank  You!   For  more  information  please  contact: Vishwas Manral CEO  and  Founder VISHWAS@NANOSEC.IO