In today's world data security is a top priority for many businesses, and your's should be no different. Join our expert Mal Toner, and learn more about what you can do to protect your organisation from increasing cyber security threats.
5. novosco.com
How Industrial Hackers Make Money
Social Security
$1
Medical
Record
>$50
DDOS
as a Service
~$7/hour
WELCOME TO THE HACKERS’ ECONOMY
DDoS
Credit
Card Data
$0.25-$60
Bank Account Info
>$1000
depending on account
type and balance
$
Exploits
$1000-$300K
Facebook Account
$1 for an account with
15 friends
Spam
$50/500K emails
Malware
Development
$2500
(commercial malware)
Global
Cybercrime
Market:
$450B-$1T
Mobile Malware
$150
6. novosco.com
Shadow IT
While you’re developing your cloud
strategy…..
Your users are implementing theirs.
~200+ unauthorised apps in use at
enterprises
7. novosco.com
Why is cloud different?
Deperimeterisation
Potentially access to data from anywhere
Shared access to resources
Issues with DDoS for example
Loss of control to third parties – CSPs
Legal and contractual matters
More complex compliance issues
GDPR is coming
8. novosco.com
Cloud security
You may have outsourced your data to the public cloud…..
But you haven’t outsourced your security responsibility.
9. novosco.com
Cloud security responsibilities
It’s always your data
You manage endpoints
and clients
It’s still your responsibility,
make sure you ask your
cloud provider the hard
questions about how they
secure and manage their
infrastructure.
10. novosco.com
A security model for today
Network Endpoint Mobile Virtual Cloud
DURING
Detect
Block
Alert
AFTER
Analyse
Inform
Remediate
BEFORE
Discover
Educate
Protect
11. novosco.com
Before an Attack
What do you need to protect?
Where is it and how critical is the data?
Do users understand data security?
Would they be able to spot a security breach?
How will you deploy technical
measures to protect the data?
Is data securely backed up?
Discover
Educate
Protect
12. novosco.com
Security EventsDo You Currently Monitor
account lockout events
failed administrator auth events
filesystem full events
filesystem nearing full events
reboot events
shutdown events
audit trail cleared events
account privileges modification events
time sync error events
network traffic anomaly events
audit system error events
brute force authentication attempt events
configuration change events
security audit trail cleared events
13. novosco.com
During an Attack
How will you know your cloud services
are under attack? (100 day average breach detection)
Detect
Use your security countermeasures
to stop the attack.
Block
Ensure relevant personnel
(including third parties) are aware.
Alert
15. novosco.com
After an attack
Assess the scale of the attack and
prevent further spread of the problem
Analyse
How will you prevent this type of
incident in the future?
Remediate
Inform regulatory authorities and the public
where necessary following your process
Inform
16. novosco.com
Compliance – changing landscape
Are you ready for GDPR?
Can you confirm data is confined to UK or EU data centres?
How do you ensure full erasure of data at contract end?
How robust is your CSP’s backup strategy?
Availability – CSP susceptibility to DDoS etc
18. novosco.com
Before an attack happens
Discover all cloud apps in use
Including shadow IT
Put in place appropriate protection
Authentication
Encryption
Data backup – and recovery strategy
Patching and updating apps
Intrusion detection/prevention etc
Monitor
Review all defences regularly
19. novosco.com
Assume you will be hacked
Incident response team ready?
Up to €10m fine if breach not reported in 72 hours
Forensic analysis in place?
Root cause and remediation required
User education
Do your users know what to do if they spot a security problem?
20. novosco.com
Conclusions
Security best practice in cloud:
Same but different!
Basic principles apply but with variations
Need to consider that you will be breached
Prevention is not enough
Design cloud-centric responses to age-old security problems