SlideShare uma empresa Scribd logo
1 de 16
Baixar para ler offline
How  SGN  Used  Attack  Path  Mapping  to  Control  
Privileged  Access  in  the  Cloud
Mo  Ahddoud
SCT15S
SECURITY
Chief  Information  Security  Officer
SGN
2 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS
©  2017  CA.  All  rights  reserved.  All  trademarks  referenced  herein  belong  to  their  respective  companies.
The  content  provided  in  this CA  World  2017  presentation  is  intended  for  informational  purposes  only  and  does  not  form  any  type  
of  warranty. The information  provided  by  a  CA  partner  and/or  CA  customer  has  not  been  reviewed  for  accuracy  by  CA.  
For  Informational  Purposes  Only  
Terms  of  This  Presentation
3 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS
Abstract
As  one  of  the  most  forward  thinking  critical  infrastructure  companies  in  the  UK,  SGN  is  
blazing  a  trail  by  becoming  the  first  UK  critical  infrastructure  company  to  run  100%  in  the  
cloud  and  using  innovative  IoT  technologies  to  revolutionize  the  management  of  gas  
pipelines.  To  manage  the  risk,  SGN  embarked  on  a  mission  to  shape  the  attack  path  of  
intruders.  In  this  session,  Mo  Ahddoud,  CISO  at  SGN  will  share  how  he  used  a  
technique  called  attack  path  mapping  to  put  privileged  access  at  the  center  of  SGN's  
digital  transformation.
Mo
Ahddoud
SGN
CISO
Mo	
  Ahddoud,	
  CISO
HOW	
  CA	
  PRIVILEGED	
  ACCESS	
  
(CA	
  PAM)	
  HELPED	
  SGN	
  	
  
SECURELY	
  ADOPT	
  AWS	
  
5
Who	
  Are	
  SGN?
• 5.0bn RAV	
  (March	
  2016)
• 74,000km network	
  length
• 5.9million customers
• c4500 FTEs	
  employees
• 1.1bn revenues	
  (2015/16)
• 15,907 new	
  connections	
  2015/16
• 139TWh energy	
  distributed	
  
• 960km pipes	
  replaced	
  in 2015/16
6
Digital	
  Transformation	
  
Change -­‐ a	
  measurable,	
  
physical	
  difference.	
  	
  	
  
Transformation – an	
  extreme	
  radical,	
  change	
  that	
  
drives	
  an	
  organisation	
  in	
  a	
  new	
  direction	
  and	
  takes	
  
it	
  to	
  an	
  entirely	
  different	
  functional	
  level.	
  	
  
• Internet	
  of	
  Things
• Customer	
  Experience
• Digital	
  Workforce	
  
• Cloud	
  First	
  
TRANSFORMING
THE	
  WAY	
  THE	
  BUSINESS	
  OPERATES	
  
8
Our	
  Business	
  Strategy	
  
• Reduced	
  totex
• Increased	
  agility	
  
• Resilience	
  availability
• New	
  innovation	
  	
  
• Improved	
  Security	
  	
  
Devolution	
  of	
  IT	
  
TAKE  “IT”  OFF  OF  THE  
CRITICAL  PATH
9
Supply	
  Chain
The	
  Cloud	
  Hopper	
  	
  
10
• Unpatched	
  systems
• Fragmented	
  solution
• Obsolete	
  technology	
  
• Convoluted	
  value	
  chain
Business	
  Complexity	
  
11
Attack	
  Path	
  Mapping	
  
• Prioritise	
  on	
  likely	
  attack	
  paths
• Ensure	
  you	
  can	
  detect
• Reduce	
  the	
  network	
  footprint
Internal	
  Phishing
Accessing
User	
  Mailbox
Accessing
Internal	
  Apps
Access
File	
  share
12
The	
  heart	
  of	
  our	
  security	
  strategy
Privileged	
  Access	
  Management	
  
Virtual  Datacentre  Build
Datacentre  
Security  
Testing
Cloud  
Monitoring
ServiceNow
PPM  and  Cloud  
Management
Cloud  Networking  
and  Security
Integration  &  API  
catalogue
Cloud  
Sign-­on
Application  Migration
Application    
Discovery  Due  
Diligence
Operational  Model Service  Transition  and  Support
Cloud  
Programme  
Management  
and  support
Delivery  
Framework  
Definition
Architecture  
Governance
Procurement  
and  
Commercials
Office  365  
Technical    
Migration
Office  365  
Business  
Migration
Automated  Testing
CA  Privileged
Access  Manager
13
• Ticket	
  Authorisation	
  
• Timebound	
  
• Remove	
  Passwords
• Audit	
  and	
  Verify
Protecting	
  Apps	
  and	
  Data
Amazon	
  Web	
  Services
14
• NCSC
• Lighthouse	
  partnership
Collaboration	
  &	
  Partnership	
  
15
Thank	
  You	
  for	
  Listening
_____
Any	
  Questions?
16 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS
Security
For  more  information  on  Security,
please  visit:  http://cainc.to/CAW17-­Security

Mais conteúdo relacionado

Mais procurados

Case Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCase Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCA Technologies
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...CA Technologies
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageCA Technologies
 
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...CA Technologies
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...CA Technologies
 
Blockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of DeploymentBlockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of DeploymentCA Technologies
 
Keynote: Announcing API and Microservice Innovations that Drive Business Agil...
Keynote: Announcing API and Microservice Innovations that Drive Business Agil...Keynote: Announcing API and Microservice Innovations that Drive Business Agil...
Keynote: Announcing API and Microservice Innovations that Drive Business Agil...CA Technologies
 
Case Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCase Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCA Technologies
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachCA Technologies
 
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...CA API Management
 
Webinar: What's New In FlexNet Manager Suite 2018 R1
Webinar: What's New In FlexNet Manager Suite 2018 R1Webinar: What's New In FlexNet Manager Suite 2018 R1
Webinar: What's New In FlexNet Manager Suite 2018 R1Rana Zayed
 
"Why Micro Services adoption is crucial for SaaS companies?"
"Why Micro Services adoption is crucial for SaaS companies?""Why Micro Services adoption is crucial for SaaS companies?"
"Why Micro Services adoption is crucial for SaaS companies?"Vignesh Manivannan
 
Digical is the Imminent Reality
Digical is the Imminent RealityDigical is the Imminent Reality
Digical is the Imminent RealityCA Technologies
 
7 Things You Need to Know for Your Cloud-First Strategy
7 Things You Need to Know for Your Cloud-First Strategy7 Things You Need to Know for Your Cloud-First Strategy
7 Things You Need to Know for Your Cloud-First StrategyFlexera
 
Adopting Modern Application Architecture with AWS and Project Flogo (Sponsore...
Adopting Modern Application Architecture with AWS and Project Flogo (Sponsore...Adopting Modern Application Architecture with AWS and Project Flogo (Sponsore...
Adopting Modern Application Architecture with AWS and Project Flogo (Sponsore...Amazon Web Services
 
The Practical Approach for End-to-End SaaS Management
The Practical Approach for End-to-End SaaS ManagementThe Practical Approach for End-to-End SaaS Management
The Practical Approach for End-to-End SaaS ManagementFlexera
 
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...CA Technologies
 
Hyper-connected apps: Hyper-Connected Apps: Testing Peripherals and Mobile Ap...
Hyper-connected apps: Hyper-Connected Apps: Testing Peripherals and Mobile Ap...Hyper-connected apps: Hyper-Connected Apps: Testing Peripherals and Mobile Ap...
Hyper-connected apps: Hyper-Connected Apps: Testing Peripherals and Mobile Ap...Infostretch
 

Mais procurados (19)

Case Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCase Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on Time
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive Advantage
 
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
 
Blockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of DeploymentBlockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of Deployment
 
Keynote: Announcing API and Microservice Innovations that Drive Business Agil...
Keynote: Announcing API and Microservice Innovations that Drive Business Agil...Keynote: Announcing API and Microservice Innovations that Drive Business Agil...
Keynote: Announcing API and Microservice Innovations that Drive Business Agil...
 
Building Digital Trust
   Building Digital Trust   Building Digital Trust
Building Digital Trust
 
Case Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCase Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital Government
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
 
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
 
Webinar: What's New In FlexNet Manager Suite 2018 R1
Webinar: What's New In FlexNet Manager Suite 2018 R1Webinar: What's New In FlexNet Manager Suite 2018 R1
Webinar: What's New In FlexNet Manager Suite 2018 R1
 
"Why Micro Services adoption is crucial for SaaS companies?"
"Why Micro Services adoption is crucial for SaaS companies?""Why Micro Services adoption is crucial for SaaS companies?"
"Why Micro Services adoption is crucial for SaaS companies?"
 
Digical is the Imminent Reality
Digical is the Imminent RealityDigical is the Imminent Reality
Digical is the Imminent Reality
 
7 Things You Need to Know for Your Cloud-First Strategy
7 Things You Need to Know for Your Cloud-First Strategy7 Things You Need to Know for Your Cloud-First Strategy
7 Things You Need to Know for Your Cloud-First Strategy
 
Adopting Modern Application Architecture with AWS and Project Flogo (Sponsore...
Adopting Modern Application Architecture with AWS and Project Flogo (Sponsore...Adopting Modern Application Architecture with AWS and Project Flogo (Sponsore...
Adopting Modern Application Architecture with AWS and Project Flogo (Sponsore...
 
The Practical Approach for End-to-End SaaS Management
The Practical Approach for End-to-End SaaS ManagementThe Practical Approach for End-to-End SaaS Management
The Practical Approach for End-to-End SaaS Management
 
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...
 
Hyper-connected apps: Hyper-Connected Apps: Testing Peripherals and Mobile Ap...
Hyper-connected apps: Hyper-Connected Apps: Testing Peripherals and Mobile Ap...Hyper-connected apps: Hyper-Connected Apps: Testing Peripherals and Mobile Ap...
Hyper-connected apps: Hyper-Connected Apps: Testing Peripherals and Mobile Ap...
 

Semelhante a Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in the Cloud

Security: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudSecurity: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudCapgemini
 
The Trouble with Saas and Hybrid Cloud
The Trouble with Saas and Hybrid CloudThe Trouble with Saas and Hybrid Cloud
The Trouble with Saas and Hybrid CloudNovosco
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloudpatmisasi
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudNETSCOUT
 
Extending the partnership to the cloud
Extending the partnership to the cloudExtending the partnership to the cloud
Extending the partnership to the cloudCapgemini
 
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...Amazon Web Services
 
Aurea Enterprise Road map (cloud, microservies etc) - Aurea & Helmes Nordic S...
Aurea Enterprise Road map (cloud, microservies etc) - Aurea & Helmes Nordic S...Aurea Enterprise Road map (cloud, microservies etc) - Aurea & Helmes Nordic S...
Aurea Enterprise Road map (cloud, microservies etc) - Aurea & Helmes Nordic S...Alen Leit
 
Extending the Partnership to the Cloud
Extending the Partnership to the CloudExtending the Partnership to the Cloud
Extending the Partnership to the CloudBMC Software
 
Visibility and Automation for Enhanced Security
Visibility and Automation for Enhanced SecurityVisibility and Automation for Enhanced Security
Visibility and Automation for Enhanced Securitypatmisasi
 
Journey to the Cloud
Journey to the CloudJourney to the Cloud
Journey to the CloudPete Nieminen
 
AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...
AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...
AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...Amazon Web Services
 
Cw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerCw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerinevitablecloud
 
Migrating to Cloud – A Journey of Excellence
Migrating to Cloud – A Journey of ExcellenceMigrating to Cloud – A Journey of Excellence
Migrating to Cloud – A Journey of ExcellenceAhmed Aamer
 
Defining a Cloud Adoption Journey to Deliver Cloud Native Services
Defining a Cloud Adoption Journey to Deliver Cloud Native ServicesDefining a Cloud Adoption Journey to Deliver Cloud Native Services
Defining a Cloud Adoption Journey to Deliver Cloud Native ServicesAmazon Web Services
 
Unlocking the Cloud Operating Model: Networking in Multi-Cloud
Unlocking the Cloud Operating Model: Networking in Multi-CloudUnlocking the Cloud Operating Model: Networking in Multi-Cloud
Unlocking the Cloud Operating Model: Networking in Multi-CloudMitchell Pronschinske
 
Serverless service adoption for Thailand
Serverless service adoption for ThailandServerless service adoption for Thailand
Serverless service adoption for ThailandWatcharin Yang-Ngam
 
Skip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSSkip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSTrend Micro
 

Semelhante a Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in the Cloud (20)

Orange Data Centre and Cloud
Orange Data Centre and CloudOrange Data Centre and Cloud
Orange Data Centre and Cloud
 
Security: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudSecurity: Enabling the Journey to the Cloud
Security: Enabling the Journey to the Cloud
 
The Trouble with Saas and Hybrid Cloud
The Trouble with Saas and Hybrid CloudThe Trouble with Saas and Hybrid Cloud
The Trouble with Saas and Hybrid Cloud
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloud
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the Cloud
 
Extending the partnership to the cloud
Extending the partnership to the cloudExtending the partnership to the cloud
Extending the partnership to the cloud
 
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
IT-as-a-Service: Ushering the New Era of Service Aware Cloud - Session Sponso...
 
Aurea Enterprise Road map (cloud, microservies etc) - Aurea & Helmes Nordic S...
Aurea Enterprise Road map (cloud, microservies etc) - Aurea & Helmes Nordic S...Aurea Enterprise Road map (cloud, microservies etc) - Aurea & Helmes Nordic S...
Aurea Enterprise Road map (cloud, microservies etc) - Aurea & Helmes Nordic S...
 
Extending the Partnership to the Cloud
Extending the Partnership to the CloudExtending the Partnership to the Cloud
Extending the Partnership to the Cloud
 
Visibility and Automation for Enhanced Security
Visibility and Automation for Enhanced SecurityVisibility and Automation for Enhanced Security
Visibility and Automation for Enhanced Security
 
Journey to the Cloud
Journey to the CloudJourney to the Cloud
Journey to the Cloud
 
AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...
AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...
AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...
 
Decoding Cloud for the Non-IT Executive
Decoding Cloud for the Non-IT ExecutiveDecoding Cloud for the Non-IT Executive
Decoding Cloud for the Non-IT Executive
 
Cw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerCw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamer
 
Migrating to Cloud – A Journey of Excellence
Migrating to Cloud – A Journey of ExcellenceMigrating to Cloud – A Journey of Excellence
Migrating to Cloud – A Journey of Excellence
 
Defining a Cloud Adoption Journey to Deliver Cloud Native Services
Defining a Cloud Adoption Journey to Deliver Cloud Native ServicesDefining a Cloud Adoption Journey to Deliver Cloud Native Services
Defining a Cloud Adoption Journey to Deliver Cloud Native Services
 
Unlocking the Cloud Operating Model: Networking in Multi-Cloud
Unlocking the Cloud Operating Model: Networking in Multi-CloudUnlocking the Cloud Operating Model: Networking in Multi-Cloud
Unlocking the Cloud Operating Model: Networking in Multi-Cloud
 
Serverless service adoption for Thailand
Serverless service adoption for ThailandServerless service adoption for Thailand
Serverless service adoption for Thailand
 
Skip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSSkip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWS
 

Mais de CA Technologies

CA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Technologies
 
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceMainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceCA Technologies
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...CA Technologies
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCA Technologies
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageCA Technologies
 
Establish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseEstablish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseCA Technologies
 
How Components Increase Speed and Risk
How Components Increase Speed and RiskHow Components Increase Speed and Risk
How Components Increase Speed and RiskCA Technologies
 
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...CA Technologies
 
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...CA Technologies
 
When You Test Matters: Why Testing Early in the SDLC is Important
When You Test Matters: Why Testing Early in the SDLC is ImportantWhen You Test Matters: Why Testing Early in the SDLC is Important
When You Test Matters: Why Testing Early in the SDLC is ImportantCA Technologies
 
Application Security in a DevOps World
Application Security in a DevOps WorldApplication Security in a DevOps World
Application Security in a DevOps WorldCA Technologies
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCA Technologies
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...CA Technologies
 
Case Study: Continuous Delivery in a Tech Debt Laden World by Talk Talk.
Case Study: Continuous Delivery in a Tech Debt Laden World by Talk Talk.Case Study: Continuous Delivery in a Tech Debt Laden World by Talk Talk.
Case Study: Continuous Delivery in a Tech Debt Laden World by Talk Talk.CA Technologies
 
Case Study: United Airlines Transforms Release Management for Its Modern Soft...
Case Study: United Airlines Transforms Release Management for Its Modern Soft...Case Study: United Airlines Transforms Release Management for Its Modern Soft...
Case Study: United Airlines Transforms Release Management for Its Modern Soft...CA Technologies
 
Keynote: Unlock the Power of Continuous Delivery with End-to-End, Integrated ...
Keynote: Unlock the Power of Continuous Delivery with End-to-End, Integrated ...Keynote: Unlock the Power of Continuous Delivery with End-to-End, Integrated ...
Keynote: Unlock the Power of Continuous Delivery with End-to-End, Integrated ...CA Technologies
 
Industry Keynote: Redefine Operations in a DevOps World—The New Role for Site...
Industry Keynote: Redefine Operations in a DevOps World—The New Role for Site...Industry Keynote: Redefine Operations in a DevOps World—The New Role for Site...
Industry Keynote: Redefine Operations in a DevOps World—The New Role for Site...CA Technologies
 

Mais de CA Technologies (17)

CA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Mainframe Resource Intelligence
CA Mainframe Resource Intelligence
 
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceMainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software Development
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive Advantage
 
Establish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseEstablish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital Enterprise
 
How Components Increase Speed and Risk
How Components Increase Speed and RiskHow Components Increase Speed and Risk
How Components Increase Speed and Risk
 
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
 
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
 
When You Test Matters: Why Testing Early in the SDLC is Important
When You Test Matters: Why Testing Early in the SDLC is ImportantWhen You Test Matters: Why Testing Early in the SDLC is Important
When You Test Matters: Why Testing Early in the SDLC is Important
 
Application Security in a DevOps World
Application Security in a DevOps WorldApplication Security in a DevOps World
Application Security in a DevOps World
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software Development
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
 
Case Study: Continuous Delivery in a Tech Debt Laden World by Talk Talk.
Case Study: Continuous Delivery in a Tech Debt Laden World by Talk Talk.Case Study: Continuous Delivery in a Tech Debt Laden World by Talk Talk.
Case Study: Continuous Delivery in a Tech Debt Laden World by Talk Talk.
 
Case Study: United Airlines Transforms Release Management for Its Modern Soft...
Case Study: United Airlines Transforms Release Management for Its Modern Soft...Case Study: United Airlines Transforms Release Management for Its Modern Soft...
Case Study: United Airlines Transforms Release Management for Its Modern Soft...
 
Keynote: Unlock the Power of Continuous Delivery with End-to-End, Integrated ...
Keynote: Unlock the Power of Continuous Delivery with End-to-End, Integrated ...Keynote: Unlock the Power of Continuous Delivery with End-to-End, Integrated ...
Keynote: Unlock the Power of Continuous Delivery with End-to-End, Integrated ...
 
Industry Keynote: Redefine Operations in a DevOps World—The New Role for Site...
Industry Keynote: Redefine Operations in a DevOps World—The New Role for Site...Industry Keynote: Redefine Operations in a DevOps World—The New Role for Site...
Industry Keynote: Redefine Operations in a DevOps World—The New Role for Site...
 

Último

Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 

Último (20)

Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 

Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in the Cloud

  • 1. How  SGN  Used  Attack  Path  Mapping  to  Control   Privileged  Access  in  the  Cloud Mo  Ahddoud SCT15S SECURITY Chief  Information  Security  Officer SGN
  • 2. 2 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS ©  2017  CA.  All  rights  reserved.  All  trademarks  referenced  herein  belong  to  their  respective  companies. The  content  provided  in  this CA  World  2017  presentation  is  intended  for  informational  purposes  only  and  does  not  form  any  type   of  warranty. The information  provided  by  a  CA  partner  and/or  CA  customer  has  not  been  reviewed  for  accuracy  by  CA.   For  Informational  Purposes  Only   Terms  of  This  Presentation
  • 3. 3 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS Abstract As  one  of  the  most  forward  thinking  critical  infrastructure  companies  in  the  UK,  SGN  is   blazing  a  trail  by  becoming  the  first  UK  critical  infrastructure  company  to  run  100%  in  the   cloud  and  using  innovative  IoT  technologies  to  revolutionize  the  management  of  gas   pipelines.  To  manage  the  risk,  SGN  embarked  on  a  mission  to  shape  the  attack  path  of   intruders.  In  this  session,  Mo  Ahddoud,  CISO  at  SGN  will  share  how  he  used  a   technique  called  attack  path  mapping  to  put  privileged  access  at  the  center  of  SGN's   digital  transformation. Mo Ahddoud SGN CISO
  • 4. Mo  Ahddoud,  CISO HOW  CA  PRIVILEGED  ACCESS   (CA  PAM)  HELPED  SGN     SECURELY  ADOPT  AWS  
  • 5. 5 Who  Are  SGN? • 5.0bn RAV  (March  2016) • 74,000km network  length • 5.9million customers • c4500 FTEs  employees • 1.1bn revenues  (2015/16) • 15,907 new  connections  2015/16 • 139TWh energy  distributed   • 960km pipes  replaced  in 2015/16
  • 6. 6 Digital  Transformation   Change -­‐ a  measurable,   physical  difference.       Transformation – an  extreme  radical,  change  that   drives  an  organisation  in  a  new  direction  and  takes   it  to  an  entirely  different  functional  level.     • Internet  of  Things • Customer  Experience • Digital  Workforce   • Cloud  First  
  • 7. TRANSFORMING THE  WAY  THE  BUSINESS  OPERATES  
  • 8. 8 Our  Business  Strategy   • Reduced  totex • Increased  agility   • Resilience  availability • New  innovation     • Improved  Security     Devolution  of  IT   TAKE  “IT”  OFF  OF  THE   CRITICAL  PATH
  • 10. 10 • Unpatched  systems • Fragmented  solution • Obsolete  technology   • Convoluted  value  chain Business  Complexity  
  • 11. 11 Attack  Path  Mapping   • Prioritise  on  likely  attack  paths • Ensure  you  can  detect • Reduce  the  network  footprint Internal  Phishing Accessing User  Mailbox Accessing Internal  Apps Access File  share
  • 12. 12 The  heart  of  our  security  strategy Privileged  Access  Management   Virtual  Datacentre  Build Datacentre   Security   Testing Cloud   Monitoring ServiceNow PPM  and  Cloud   Management Cloud  Networking   and  Security Integration  &  API   catalogue Cloud   Sign-­on Application  Migration Application     Discovery  Due   Diligence Operational  Model Service  Transition  and  Support Cloud   Programme   Management   and  support Delivery   Framework   Definition Architecture   Governance Procurement   and   Commercials Office  365   Technical     Migration Office  365   Business   Migration Automated  Testing CA  Privileged Access  Manager
  • 13. 13 • Ticket  Authorisation   • Timebound   • Remove  Passwords • Audit  and  Verify Protecting  Apps  and  Data Amazon  Web  Services
  • 14. 14 • NCSC • Lighthouse  partnership Collaboration  &  Partnership  
  • 15. 15 Thank  You  for  Listening _____ Any  Questions?
  • 16. 16 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS Security For  more  information  on  Security, please  visit:  http://cainc.to/CAW17-­Security