SlideShare uma empresa Scribd logo
1 de 19
Baixar para ler offline
Securing the Cloud
Glenn Solomon
Feb 2016
• 1 team in the US and China
• $2.6 billion under management
• 6 funds | 150+ investments
• 15 years | 27 IPOs
GLEN N SOLOMON
• Managing Partner
• 10 years at GGV Capital
• Enterprise, SaaS, Cloud, Security, Mobile
• goinglongblog.com | @glennsolomon
Cybercrime is a Growth Industry
Source: 2015 Verizon DBIR Report; ITRC ; HP 2015 Cost of Cyber Crime Study; The Global State of Information Security Survey 2015; McAfee Net Losses –
Estimating the Cost of Cybercrime
42.8M
Security
Incidents
5,810
Confirmed
Data Breaches
61
Countries
$445B
Annual Cost
to the Global
Economy
Data Breaches by the Numbers
Data Records Lost or Stolen in 2014
2,803,306 records lost or stolen every day
116,793 records every hour
1,947 records every minute
32 records every second
Source: SafeNet – The Art of Data Protection, Feb 2015
Only 4% of breaches were “Secure
Breaches” where encryption was used
and the stolen data was rendered
useless
Data Breaches are across all Industries
Source: WSJ
Hackers & Their Weapons
Participants
Hackers
Hacktivists
Criminal Organizations
Commercial Vendors
State Sponsored Terror Groups
Available to Purchase
Hacking Tools
Zero-day Exploits
Credit Card Data
eCommerce/Social-
Media Credentials
Key Participants
Eastern Europe
Russia
China
US
Latin America
Source: RAND National Security Research Division
The Cybersecurity Landscape is Vast
Source: Momentum Partners
Common Threats & Victims
Identity Theft Phishing Social Engineering Cyber AttackCyber Extortion
When you protect your company, you need to focus on all possible weaknesses.
Hackers only need to find one way in…
The Corporate Challenge
Source: 2015 Verizon DBIR Report; BTIG Security Report – Attack of the Clones
Cloud-based
Applications
Social
Networking
Virtualization BYOD
83 million software
applications today;
141 million by 2017
Stolen or weak
credentials involved in
76% of cyber attacks
14% of attacks or
exploits are on cloud
services, applications,
or storage systems
Mobile security
breaches have
affected 65% of global
organizations in
the last 12 months
The Next Generation of Cyber Security
Source: BTIG Security Report – Attack of the Clones
Legacy Security Companies Next Generation Equivalent
Firewall/Intrusion Prevention System Next Generation Network Security
Antivirus Next Generation Endpoint/Malicious Detection
Web Gateway/URL Filtering Cloud Security & Data Protection
Authentication, Authorization &
Accounting
Identity & Access Management – The New Perimeter
Secure Event Management Security Intelligence & Analytics
Data Security Data Security, Discovery, Clarification, Control & Intel
Data Loss Prevention Inside Threat Protection
Governance, Risk Management &
Compliance
Compliance Automation and Data Governance
New Threat Vectors
Source: Immuniweb, Symantec Internet Security Threat Report 2015; Crowd Research Partners – Insider Threat Report
Social Media Protection
While email remains a
significant attack vector, 70% of
social media scams were
manually shared.
Advanced Persistent Threats
Zero-day exploits are almost impossible
to detect and will work 9 out of 10
cases because they have legal, financial
and banking industry experts,
psychologists, and even ex-law
enforcement officers behind them.
Insider Threats
Privileged users, such as managers with
access to sensitive information, pose the
biggest insider threat to organizations.
This is followed by contractors,
consultants, and regular employees.
Compromised account credentials, or
when someone’s account is hijacked, are
also a big part of this risk.
New Threat Vectors
Internet of Things
These hubs, switches, and
router are increasingly used to
target the network. They have
processing, storage, and
internet connectivity.
Mobile Security &
Protection
As more users rely on their
mobile devices, more spam,
scams, and threats are tailored
to these devices. Mobile
malware such as bootkits will
become harder to remove.
Critical Infrastructure
The most significant trend is the
use of malware to compromise
supervisory control and data
acquisition (SCADA) systems,
including Homeless
Management Information
System (HMIS), historians, and
other connected devices.
Source: Symantec Internet Security Threat Report 2015; Crowd Research Partners – Insider Threat Report
Approaches Over Time
1987-2009 2009-2014 2014 onward 2015 onward
Signatures Sandboxes Anomaly Detection Zero-Trust
APT
Attack Sophistication Level
Hammertoss, Black Energy, etc
Endpoint
Content
Network
Source: Based on Agari presentation material
Modern Security Challenges in the Cloud
Challenge: Corporate services are migrating to the cloud
Secure Application Access
Privileged Access
Management
Multi-Factor
Authentication
FirewallsNetwork Access Control SSO
Challenge: Dynamic workloads due to multi-tiered apps & virtualization, containers, micro-services, etc.
Protect Server to Server Interactions
Cloud Workload ManagementMachine Firewalls
Modern Security Challenges in the Cloud (cont)
Challenge: Employees on websites via HTTP and mail –some malicious
Securing Employee to Internet
Cloud Policy ManagementCloud Access Security Brokers SaaS Data Encryption
Challenge: Rapid development cycles leave little room for security checks
Web App Security
RASPsWAFs CDNs
Emerging Protection for Emerging Threats
Insider Threat Detection
Machine Learning to Spot Attacks
Industrial & Connected Device Security
Security Startups Raised $10.9B across 1074 Deals since 2010
Source: Momentum Partners, CB Insights
Additional Resources
Books Blogs
http://goinglongblog.com/
https://krebsonsecurity.com/
Q&A

Mais conteúdo relacionado

Mais procurados

Top 8 digital transformation trends shaping 2021
Top 8 digital transformation trends shaping 2021Top 8 digital transformation trends shaping 2021
Top 8 digital transformation trends shaping 2021run_frictionless
 
Digital Transformation & Cloud Profitability
Digital Transformation & Cloud ProfitabilityDigital Transformation & Cloud Profitability
Digital Transformation & Cloud ProfitabilityGui Carvalhal
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 
Digital transformation sweet spot: Business operations
Digital transformation sweet spot: Business operationsDigital transformation sweet spot: Business operations
Digital transformation sweet spot: Business operationsMarcel Santilli
 
Pathways to Profitability for the Communications Industry
Pathways to Profitability for the Communications IndustryPathways to Profitability for the Communications Industry
Pathways to Profitability for the Communications Industryaccenture
 
Reimagining the Agenda | Accenture
Reimagining the Agenda | AccentureReimagining the Agenda | Accenture
Reimagining the Agenda | Accentureaccenture
 
Zuora Sales Deck
Zuora Sales DeckZuora Sales Deck
Zuora Sales DeckRyan Gum
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Reinventing Enterprise Operations
Reinventing Enterprise OperationsReinventing Enterprise Operations
Reinventing Enterprise Operationsaccenture
 
Building Digital Strategy Roadmap For Digital Transformation Complete Deck
Building Digital Strategy Roadmap For Digital Transformation Complete DeckBuilding Digital Strategy Roadmap For Digital Transformation Complete Deck
Building Digital Strategy Roadmap For Digital Transformation Complete DeckSlideTeam
 
The Google Cloud Adoption Framework
The Google Cloud Adoption FrameworkThe Google Cloud Adoption Framework
The Google Cloud Adoption Frameworkrun_frictionless
 
Mastercard - NOAH18 Berlin
Mastercard - NOAH18 BerlinMastercard - NOAH18 Berlin
Mastercard - NOAH18 BerlinNOAH Advisors
 
Enterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use CasesEnterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use CasesWSO2
 
Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)a16z
 
Cloud-native Data Platform Transformation | Accenture
Cloud-native Data Platform Transformation | AccentureCloud-native Data Platform Transformation | Accenture
Cloud-native Data Platform Transformation | Accentureaccenture
 
Customer Driven Digital Transformation
Customer Driven Digital Transformation Customer Driven Digital Transformation
Customer Driven Digital Transformation cxpartners
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness TrainingDenis kisina
 

Mais procurados (20)

Top 8 digital transformation trends shaping 2021
Top 8 digital transformation trends shaping 2021Top 8 digital transformation trends shaping 2021
Top 8 digital transformation trends shaping 2021
 
Digital Transformation & Cloud Profitability
Digital Transformation & Cloud ProfitabilityDigital Transformation & Cloud Profitability
Digital Transformation & Cloud Profitability
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365
 
Digital transformation sweet spot: Business operations
Digital transformation sweet spot: Business operationsDigital transformation sweet spot: Business operations
Digital transformation sweet spot: Business operations
 
Data security
Data securityData security
Data security
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
 
Pathways to Profitability for the Communications Industry
Pathways to Profitability for the Communications IndustryPathways to Profitability for the Communications Industry
Pathways to Profitability for the Communications Industry
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
 
Reimagining the Agenda | Accenture
Reimagining the Agenda | AccentureReimagining the Agenda | Accenture
Reimagining the Agenda | Accenture
 
Zuora Sales Deck
Zuora Sales DeckZuora Sales Deck
Zuora Sales Deck
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Reinventing Enterprise Operations
Reinventing Enterprise OperationsReinventing Enterprise Operations
Reinventing Enterprise Operations
 
Building Digital Strategy Roadmap For Digital Transformation Complete Deck
Building Digital Strategy Roadmap For Digital Transformation Complete DeckBuilding Digital Strategy Roadmap For Digital Transformation Complete Deck
Building Digital Strategy Roadmap For Digital Transformation Complete Deck
 
The Google Cloud Adoption Framework
The Google Cloud Adoption FrameworkThe Google Cloud Adoption Framework
The Google Cloud Adoption Framework
 
Mastercard - NOAH18 Berlin
Mastercard - NOAH18 BerlinMastercard - NOAH18 Berlin
Mastercard - NOAH18 Berlin
 
Enterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use CasesEnterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use Cases
 
Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)
 
Cloud-native Data Platform Transformation | Accenture
Cloud-native Data Platform Transformation | AccentureCloud-native Data Platform Transformation | Accenture
Cloud-native Data Platform Transformation | Accenture
 
Customer Driven Digital Transformation
Customer Driven Digital Transformation Customer Driven Digital Transformation
Customer Driven Digital Transformation
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
 

Destaque

Rethinking Transformational Change
Rethinking Transformational ChangeRethinking Transformational Change
Rethinking Transformational ChangeJason Little
 
31+ Startup Tools, Both Online & Offline
31+ Startup Tools, Both Online & Offline31+ Startup Tools, Both Online & Offline
31+ Startup Tools, Both Online & OfflinePixc
 
TEDxSanFrancisco – Review
TEDxSanFrancisco – ReviewTEDxSanFrancisco – Review
TEDxSanFrancisco – ReviewNiki Skene
 
Net neutrality: The Basics
Net neutrality: The BasicsNet neutrality: The Basics
Net neutrality: The BasicsInterQuest Group
 
The Human Body in the IoT. Tim Cannon + Ryan O'Shea
The Human Body in the IoT. Tim Cannon + Ryan O'SheaThe Human Body in the IoT. Tim Cannon + Ryan O'Shea
The Human Body in the IoT. Tim Cannon + Ryan O'SheaFuture Insights
 
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...AdNerds
 
Business optimization | building your first million is easy
Business optimization | building your first million is easyBusiness optimization | building your first million is easy
Business optimization | building your first million is easySurjeet Singh
 
Innovation Enablers: Culture, Community & Code
Innovation Enablers: Culture, Community & Code Innovation Enablers: Culture, Community & Code
Innovation Enablers: Culture, Community & Code Angel Diaz
 
Kuala Lumpur CTO Summit - How to fire employees
Kuala Lumpur CTO Summit - How to fire employeesKuala Lumpur CTO Summit - How to fire employees
Kuala Lumpur CTO Summit - How to fire employeesEric Tachibana
 
ADP ReThink 2016: Evolution of Work
ADP ReThink 2016: Evolution of WorkADP ReThink 2016: Evolution of Work
ADP ReThink 2016: Evolution of WorkADP, LLC
 
Facebook et la présidentielle 2012
Facebook et la présidentielle 2012Facebook et la présidentielle 2012
Facebook et la présidentielle 2012Publicis Consultants
 
Enterprise 2.0 @ Sun Microsystems
Enterprise 2.0 @ Sun MicrosystemsEnterprise 2.0 @ Sun Microsystems
Enterprise 2.0 @ Sun MicrosystemsPeter H. Reiser
 
Vers une architecture de l'information
Vers une architecture de l'informationVers une architecture de l'information
Vers une architecture de l'informationAndrea Resmini
 
Infographic: Cloud Security Superhero
Infographic: Cloud Security SuperheroInfographic: Cloud Security Superhero
Infographic: Cloud Security SuperheroIBM Security
 
Offline is the new online - Le futur d'internet n'est plus derrière un écran
Offline is the new online - Le futur d'internet n'est plus derrière un écranOffline is the new online - Le futur d'internet n'est plus derrière un écran
Offline is the new online - Le futur d'internet n'est plus derrière un écranCedric Giorgi
 
Understanding strategy in innovation and technology oriented business
Understanding strategy in innovation and technology oriented businessUnderstanding strategy in innovation and technology oriented business
Understanding strategy in innovation and technology oriented businessDurgarao Gundu
 
Knowledge Management: Putting Information to Good Use
Knowledge Management: Putting Information to Good UseKnowledge Management: Putting Information to Good Use
Knowledge Management: Putting Information to Good UseSlideShop.com
 
The Future of Education is Digital
The Future of Education is DigitalThe Future of Education is Digital
The Future of Education is DigitalPaul Brown
 

Destaque (20)

Rethinking Transformational Change
Rethinking Transformational ChangeRethinking Transformational Change
Rethinking Transformational Change
 
31+ Startup Tools, Both Online & Offline
31+ Startup Tools, Both Online & Offline31+ Startup Tools, Both Online & Offline
31+ Startup Tools, Both Online & Offline
 
TEDxSanFrancisco – Review
TEDxSanFrancisco – ReviewTEDxSanFrancisco – Review
TEDxSanFrancisco – Review
 
Net neutrality: The Basics
Net neutrality: The BasicsNet neutrality: The Basics
Net neutrality: The Basics
 
The Human Body in the IoT. Tim Cannon + Ryan O'Shea
The Human Body in the IoT. Tim Cannon + Ryan O'SheaThe Human Body in the IoT. Tim Cannon + Ryan O'Shea
The Human Body in the IoT. Tim Cannon + Ryan O'Shea
 
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
 
Business optimization | building your first million is easy
Business optimization | building your first million is easyBusiness optimization | building your first million is easy
Business optimization | building your first million is easy
 
Innovation Enablers: Culture, Community & Code
Innovation Enablers: Culture, Community & Code Innovation Enablers: Culture, Community & Code
Innovation Enablers: Culture, Community & Code
 
Innovating supply chains in Asia
Innovating supply chains in AsiaInnovating supply chains in Asia
Innovating supply chains in Asia
 
Kuala Lumpur CTO Summit - How to fire employees
Kuala Lumpur CTO Summit - How to fire employeesKuala Lumpur CTO Summit - How to fire employees
Kuala Lumpur CTO Summit - How to fire employees
 
ADP ReThink 2016: Evolution of Work
ADP ReThink 2016: Evolution of WorkADP ReThink 2016: Evolution of Work
ADP ReThink 2016: Evolution of Work
 
Facebook et la présidentielle 2012
Facebook et la présidentielle 2012Facebook et la présidentielle 2012
Facebook et la présidentielle 2012
 
Enterprise 2.0 @ Sun Microsystems
Enterprise 2.0 @ Sun MicrosystemsEnterprise 2.0 @ Sun Microsystems
Enterprise 2.0 @ Sun Microsystems
 
Vers une architecture de l'information
Vers une architecture de l'informationVers une architecture de l'information
Vers une architecture de l'information
 
Infographic: Cloud Security Superhero
Infographic: Cloud Security SuperheroInfographic: Cloud Security Superhero
Infographic: Cloud Security Superhero
 
Brennpunkt2015 Neuburger
Brennpunkt2015 NeuburgerBrennpunkt2015 Neuburger
Brennpunkt2015 Neuburger
 
Offline is the new online - Le futur d'internet n'est plus derrière un écran
Offline is the new online - Le futur d'internet n'est plus derrière un écranOffline is the new online - Le futur d'internet n'est plus derrière un écran
Offline is the new online - Le futur d'internet n'est plus derrière un écran
 
Understanding strategy in innovation and technology oriented business
Understanding strategy in innovation and technology oriented businessUnderstanding strategy in innovation and technology oriented business
Understanding strategy in innovation and technology oriented business
 
Knowledge Management: Putting Information to Good Use
Knowledge Management: Putting Information to Good UseKnowledge Management: Putting Information to Good Use
Knowledge Management: Putting Information to Good Use
 
The Future of Education is Digital
The Future of Education is DigitalThe Future of Education is Digital
The Future of Education is Digital
 

Semelhante a Securing the Cloud

Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityMastel Indonesia
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexIBM Security
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
The State of Data Security
The State of Data SecurityThe State of Data Security
The State of Data SecurityRazor Technology
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityNetworkCollaborators
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
Centrify rethink security brochure
Centrify rethink security brochureCentrify rethink security brochure
Centrify rethink security brochureMark Gibson
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...Netpluz Asia Pte Ltd
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security reportMarco Antonio Agnese
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicNetmagic Solutions Pvt. Ltd.
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016Francisco González Jiménez
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress NycBob Maley
 

Semelhante a Securing the Cloud (20)

Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber Security
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government Sector
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
The State of Data Security
The State of Data SecurityThe State of Data Security
The State of Data Security
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.
 
Centrify rethink security brochure
Centrify rethink security brochureCentrify rethink security brochure
Centrify rethink security brochure
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – Netmagic
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Level3-ATC comSpark.tech Presentation Snapshot
Level3-ATC comSpark.tech Presentation SnapshotLevel3-ATC comSpark.tech Presentation Snapshot
Level3-ATC comSpark.tech Presentation Snapshot
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress Nyc
 

Mais de GGV Capital

THE DIGITAL ECONOMY INDEX 2021
THE DIGITAL ECONOMY INDEX 2021THE DIGITAL ECONOMY INDEX 2021
THE DIGITAL ECONOMY INDEX 2021GGV Capital
 
THE DIGITAL ECONOMY INDEX 2020
THE DIGITAL ECONOMY INDEX 2020THE DIGITAL ECONOMY INDEX 2020
THE DIGITAL ECONOMY INDEX 2020GGV Capital
 
Lessons from US & China for Global Entrepreneurs
Lessons from US & China for Global EntrepreneursLessons from US & China for Global Entrepreneurs
Lessons from US & China for Global EntrepreneursGGV Capital
 
Hans Y Combinator Presentation on Lessons from China for Global Entrepreneurs
Hans Y Combinator Presentation on Lessons from China for Global EntrepreneursHans Y Combinator Presentation on Lessons from China for Global Entrepreneurs
Hans Y Combinator Presentation on Lessons from China for Global EntrepreneursGGV Capital
 
WSJ Converge 2017 Final: China Frontier Tech Trends
WSJ Converge 2017 Final: China Frontier Tech TrendsWSJ Converge 2017 Final: China Frontier Tech Trends
WSJ Converge 2017 Final: China Frontier Tech TrendsGGV Capital
 
Evolving Ecommerce NYC Summit Quotes
Evolving Ecommerce NYC Summit QuotesEvolving Ecommerce NYC Summit Quotes
Evolving Ecommerce NYC Summit QuotesGGV Capital
 
Evolving Enterprise Highlights
Evolving Enterprise HighlightsEvolving Enterprise Highlights
Evolving Enterprise HighlightsGGV Capital
 
2016 Year in Review
2016 Year in Review2016 Year in Review
2016 Year in ReviewGGV Capital
 
GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016
GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016
GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016GGV Capital
 
GGV Capital 2015 Year in Review
GGV Capital 2015 Year in ReviewGGV Capital 2015 Year in Review
GGV Capital 2015 Year in ReviewGGV Capital
 
Monetization in the US and China: Where to Invest
Monetization in the US and China: Where to InvestMonetization in the US and China: Where to Invest
Monetization in the US and China: Where to InvestGGV Capital
 
The Mobile Generation: China's Millennials
The Mobile Generation: China's MillennialsThe Mobile Generation: China's Millennials
The Mobile Generation: China's MillennialsGGV Capital
 
GGV Capital Cross-Border Opportunities
GGV Capital Cross-Border OpportunitiesGGV Capital Cross-Border Opportunities
GGV Capital Cross-Border OpportunitiesGGV Capital
 
GGV Capital Mobile Trends Review
GGV Capital Mobile Trends ReviewGGV Capital Mobile Trends Review
GGV Capital Mobile Trends ReviewGGV Capital
 
Silicon Valley and Emerging Markets
Silicon Valley and Emerging Markets Silicon Valley and Emerging Markets
Silicon Valley and Emerging Markets GGV Capital
 
Big Data, Big Investment
Big Data, Big InvestmentBig Data, Big Investment
Big Data, Big InvestmentGGV Capital
 
State of the US VC Market
State of the US VC MarketState of the US VC Market
State of the US VC MarketGGV Capital
 
GGV Capital Viewpoint: Internet of Things
GGV Capital Viewpoint: Internet of ThingsGGV Capital Viewpoint: Internet of Things
GGV Capital Viewpoint: Internet of ThingsGGV Capital
 
Sales and Marketing 3.0: The High Velocity Model
Sales and Marketing 3.0: The High Velocity ModelSales and Marketing 3.0: The High Velocity Model
Sales and Marketing 3.0: The High Velocity ModelGGV Capital
 
GGV Capital Year in Review 2014
GGV Capital Year in Review 2014GGV Capital Year in Review 2014
GGV Capital Year in Review 2014GGV Capital
 

Mais de GGV Capital (20)

THE DIGITAL ECONOMY INDEX 2021
THE DIGITAL ECONOMY INDEX 2021THE DIGITAL ECONOMY INDEX 2021
THE DIGITAL ECONOMY INDEX 2021
 
THE DIGITAL ECONOMY INDEX 2020
THE DIGITAL ECONOMY INDEX 2020THE DIGITAL ECONOMY INDEX 2020
THE DIGITAL ECONOMY INDEX 2020
 
Lessons from US & China for Global Entrepreneurs
Lessons from US & China for Global EntrepreneursLessons from US & China for Global Entrepreneurs
Lessons from US & China for Global Entrepreneurs
 
Hans Y Combinator Presentation on Lessons from China for Global Entrepreneurs
Hans Y Combinator Presentation on Lessons from China for Global EntrepreneursHans Y Combinator Presentation on Lessons from China for Global Entrepreneurs
Hans Y Combinator Presentation on Lessons from China for Global Entrepreneurs
 
WSJ Converge 2017 Final: China Frontier Tech Trends
WSJ Converge 2017 Final: China Frontier Tech TrendsWSJ Converge 2017 Final: China Frontier Tech Trends
WSJ Converge 2017 Final: China Frontier Tech Trends
 
Evolving Ecommerce NYC Summit Quotes
Evolving Ecommerce NYC Summit QuotesEvolving Ecommerce NYC Summit Quotes
Evolving Ecommerce NYC Summit Quotes
 
Evolving Enterprise Highlights
Evolving Enterprise HighlightsEvolving Enterprise Highlights
Evolving Enterprise Highlights
 
2016 Year in Review
2016 Year in Review2016 Year in Review
2016 Year in Review
 
GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016
GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016
GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016
 
GGV Capital 2015 Year in Review
GGV Capital 2015 Year in ReviewGGV Capital 2015 Year in Review
GGV Capital 2015 Year in Review
 
Monetization in the US and China: Where to Invest
Monetization in the US and China: Where to InvestMonetization in the US and China: Where to Invest
Monetization in the US and China: Where to Invest
 
The Mobile Generation: China's Millennials
The Mobile Generation: China's MillennialsThe Mobile Generation: China's Millennials
The Mobile Generation: China's Millennials
 
GGV Capital Cross-Border Opportunities
GGV Capital Cross-Border OpportunitiesGGV Capital Cross-Border Opportunities
GGV Capital Cross-Border Opportunities
 
GGV Capital Mobile Trends Review
GGV Capital Mobile Trends ReviewGGV Capital Mobile Trends Review
GGV Capital Mobile Trends Review
 
Silicon Valley and Emerging Markets
Silicon Valley and Emerging Markets Silicon Valley and Emerging Markets
Silicon Valley and Emerging Markets
 
Big Data, Big Investment
Big Data, Big InvestmentBig Data, Big Investment
Big Data, Big Investment
 
State of the US VC Market
State of the US VC MarketState of the US VC Market
State of the US VC Market
 
GGV Capital Viewpoint: Internet of Things
GGV Capital Viewpoint: Internet of ThingsGGV Capital Viewpoint: Internet of Things
GGV Capital Viewpoint: Internet of Things
 
Sales and Marketing 3.0: The High Velocity Model
Sales and Marketing 3.0: The High Velocity ModelSales and Marketing 3.0: The High Velocity Model
Sales and Marketing 3.0: The High Velocity Model
 
GGV Capital Year in Review 2014
GGV Capital Year in Review 2014GGV Capital Year in Review 2014
GGV Capital Year in Review 2014
 

Último

activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 

Último (20)

activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 

Securing the Cloud

  • 1. Securing the Cloud Glenn Solomon Feb 2016
  • 2. • 1 team in the US and China • $2.6 billion under management • 6 funds | 150+ investments • 15 years | 27 IPOs GLEN N SOLOMON • Managing Partner • 10 years at GGV Capital • Enterprise, SaaS, Cloud, Security, Mobile • goinglongblog.com | @glennsolomon
  • 3. Cybercrime is a Growth Industry Source: 2015 Verizon DBIR Report; ITRC ; HP 2015 Cost of Cyber Crime Study; The Global State of Information Security Survey 2015; McAfee Net Losses – Estimating the Cost of Cybercrime 42.8M Security Incidents 5,810 Confirmed Data Breaches 61 Countries $445B Annual Cost to the Global Economy
  • 4. Data Breaches by the Numbers Data Records Lost or Stolen in 2014 2,803,306 records lost or stolen every day 116,793 records every hour 1,947 records every minute 32 records every second Source: SafeNet – The Art of Data Protection, Feb 2015 Only 4% of breaches were “Secure Breaches” where encryption was used and the stolen data was rendered useless
  • 5. Data Breaches are across all Industries Source: WSJ
  • 6. Hackers & Their Weapons Participants Hackers Hacktivists Criminal Organizations Commercial Vendors State Sponsored Terror Groups Available to Purchase Hacking Tools Zero-day Exploits Credit Card Data eCommerce/Social- Media Credentials Key Participants Eastern Europe Russia China US Latin America Source: RAND National Security Research Division
  • 7. The Cybersecurity Landscape is Vast Source: Momentum Partners
  • 8. Common Threats & Victims Identity Theft Phishing Social Engineering Cyber AttackCyber Extortion When you protect your company, you need to focus on all possible weaknesses. Hackers only need to find one way in…
  • 9. The Corporate Challenge Source: 2015 Verizon DBIR Report; BTIG Security Report – Attack of the Clones Cloud-based Applications Social Networking Virtualization BYOD 83 million software applications today; 141 million by 2017 Stolen or weak credentials involved in 76% of cyber attacks 14% of attacks or exploits are on cloud services, applications, or storage systems Mobile security breaches have affected 65% of global organizations in the last 12 months
  • 10. The Next Generation of Cyber Security Source: BTIG Security Report – Attack of the Clones Legacy Security Companies Next Generation Equivalent Firewall/Intrusion Prevention System Next Generation Network Security Antivirus Next Generation Endpoint/Malicious Detection Web Gateway/URL Filtering Cloud Security & Data Protection Authentication, Authorization & Accounting Identity & Access Management – The New Perimeter Secure Event Management Security Intelligence & Analytics Data Security Data Security, Discovery, Clarification, Control & Intel Data Loss Prevention Inside Threat Protection Governance, Risk Management & Compliance Compliance Automation and Data Governance
  • 11. New Threat Vectors Source: Immuniweb, Symantec Internet Security Threat Report 2015; Crowd Research Partners – Insider Threat Report Social Media Protection While email remains a significant attack vector, 70% of social media scams were manually shared. Advanced Persistent Threats Zero-day exploits are almost impossible to detect and will work 9 out of 10 cases because they have legal, financial and banking industry experts, psychologists, and even ex-law enforcement officers behind them. Insider Threats Privileged users, such as managers with access to sensitive information, pose the biggest insider threat to organizations. This is followed by contractors, consultants, and regular employees. Compromised account credentials, or when someone’s account is hijacked, are also a big part of this risk.
  • 12. New Threat Vectors Internet of Things These hubs, switches, and router are increasingly used to target the network. They have processing, storage, and internet connectivity. Mobile Security & Protection As more users rely on their mobile devices, more spam, scams, and threats are tailored to these devices. Mobile malware such as bootkits will become harder to remove. Critical Infrastructure The most significant trend is the use of malware to compromise supervisory control and data acquisition (SCADA) systems, including Homeless Management Information System (HMIS), historians, and other connected devices. Source: Symantec Internet Security Threat Report 2015; Crowd Research Partners – Insider Threat Report
  • 13. Approaches Over Time 1987-2009 2009-2014 2014 onward 2015 onward Signatures Sandboxes Anomaly Detection Zero-Trust APT Attack Sophistication Level Hammertoss, Black Energy, etc Endpoint Content Network Source: Based on Agari presentation material
  • 14. Modern Security Challenges in the Cloud Challenge: Corporate services are migrating to the cloud Secure Application Access Privileged Access Management Multi-Factor Authentication FirewallsNetwork Access Control SSO Challenge: Dynamic workloads due to multi-tiered apps & virtualization, containers, micro-services, etc. Protect Server to Server Interactions Cloud Workload ManagementMachine Firewalls
  • 15. Modern Security Challenges in the Cloud (cont) Challenge: Employees on websites via HTTP and mail –some malicious Securing Employee to Internet Cloud Policy ManagementCloud Access Security Brokers SaaS Data Encryption Challenge: Rapid development cycles leave little room for security checks Web App Security RASPsWAFs CDNs
  • 16. Emerging Protection for Emerging Threats Insider Threat Detection Machine Learning to Spot Attacks Industrial & Connected Device Security
  • 17. Security Startups Raised $10.9B across 1074 Deals since 2010 Source: Momentum Partners, CB Insights
  • 19. Q&A