The Changing Landscape of Information Security

ApplicationsDevSecOps

Hybrid ITAutomation

Viren MantriAll views expressed here are entirely mine, do not represent those of my current and past employers.

Backdrop

• Criminals Profit

• Espionage Intelligence

• Warriors Disruption

• Terrorists Ideology

• The question is not whether but when?

Cyber attacks

Current era

Rigidity à Agility

DevSecOps – on a lighter note

No offence meant J

DevSecOps – on a serious noteo Baking security in design

o From BRD/FSD to weekly huddles and feature releases

o Externalizing authentication and authorization

o Using encryption and tokenization for data protection

o Building resilience to vulnerabilities and exploits

o Educating developers on security

DevOps ToolSet

• Developer scan

• Build scan

• Infrastructure

• Automation

• Vulnerability reporting

• Remediation workflow

• Risk assessment

• Security dashboard

SCM Build Deploy Cloud OS Security

Repo Package Release IaaS VM Scanning

CI Provision Test PaaS App/Web VA

Workflow Config Monitoring SaaS DB PenTest

Traceability is key

Hybrid IT • Growing acceptance

• Initial euphoria over (in)security mellowed

• Cloud providers challenging On-Prem

• Need to support legacy while striving to be agile

• Agility flexes rigidity, breaks down silos

Automation• The right level eliminates inefficiencies

• Delivers economies of scale

• Ensures repeatable processes

Matured teams• Recognize Information security is everyone’s business

• Develop a blueprint providing clarity and rationale

• Know why we are doing what we are doing

Questions

vm@greyorbits.com

The Changing Landscape of Information Security

Technology

Changing Landscape of Business

The Evolving Security Landscape - etouches · The Evolving Security Landscape ... The Changing End-User Landscape ... Cloud Security Cloud computing adoption is < 1% of organizations

The Changing IT Threat Landscape: Three Steps to A Proactive Security Strategy

Changing RD landscape

Facebook: The Changing Landscape

The Changing Journal Landscape

Changing the Security Landscape Together - fortinet.com · nnComprehensive cloud computing ... Changing the Security Landscape Together Today, ... cloud or physical

Changing the Virtualization Landscape

COVITS 2011 - The Changing Landscape of Cyber-Security ...media.govtech.net/GOVTECH_WEBSITE/EVENTS/... · Changing Landscape of Cyber-Security – Identity, Credential, and Access

Industrial Security Protecting networks and facilities …...Industrial Security Protecting networks and facilities against a fast-changing threat landscape 2 Security in The Connected

Facing the changing security standards Can enterprise ... · PDF fileMarch/April | Vol. 39 LAW + TECH Facing the changing landscape of cloud security standards PRACTICE MANAGEMENT

In the Human Network… Security is Everywhere · The Changing Threat Landscape Cisco’s Security Strategy – the Self Defending Network ... The Changing Threat Landscape ... Security

Technology Landscape Is Changing

The Changing Global Landscape

Cyber Security: The changing landscape - KPMG | US · PDF fileOur cyber security journey - global. ... −Mobile security cyber.kpmg.com. Threats ... Cyber Security presentation Author:

Changing landscape of certification

Meeting IT Security Challenges in a Fast-changing Threat Landscape"

Navigating the Changing Cloud Security Landscape · Navigating the Changing Cloud Security Landscape Dell cloud security white paper | September 2013 As cloud security threat levels

The Changing Landscape

Changing Retail Landscape