La Ciberseguridad como Protagonista de la …La Ciberseguridad como Protagonista de la Transformación Digital en la Era de la Nube Sebastian Brenner, CISSP Security Strategist, Symantec

La Ciberseguridad como Protagonista de la Transformación Digitalen la Era de la Nube

Sebastian Brenner, CISSPSecurity Strategist, Symantec LATAM

Ricardo RiveiraSenior Systems Engineer, Symantec LATAM

Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY

Digital Transformation

2source: https://www.revation.com/digital-transformation-revolution/

https://www.revation.com/digital-transformation-revolution/


Digital Transformation Impacts Business Performance

3https://www.forbes.com/sites/blakemorgan/2019/07/21/7-examples-of-how-digital-transformation-impacted-business-performance/#42b09ef051bb

https://www.forbes.com/sites/blakemorgan/2019/07/21/7-examples-of-how-digital-transformation-impacted-business-performance/#42b09ef051bb


The Expanding Role of the CISO

4

source: https://blog.cobalt.io/ciso-mind-map-3726388b163c

https://blog.cobalt.io/ciso-mind-map-3726388b163c


Embracing Digital Transformation

Data Security

Regulatory compliance

Loss of control/visibility

Increased attack surface

Invasion of privacy

Availability demands

Mobile data security

Identity management complexity

Unproven/inadequate native security

Data privacy

Data security

Inadequate knowledge


CLOUD MIGRATION

&MOBILITY

PRIVACY LEGISLATION

ADVANCED ADVERSARIES

Challenges Securing Digital Transformation


A different PaaS… Pizza as a Service

8https://www.episerver.com/contentassets/c2298831dbc04581ab7a6af1df35dc0d/pizza.jpg

https://www.episerver.com/contentassets/c2298831dbc04581ab7a6af1df35dc0d/pizza.jpg


Cloud is Becomingthe Business

53%

of all compute workload has now been migrated

to the cloud

Data and Cloud duplication

Difficult to manage

Repetitive CostsLack of Control over Data Access

Top Issues Caused by Lack of Visibility

1/3 Say Lack of Visibility Causing Issues

30%34%

29%27%


Mobility - Creating Risk

10Based on SEP Mobile Statistics


Skills and Best Practices are Lacking

not using Center for Internet Security best

practices*

*Symantec Internal Data

neglect to implement multi-factor authentication

65%85% 93%

need to enhance cloud security skills


Mexico, Switzerland, Israel have old adequacy regimes

Japan, Korea are slotted for GDPR adequacy

Britain will do GDPR anyhow

EU has GDPR

US has no uniform privacy regime

Privacy Shield adequacy agreement with the EU is compliant with GDPR

Australia, Singapore, Thailand, Canada, Philippines, Russia, South Africa have less (than Europe) stringent privacy regimes

India is thinking about it

LATAM – Data Protection Laws

Colombia – Ley 1581

Costa Rica – 8968

Brazil LGPD – Coming in 2020

Chile Data Protection Law – in progress

Dominican Republic – Coming in 2019

* “How Will California's Consumer Privacy Law Impact The Data Privacy Landscape?”, Forbes, 2018

Data Privacy Regime Wave

https://www.forbes.com/sites/forbestechcouncil/2018/08/20/how-will-californias-consumer-privacy-law-impact-the-data-privacy-landscape/#25f81468e922


•

•

•

Source: 2018 Shadow Data Report, Symantec, 2018Source: 2018 Shadow Data Report, Symantec, 2018

Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 15


Are you Guarding the Door while Attacks Come in the Window?

64%

cloud security incidents caused by unauthorized

access*

*Symantec internal data

Most Investigated Cloud Infrastructure Attacks

24%

21%

11%

11%

Data breaches

Cloud malware injection

DDOS

Cross-cloud attacks


Supply Chain Weaknesses More Ambitious Attacks

17


Gentoo GitHub Hack in June 2018

18https://wiki.gentoo.org/wiki/Project:Infrastructure/Incident_Reports/2018-06-28_Github


Risky Employees not Being Investigated

9 out of 10 have encountered

high-risk employee behavior

at the same time, only 7% of participants are

investigating insider threats

37%

36%

35%

34%

32%

Weak passwords/bad password policies

Downloading or using cloud apps without telling IT (shadow IT)

Using their own device for work purposes

Poor password hygiene (storing them on an Excel or notepad)

Using personal email for corporate documents to avoid

attachment limitations


Enabling Secure Digital Transformation

20

Transform & Optimize Security

Operations

Keep Data Secure &

Compliant

Stay Ahead of Advanced

Threats

Enable Secure

Cloud & Mobility


Asset Visibility

Instances

MobilityStorage

Application Access

User Access

Digital Asset Safety – What are you trying to Protect?

• What are your deployed assets?

• Are they configured correctly and compliant?

• Are our Compute Instances safe?

• Are Storage Buckets exposed to the public?• Are customer objects scanned frequently?

• Who is accessing my VPN

• Can I make particular applications unexposed to the internet?

• What are users accessing and from what devices?

• Understanding normal behavior and when changes.

• Who is behind Shadow IT.

• What risks are my mobile devices facing?


Mobile Threat Defense

❑ Predict, detect and prevent physical, malware, network and vulnerability exploits

❑ Respect users' privacy, productivity and mobile experience.❑ Focus on iOS and Android devices and other Operating Systems

Protection for Storage Services

Enable Secure Cloud and Mobility

❑ Block those who should not have access❑ Obfuscate your assets❑ Make access easy for authorized users❑ Application-level visibility & control

Workload Protection

❑ Enforce granular access controls & permissions for users and admins

❑ Track, control, & block compromised accounts, malicious insiders, & high risk users

❑ Detect, block, & remove advanced malware❑ Protect sensitive data from exposure or loss

Workload AssuranceSaaS Visibility and Control

❑ Monitor your security posture❑ Meet your compliance requirements❑ Audit & remediate based on CIS, NIST, PCI,

HIPAA, etc

❑ Isolate your applications to block exploits❑ Harden & protect against threats❑ Visibility over all your workloads,

containers & services

Zero Trust

1. Configure & Comply

2. Protect Instances

3. Secure Mobility

4. Store Safely

5. Control Access

6. User Control

❑ Ensure integrity of data stored in Amazon S3 buckets and Azure Blobs❑ Protects against data breaches by discovering and alerting when stores are

misconfigured or exposed to the public internet.❑ Prevents the spread of malware to other apps, storage, and users


Email (O365, Gmail)

SaaS/IaaS(AWS, Box, OneDrive, SFDC…)

Web(LinkedIn, Facebook, Twitter…)

Keep Data Secure and Compliant

Endpoint Storage Network

DATA DETECTION AND PROTECTION

POLICIES

MANAGEMENT

Automatically detect and classify sensitive structured and unstructured data in any format and wherever it resides

Leverage information protection technology and regular automated assessments to maintain compliance

Define granular, dynamic encryption and authentication policies for sensitive information based on the data and the user

Cloud

Define and enforce information protection and access policies with unified workflows across endpoints, email, networks and the cloud


Executive Level Involvement

Dedicated Experienced

Resources

Prioritized Approach

Business Owner

Involvement

Trained Incident

Response Team

Employee Education

Technology

People Process

Characteristics of Successful DLP Programs

24


Instrument Prevention, Detection & Response across endpoints, network, email, and cloud infrastructure to identify, contain and remediate threats

ADVANCED DETECTION &

RESPONSE

Use dynamic global adversary and threat intelligence to stay ahead of the threat actors

VISIBILITYINTO GLOBAL

THREATS

Leverage micro service architecture to collapse multiple technologies onto single agent; drive management to cloud.

OPERATIONALLY EFFICIENT

Empower users with phishing readiness training and protect them with advanced email security, anti-phishing, and behavioral analytics

TECHNOLOGY AND SECURITY AWARENESS

Stay Ahead of

AdvancedThreats


Instrument Advanced Detection & Response Across Infrastructure

Endpoint Detection & Response (EDR)

Network Detection & Forensics

Email Threat Detection & Response

UEBA Detection & Forensics

Transform Security Operations

26

Augment SOC Resources with Expert Cyber Security Services

Cyber Intelligence

24x7 Security Monitoring

Incident Response

Threat Hunting

Intelligent SOC

Retainer

Build a Best-in-ClassIntegrated SECOPS Architecture

Managed Tools

EDR

NETWORK FORENSICS

CLOUD DEFENSE

“91% of organizations are consolidating security vendors” – ESG, 2018


Conclusions

27

▪ The CISO needs to become strategic to the Business and Board

▪ Ensure your digital security transformation strategy encompasses regional and specific considerations

▪ Focus on protecting the right digital assets. Identify targets through a combination of cyber intelligence.

▪ Enhance your visibility and security operations capabilities for cloud, mobile, IoT and data to mitigate cyber security risk during the Digital Transformation projects

▪ Build an integrated security platform to optimize operations & costs

▪ Find security partners to build a shared vision with your business to help enable better safety, new services, and high efficiency

Thank You!Sebastian Brenner, [email protected]

Ricardo [email protected]

mailto:[email protected]

mailto:[email protected]

Documents

La Ciberseguridad como Protagonista de la …La Ciberseguridad como Protagonista de la Transformación Digital en la Era de la Nube Sebastian Brenner, CISSP Security Strategist, Symantec