Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
La Ciberseguridad como Protagonista de la Transformación Digitalen la Era de la Nube
Sebastian Brenner, CISSPSecurity Strategist, Symantec LATAM
Ricardo RiveiraSenior Systems Engineer, Symantec LATAM
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Digital Transformation
2source: https://www.revation.com/digital-transformation-revolution/
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Digital Transformation Impacts Business Performance
3https://www.forbes.com/sites/blakemorgan/2019/07/21/7-examples-of-how-digital-transformation-impacted-business-performance/#42b09ef051bb
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
The Expanding Role of the CISO
4
source: https://blog.cobalt.io/ciso-mind-map-3726388b163c
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Embracing Digital Transformation
Data Security
Regulatory compliance
Loss of control/visibility
Increased attack surface
Invasion of privacy
Availability demands
Mobile data security
Identity management complexity
Unproven/inadequate native security
Data privacy
Data security
Inadequate knowledge
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
CLOUD MIGRATION
&MOBILITY
PRIVACY LEGISLATION
ADVANCED ADVERSARIES
Challenges Securing Digital Transformation
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
A different PaaS… Pizza as a Service
8https://www.episerver.com/contentassets/c2298831dbc04581ab7a6af1df35dc0d/pizza.jpg
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Cloud is Becomingthe Business
53%
of all compute workload has now been migrated
to the cloud
Data and Cloud duplication
Difficult to manage
Repetitive CostsLack of Control over Data Access
Top Issues Caused by Lack of Visibility
1/3 Say Lack of Visibility Causing Issues
30%34%
29%27%
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Mobility - Creating Risk
10Based on SEP Mobile Statistics
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Skills and Best Practices are Lacking
not using Center for Internet Security best
practices*
*Symantec Internal Data
neglect to implement multi-factor authentication
65%85% 93%
need to enhance cloud security skills
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Mexico, Switzerland, Israel have old adequacy regimes
Japan, Korea are slotted for GDPR adequacy
Britain will do GDPR anyhow
EU has GDPR
US has no uniform privacy regime
Privacy Shield adequacy agreement with the EU is compliant with GDPR
Australia, Singapore, Thailand, Canada, Philippines, Russia, South Africa have less (than Europe) stringent privacy regimes
India is thinking about it
LATAM – Data Protection Laws
Colombia – Ley 1581
Costa Rica – 8968
Brazil LGPD – Coming in 2020
Chile Data Protection Law – in progress
Dominican Republic – Coming in 2019
* “How Will California's Consumer Privacy Law Impact The Data Privacy Landscape?”, Forbes, 2018
Data Privacy Regime Wave
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
•
•
•
Source: 2018 Shadow Data Report, Symantec, 2018Source: 2018 Shadow Data Report, Symantec, 2018
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 15
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Are you Guarding the Door while Attacks Come in the Window?
64%
cloud security incidents caused by unauthorized
access*
*Symantec internal data
Most Investigated Cloud Infrastructure Attacks
24%
21%
11%
11%
Data breaches
Cloud malware injection
DDOS
Cross-cloud attacks
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Supply Chain Weaknesses More Ambitious Attacks
17
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Gentoo GitHub Hack in June 2018
18https://wiki.gentoo.org/wiki/Project:Infrastructure/Incident_Reports/2018-06-28_Github
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Risky Employees not Being Investigated
9 out of 10 have encountered
high-risk employee behavior
at the same time, only 7% of participants are
investigating insider threats
37%
36%
35%
34%
32%
Weak passwords/bad password policies
Downloading or using cloud apps without telling IT (shadow IT)
Using their own device for work purposes
Poor password hygiene (storing them on an Excel or notepad)
Using personal email for corporate documents to avoid
attachment limitations
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Enabling Secure Digital Transformation
20
Transform & Optimize Security
Operations
Keep Data Secure &
Compliant
Stay Ahead of Advanced
Threats
Enable Secure
Cloud & Mobility
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Asset Visibility
Instances
MobilityStorage
Application Access
User Access
Digital Asset Safety – What are you trying to Protect?
• What are your deployed assets?
• Are they configured correctly and compliant?
• Are our Compute Instances safe?
• Are Storage Buckets exposed to the public?• Are customer objects scanned frequently?
• Who is accessing my VPN
• Can I make particular applications unexposed to the internet?
• What are users accessing and from what devices?
• Understanding normal behavior and when changes.
• Who is behind Shadow IT.
• What risks are my mobile devices facing?
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Mobile Threat Defense
❑ Predict, detect and prevent physical, malware, network and vulnerability exploits
❑ Respect users' privacy, productivity and mobile experience.❑ Focus on iOS and Android devices and other Operating Systems
Protection for Storage Services
Enable Secure Cloud and Mobility
❑ Block those who should not have access❑ Obfuscate your assets❑ Make access easy for authorized users❑ Application-level visibility & control
Workload Protection
❑ Enforce granular access controls & permissions for users and admins
❑ Track, control, & block compromised accounts, malicious insiders, & high risk users
❑ Detect, block, & remove advanced malware❑ Protect sensitive data from exposure or loss
Workload AssuranceSaaS Visibility and Control
❑ Monitor your security posture❑ Meet your compliance requirements❑ Audit & remediate based on CIS, NIST, PCI,
HIPAA, etc
❑ Isolate your applications to block exploits❑ Harden & protect against threats❑ Visibility over all your workloads,
containers & services
Zero Trust
1. Configure & Comply
2. Protect Instances
3. Secure Mobility
4. Store Safely
5. Control Access
6. User Control
❑ Ensure integrity of data stored in Amazon S3 buckets and Azure Blobs❑ Protects against data breaches by discovering and alerting when stores are
misconfigured or exposed to the public internet.❑ Prevents the spread of malware to other apps, storage, and users
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Email (O365, Gmail)
SaaS/IaaS(AWS, Box, OneDrive, SFDC…)
Web(LinkedIn, Facebook, Twitter…)
Keep Data Secure and Compliant
Endpoint Storage Network
DATA DETECTION AND PROTECTION
POLICIES
MANAGEMENT
Automatically detect and classify sensitive structured and unstructured data in any format and wherever it resides
Leverage information protection technology and regular automated assessments to maintain compliance
Define granular, dynamic encryption and authentication policies for sensitive information based on the data and the user
Cloud
Define and enforce information protection and access policies with unified workflows across endpoints, email, networks and the cloud
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Executive Level Involvement
Dedicated Experienced
Resources
Prioritized Approach
Business Owner
Involvement
Trained Incident
Response Team
Employee Education
Technology
People Process
Characteristics of Successful DLP Programs
24
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Instrument Prevention, Detection & Response across endpoints, network, email, and cloud infrastructure to identify, contain and remediate threats
ADVANCED DETECTION &
RESPONSE
Use dynamic global adversary and threat intelligence to stay ahead of the threat actors
VISIBILITYINTO GLOBAL
THREATS
Leverage micro service architecture to collapse multiple technologies onto single agent; drive management to cloud.
OPERATIONALLY EFFICIENT
Empower users with phishing readiness training and protect them with advanced email security, anti-phishing, and behavioral analytics
TECHNOLOGY AND SECURITY AWARENESS
Stay Ahead of
AdvancedThreats
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Instrument Advanced Detection & Response Across Infrastructure
Endpoint Detection & Response (EDR)
Network Detection & Forensics
Email Threat Detection & Response
UEBA Detection & Forensics
Transform Security Operations
26
Augment SOC Resources with Expert Cyber Security Services
Cyber Intelligence
24x7 Security Monitoring
Incident Response
Threat Hunting
Intelligent SOC
Retainer
Build a Best-in-ClassIntegrated SECOPS Architecture
Managed Tools
EDR
NETWORK FORENSICS
CLOUD DEFENSE
“91% of organizations are consolidating security vendors” – ESG, 2018
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Conclusions
27
▪ The CISO needs to become strategic to the Business and Board
▪ Ensure your digital security transformation strategy encompasses regional and specific considerations
▪ Focus on protecting the right digital assets. Identify targets through a combination of cyber intelligence.
▪ Enhance your visibility and security operations capabilities for cloud, mobile, IoT and data to mitigate cyber security risk during the Digital Transformation projects
▪ Build an integrated security platform to optimize operations & costs
▪ Find security partners to build a shared vision with your business to help enable better safety, new services, and high efficiency
Thank You!Sebastian Brenner, [email protected]
Ricardo [email protected]