Post on 25-Dec-2014
description
Cloud Data SecurityUniversity of Texas Health Science Center at San AntonioApril 9, 2013
Flickr: eklektikos
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 20132
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 20133
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 20134
Flickr: pulpolux
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 20135
Which cloud storage products are you using today?
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 20136
You CloudInternet
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 20137
You CloudInternet
Determined attackers can and will compromise your data here.
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 20138
Pwnie Express Sales Material
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 20139
Pwnie Express Sales Material
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201310
“...it allowed anyone anywhere in the world to access any...of it’s customers’ online storage lockers -- simply by typing in any password.”
-- Wired, June 2011
Flickr: NS Newsflash
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201311
Flickr: NS Newsflash
“...emailed some users this past weekend to warn them that some of their photos marked
private were instead made publicly available.”-- Information Week, February 2013
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201312
Flickr: NS Newsflash
“A disgruntled former employee...remotely accessed SCADA systems for a sewage treatment plant and caused over 200,000 gallons of raw sewage to spill
into nearby rivers and businesses.”-- Carnegie Mellon CERT,
Chronological Examination of Insider Threat Sabotage
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201313
Flickr: queensucanada
“Zhao has been charged in a federal complaint with economic espionage, accused by prosecutors stealing academic research to pass off as his own in China.”
-- Dataloss Mailing List, April 2013
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201314
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201315
Bruce Schneier
“...only amateurs attack machines; professionals attack people.”
Photo: Wikipedia
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201316
Khalil Gibran
“If you reveal your secrets to the wind, you should not blame the wind for revealing them to the trees.”
Photo: Wikipedia
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201317
“You have to be lucky all the time.We only have to be lucky once.”
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201318
“You have to be lucky all the time.We only have to be lucky once.”
Photo: Wikipedia
The Irish Republican Army released this statement after a failed assassination attempt on Margaret Thatcher in 1984.
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201319
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201320
You CloudInternet
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201321
Confi
dent
ialit
yIntegrity
Availability
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201322
You CloudInternet
You can mitigate threats in these places to whatever extent
your budget and time allows.
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201323
Although your data is always at risk, you can reduce that risk to almost any extent by
understanding threats and mitigating them
Tuesday, September 24, 13
Cloud Data Security // Major Hayden // April 9, 201324
Q&A
Flickr: nateone
Tuesday, September 24, 13