Post on 24-Dec-2015
Pravin KothariFounder & CEO
CipherCloud(former VPE & co-founder ArcSight)
3
Cloud’s Explosive Growth in SMBEntering Enterprises and Governments
4
Security Breaches EscalatingHighly Advanced & Persistent Cyber Threats
5
Agility & Flexibility Lack of Control & Visibility
Data Residency
Data PrivacyReduce cost
Minimal Administration
Business Execs DesireMore Cloud Services
Security/Compliance Execs
Have Cloud Concerns
Cloud Computing in Enterprise/GovernmentTug of War Between End Users & Security
Regulatory ComplianceBest-of-breed apps
6
Revolutionary CipherCloud Encryption GatewayEncrypt Sensitive Data in Real-time Before it’s Sent to the Cloud
Encryption Preserves App’sFormat & Operations
Keys retained by Customer
No impact on usability
Recordas seen by
“authorized users”
Record as seen by
“Unauthorized Users”
Configurationfor each
Application
8
Encrypt Data at the Source Before it Leaves Your Network
TOP CLOUD THREATS
Malicious Insiders at Cloud Provider
Account, Service & Traffic Hijacking
Insecure Application Programming Interfaces
Shared Technology Vulnerabilities
Data Loss, Leakage, Remanence
Unknown Risk Profile
Customer’s encryption at the source can satisfy controls that are left for customers in Provider’s FISMA / ISO-27001 certification.
9
Sample Customer Use Cases
Organization Pain-points Addressed
F100 Investment Bank Confidentiality of highly sensitive M&A discussions from Malicious Insiders Threat at SaaS provider
Public Healthcare Agency FISMA & HIPAA required encryption of patient information going to a cloud for physicians collaboration
Hi-Tech Defense Contractor
ITAR required defense clients’ information restricted to citizens, which was not guaranteed by their cloud provider
New Democratic Party of Canada
Required to retain 24M Canadian voters identities within the country while using SaaS in the US to run their campaigns
Personal care product Manufacturer, Germany
Their resellers required residency of uploaded customer data within the country
10
Open & Extensible Platform for EcosystemRapid Development of 3rd-Party Cloud/App Plug-ins
CipherCloudGateway
Out-of-the-box Cloud
Integration
Open Plug-in
Framework
Ownership
PrivateCloud
11
Customer Benefits Protect against emerging cloud threats
Eliminate data privacy and security concerns
Satisfy compliance and data-residency requirements
Avoid risk of privacy breaches (e.g. Sony, Epsilon, RSA) Data Breach cost estimated at $214 per customer record*
Accelerate cloud adoption Significant cost savings migrating on-premise apps to cloud
“Without CipherCloud, we won’t be able to use cloud.” Customer interview in SearchCloudSecurity.com
*The Ponemon Institute
12
Key Partners
ISV OEM/VARs
Global SIs
Strategic Cloud Partners
Distributors
13
Proven Team
Expert Advisory
Board
KPMG Partner- Shahed LatifAIG Global CISO– Paul de GraaffPrudential ex-CISO- Ken TymisnkiMarriott ex-VP,Info Protection, Chris Zoladz
Fifth Third Bank ex-CISO Bob WestKaiser Director Risk –Ramy HoussainiQualys Founder – Gilles SamounSun-Microsoft - Dev Ghoshal
Top Tier Investors
Pravin Kothari, CISSP, CISAFounder & CEOCo-founder ArcSight (SIEM,$1.6B exit)Founder, Agiliance (Security-GRC)
Varun Badhwar, CISSP, CISAVP Product Marketing & AlliancesGlobal ISV Security Salesforce.comRisk Advisory KPMG
Chakra Yadavalli, CISAVP Engineering, Chief ArchitectDir Engineering, Agiliance (Security-GRC)Chief Architect, Phulaxis (ERP SoD)
Michael KochanikVP Worldwide SalesVP Sales & GM CollabNetGeodesic Systems; IKOS Systems
Seasoned Executives
Strategic Investment
14
Honors and Awards in 2011 Gartner Cool Vendor in Cloud Security Services 2011
Most Innovative Company Finalist, RSA Conference 2011
Best in Security , Under The Radar 2011 Judge & Audience Choice Winner
Best in Software & Cloud , TiEcon 2011 Innovation Expo Winner
Best Security Startup, America West, Global Security Challenge (Oct 2011)
5 Cloud Security Companies to Watch, Network World (Oct 2011)
15
Takeaways Your Data-At-Rest in the cloud is exposed to emerging cloud threats
Most SaaS/cloud databases are in ‘plaintext’
Encrypt the sensitive data at source before it leaves your network Protect your data against all external threats
Encryption keys should be with customers, not shared with providers Innovative technologies, such as CipherCloud, make it possible
Please visit the demo area for a live demoFree Trials available at CipherCloud.com