Making the Cloud Rock: 5 Strategies from a Leading CISO
-
Upload
netskope -
Category
Technology
-
view
87 -
download
2
description
Transcript of Making the Cloud Rock: 5 Strategies from a Leading CISO
![Page 1: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/1.jpg)
![Page 2: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/2.jpg)
2
![Page 3: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/3.jpg)
3
Five things you can do
right now
![Page 4: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/4.jpg)
4
1. KNOW WHAT YOU’RE
DEALING WITH
![Page 5: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/5.jpg)
Perform periodic security reviews
5
Your Risk Rating
HIGH
Number of Apps
Discovered
461
Number of Users
Discovered
8,062
% Apps Rated
“Medium” or Below
85%
% Usage in “Med” or
Below Apps
79%
% Data Uploaded to
“Med” or Below Apps
69%
% of High
Risk Users
53%
% Usage in Apps
Blocked at Perim.
78%
Number of High
Risk Apps
288
(Sample data set)
![Page 6: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/6.jpg)
6
URL URL URL
URL
URL
App
URL
URL
URL
![Page 7: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/7.jpg)
2. Understand your
business and strategy
7
![Page 8: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/8.jpg)
8
Understand use cases: what the business is doing and WHY
![Page 9: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/9.jpg)
9
Best practice
• User-First vs. Tech-First
• Productivity vs. Cost Efficiency
• Easy to Share vs. Locked Down
• Open Standards vs. Proprietary
• IT Enables vs. IT Dictates
![Page 10: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/10.jpg)
10
We take possession of it… we’re
responsible for it.
![Page 11: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/11.jpg)
11
Accounting for
“Home from Work”
![Page 12: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/12.jpg)
12
3. Quantify and advise on
the business risk
![Page 13: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/13.jpg)
1st Party Cloud Services
LDAP
Sign In
Username
Password
3rd Party Cloud Apps
3rd Party On-Premises Apps
Authentication / Authorization
SAM
L-En
able
3rd Party Identity Stores
Enterprise Identity Providers
HOSTED/CLOUD SERVICE
User Management
MANAGEDAPP INTEGRATIONS (SPs)
FLEXIBILEAUTHENTICATION METHODS
Organization Management
3rd Party Identity Sources
Individuals
Social ID / OpenID
1st Party Apps
Enterprise /VPC
How can Security weigh-in with real risks?
EVERYTHING AS A SERVICE
![Page 14: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/14.jpg)
14
Best practice
• Allow download from cloud storage with basic security
• Only allow upload/share from sanctioned app(s)
![Page 15: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/15.jpg)
15
4. Take the heat out
of the discussion
![Page 16: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/16.jpg)
16
Have a line of
business partner.
For
UMG,
it’s the
CFO
![Page 17: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/17.jpg)
17
5. Systematically
measure and share
![Page 18: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/18.jpg)
18
• Know where the content is sitting and who’s accessing
• Great access hygiene
• Forensics and logging data
• Clear definition of good and bad behavior
• Reporting
• Clear escalation process
![Page 19: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/19.jpg)
19
The stage is set
1. Know what you’re dealing with
2. Lean forward into your business strategy
3. Quantify and advise on the business risk
4. Take the heat out of the discussion
5. Systematically measure and share
![Page 20: Making the Cloud Rock: 5 Strategies from a Leading CISO](https://reader034.fdocuments.in/reader034/viewer/2022052623/559dfd161a28ab6b098b4669/html5/thumbnails/20.jpg)
Thank You
20