Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco...
Transcript of Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco...
![Page 1: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/1.jpg)
Sensitivity: Internal
Security Architecture in Cloud First OrganizationMicrosoft example
Robert Brzezinski MBA, CHPS, CISA, CISMBizwit LLC, Columbus, OHwww.bizwit.us
2019 (C) Bizwit LLC 1
![Page 2: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/2.jpg)
Sensitivity: Internal
The Perpetrator2019 (C) Bizwit LLC 2
![Page 3: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/3.jpg)
Sensitivity: Internal
POA&M
• Why Cloud First?
• What is the Cloud First?
• Key Security Concepts for Cloud First
• Protecting Identities
• Protecting Devices
• Attack Prevention & Detection
• Protecting Information / Data
First Published in 1973Leopold Kohr
2019 (C) Bizwit LLC 3
![Page 4: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/4.jpg)
Sensitivity: Internal
Why Cloud First -> Working Smart
46 % in Office
150% Increase
43 Hours per week
http://technalysisresearch.com/downloads/TECHnalysis%20Research%20Workplace%20of%20the%20Future%20Study%20Highlights.pdf
25% BYOD
75% Email, Phone,
Text
65 % Windows
2019 (C) Bizwit LLC 4
![Page 5: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/5.jpg)
Sensitivity: Internal
Why Cloud First -> Working Smart
Security • Systems & Devices Vulnerabilities
• Email & Social Attack Vectors
• Data Loss, Unauthorized Disclosure & Visibility
Compliance• Rules Enforcement & Documentation
• Continuous Audit
2019 (C) Bizwit LLC 5
![Page 6: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/6.jpg)
Sensitivity: Internal
Why Cloud First
• Better holistic Security
• Politically correct
• The success of others– Efficiency– Cost …
Like so many IT projects, it starts with culture, according to David Chou, CIO of Children’s Mercy.
• 600+ apps – most in the Cloud
• ERP in Amazon AWS
• Email & communications – Office 365 / Azure
• Cloud Security tools
https://www.infoworld.com/article/3304283/public-cloud/the-3-reasons-cios-have-become-cloud-first.html 2019 (C) Bizwit LLC 6
CIOs from large organizations
![Page 7: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/7.jpg)
Sensitivity: Internal
What is a Cloud First approach?
Source: CHIME Healthcare’s Most Wired, National Trends 2018
Federal Cloud First policy 12/2010• Federal Data Center
Consolidation Initiative • Shared Services
Essential Characteristics of Cloud:• On-demand provisioning• Broad network access• Resource pooling• Rapid elasticity• Measured services
2019 (C) Bizwit LLC 7
![Page 8: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/8.jpg)
Sensitivity: Internal
Common challenges with Cloud adoption
Lift-and-Shift• Off site backup• Disaster Recovery• Scalability• Bolting on Cloud to server app
• SSO & SsSV• Email only to Cloud / Office 365
2019 (C) Bizwit LLC 8
![Page 9: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/9.jpg)
Sensitivity: Internal
Windows 10 Office 365Enterprise Mobility
+ Security
Identity
Attack Detection & Prevention
2019 (C) Bizwit LLC 9
Key Security Concepts for Cloud First Approach –> Microsoft 365
![Page 10: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/10.jpg)
Sensitivity: Internal
2019 (C) Bizwit LLC 10
![Page 11: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/11.jpg)
Sensitivity: Internal
2019 (C) Bizwit LLC 11
https://www.northropgrumman.com/AboutUs/Contracts/ManagedServices/Pages/SecurityServices.aspx
![Page 12: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/12.jpg)
Sensitivity: Internal
2019 (C) Bizwit LLC 12
https://www.northropgrumman.com/AboutUs/Contracts/ManagedServices/Pages/SecurityServices.aspx
![Page 13: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/13.jpg)
Sensitivity: Internal
Key Security Concepts for Cloud First Approach –> Microsoft 365
Windows 10 Office 365Enterprise Mobility
+ Security
Identity
Attack Detection & Prevention
2019 (C) Bizwit LLC 13
![Page 14: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/14.jpg)
Sensitivity: Internal
Enterprise –Level Identity Protection
Azure Active DirectoryZero Trust
Windows Hello – password-lessCredential GuardConditional AccessCloud App Security
Windows 10 Office 365Enterprise Mobility +
Security
Protect user identities to prevent theft and misuseSecure authentication
Improve visibility to help identify abnormal behaviors and usageSecure authentication
Cloud identity and access managementConditional access & Identity protection
2019 (C) Bizwit LLC 14
![Page 15: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/15.jpg)
Sensitivity: Internal
Enterprise –Level Identity Protection
Conditional access
2019 (C) Bizwit LLC 15
User / Group Device
LocationApplication
![Page 16: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/16.jpg)
Sensitivity: Internal
Device Protection
BitLockerSmartScreenWindows Defender & ATPSecurity BaselineGPO vs Intune policies
Windows 10 Office 365 Enterprise Mobility + Security
Protects devices and data with comprehensive set of defense and management tools, that can help protect, detect and respond to advanced attacks
Reduces threat of malicious content, improves visibility to help identify abnormal behaviors, usage, security incidents and threats.
Protects user identities, helps identify high-risk usage and safeguards against advanced attacks in the cloud and on-premises.
2019 (C) Bizwit LLC 16
![Page 17: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/17.jpg)
Sensitivity: Internal
Proactive Attack Detection & Prevention
Office 365 Advanced Threat Protection
Office 365 Threat Intelligence
Office 365 Security & Compliance Center
Azure Security Center
Windows Defender Advanced Threat Protection
Windows Defender Security Center
Cloud App Security
Advanced Threat Analytics
2019 (C) Bizwit LLC 17
![Page 18: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/18.jpg)
Sensitivity: Internal
Information (Data) Protection
Advanced Compliance & Security ManagementData Loss Prevention (DLP)Azure Information Protection (AIP)Intune & Windows Information Protection (WIP)
Windows 10 Office 365 Enterprise Mobility + Security
Protection of business data across devices and locations
Advanced detection, protection and monitoring of sensitive information
Advanced classification and security for sensitive information –anytime, anywhere
Detect + Classify + Protect + Monitor
2019 (C) Bizwit LLC 18
![Page 19: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/19.jpg)
Sensitivity: Internal
Information (Data) Protection
Document Access & SharingPolicy ViolationsAnomalous Activities
Detect + Classify + Protect + Monitor
Tune up policiesRevoke AccessQuarantine User or FileIntegrate Into Workflows or SIEM
2019 (C) Bizwit LLC 19
![Page 20: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/20.jpg)
Sensitivity: Internal
Attacks Never Stop2019 (C) Bizwit LLC 20
www.jklossner.com
![Page 21: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/21.jpg)
Sensitivity: Internal
Attacks Never Stop2019 (C) Bizwit LLC 21
![Page 22: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/22.jpg)
Sensitivity: Internal
Configuration Matters
# 1 Cloud Security Principle -Shared Security Responsibility
2019 (C) Bizwit LLC 22
![Page 23: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/23.jpg)
Sensitivity: Internal
Configuration Matters
# 1 Cloud Security Principle -Shared Security Responsibility
2019 (C) Bizwit LLC 23
NIST AR19-133Ahttps://www.us-cert.gov/ncas/analysis-reports/AR19-133A
![Page 24: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/24.jpg)
Sensitivity: Internal
Configuration Matters – Have You Audited Yours?2019 (C) Bizwit LLC 24
![Page 25: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/25.jpg)
Sensitivity: Internal
Threat management + Forensics2019 (C) Bizwit LLC 25
![Page 26: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/26.jpg)
Sensitivity: Internal
2019 (C) Bizwit LLC 26
Description Contractor Amount
Cisco Security Incident Response Services CDW-G $60,000
Surge Support Staff Augmentation Mosaic451 $60,000
Emergency Incident Response Services Secureworks $650,000
Advisory Services for Cyber Incident Response Ernst & Young, LLC $600,000
Microsoft Cloud, Client Stack Design and Build,
and Pro Services for Azure Active Directory,
System Center, and Windows 10
Fyrsoft $730,000
Crisis Communications Services Edelman $50,000
Development and Deployment of BenchmarkPioneer
Technology Group$124,000
Microsoft Azure Cloud Engineering, Development,
and Migration Professional ServicesAirnet Group, Inc. $393,328
Forescout Counter ACT System CDW Government $376,240
http://procurement.atlantaga.gov/awarded-emergency-procurements/
Atlanta ransomware cleanup $2.6 M +Total cost $17 M +
![Page 27: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/27.jpg)
Sensitivity: Internal
If a man isn't willing to take some risk for his opinions, either his opinions are no good or he's no good.
Ezra Pound, poet
Robert Brzezinski CHPS, CISA, CISM
Security Architecture in Cloud First Organization –Microsoft example
2019 (C) Bizwit LLC 27
![Page 28: Robert Brzezinski MBA, CHPS, CISA, CISMisacacuracao.com/wp-content/uploads/2019/09/... · Cisco Security Incident Response Services CDW-G $60,000 Surge Support Staff Augmentation](https://reader035.fdocuments.in/reader035/viewer/2022063000/5f0c9e717e708231d4364d8c/html5/thumbnails/28.jpg)
Sensitivity: Internal
If a man isn't willing to take some risk for his opinions, either his opinions are no good or he's no good.
Ezra Pound, poet
Robert Brzezinski CHPS, CISA, CISM
Security Architecture in Cloud First Organization –Microsoft example
2019 (C) Bizwit LLC 28
Nearly half of the security risk that organizations face, stems from having multiple security vendors and products.
Cisco: 2018 Annual Cybersecurity Report