Date post: | 20-Jan-2017 |
Category: |
Technology |
Upload: | cloudlock |
View: | 87 times |
Download: | 2 times |
Lessons Learned from
CloudLock’s Cyberlab report
The 1% Who Can Take Down
Your Organization
1
Presenters
Bernd LegerVP of Marketing
Ayse Kaya FiratDirector of Customer Insights & Analytics
2
Continuing Professional Education (CPE) Credits
Claim your CPE credit for attending this webinarhttps://www.isc2.org/
For more information or questions please contact us
3
Q3 2015 Cloudlock Cyberlab Report
Agenda
01
02
03
04
What CISO’s care about
Account Compromise - Focus on the 1%
Data Breaches - Protect What Matters
Cloud Malware - The Backdoor
5
05 Summary
What CISOs Care About
6
IDENTITY
ACCOUNTS APPS
DATA
CLOUD
DEVICE
Cloud Cybersecurity - Where You Should Focus
7
APPSACCOUNTS
DATA
Cloud Malware(Apps Discovery &
Control)
Data Breach(Cloud DLP)
4
Compliance(Reporting/Policy)
5
SecOps & Forensics(Security Admin)
3
2
CompromisedAccounts
(UBA)
1
7
8
Scope of Cybersecurity Report
91,000APPS
DISCOVERED
10 MillionACTIVE USERS
FILESMONITORED
DAILY
1 Billion
CloudLock Confidential
The 1% who can take down your Organization: Disproportionate Cloud Risk
9
01
10
Account Compromises -
Focusing on the User
“User Behavior Analytics No Longer a Nice to Have
Gartner explains "By 2018, at least 25% of self-discovered enterprise breaches will be found using user behavior analytics (UBA)." Gartner, Best Practices and Success Stories for User Behavior Analytics, March 2015
11
1 in 4 users violate corporate security policy
12
The 1% Who Can Take Down Your Organization
13
No Industry is Immune
Customer Story -The True Risk of Data Dense Users
14
Hi-Tech customer based in the Silicon Valley
Highly confidential IP: ● Design docs● Patents● Engineering code
Customer Story - Rapid ROI
15
● US based company in the travel industry.
● 62% of decrease in public exposures in one day by leveraging UBA
● Reached out to top users with public exposures
● Rapid return on investment● Revealed gaps in employee
security training
Recommendations - Account Compromise
16
1. Identify: Who are the riskiest
users? Plus, what is typical user
behavior, what is not?
2. Segment: Understand the
composition of the riskiest top
1%
3. Prioritize: For highest ROI,
streamline automated action
upon anomaly detection
02
17
Data Breach
Identify data that matters
18
There are only two types of data that exist in your organization:
1) Data that someone wants to steal
2) Everything else
Source: Forrester Research
How successful organizations attack the problem?
19
Organizations are taking two main approaches to protect their most sensitive corporate assets:
Data Types Organizations worry about
20
● Many enterprises live in fear of suffering from a toxic data spill.
21
Exposed Sensitive Data
● Just like asbestos, certain data types becomes even more toxic when airborne.
● 6% of collaboration is occurring inbound-only, suggesting the potential malicious use of collaboration as a mechanism to execute phishing attacks.
Anatomy of a Cyber Attack
Direction of Communication Matters
22
Web of Collaborating Business & Cybercrime
23
Web of Collaborating Business & Cybercrime
24
And - the top 25 account for 75% of cloud based sharing
Customer Story - Not All Collaboration is Good Collaboration
25
● High profile government agency
● 5M Documents, 20K Users
Recommendations - Data Breaches
26
1. Monitor the environment
continuously
2. Gain deep insight into what data
is shared and how it is shared
3. Prioritize/analyze the most
collaborative domains
4. Take risk appropriate controls.
Not all files are equally important
- encrypt assets that matter the
most
Customer Story 16.3% Improvement in 1 Day
27
03
28
Cloud Malware
CloudLock focuses on the riskiest apps
29
● User enabled 3rd party apps that communicate with core, corporate SaaS platforms. These apps typically request permission via an OAuth connection to act on behalf of the user.
● Frequently targeted by cybercriminals as an entry point to organizations.
DEMO
● UK media company● 5000+ users adopted
cloud collaboration● Over 600 unique apps,
20,000 installs
Customer Case Study - Risky (App) Business
30
1% of users account for 62% of all app installs
31
● The number of 3rd party apps grew
significantly.
○ 130 to 540 in just one year!
● 52,000 app installs are done by highly
privileged users.
Top 25 Unique Apps Comprise 65% of All Installs
32
● In most instances, top apps are tied to business functions● The long tail is where the risk lies
[37%] Gaming, Entertainment, Non Productivity
33
Top Third-Party AppsGaming / Entertainment / Non-Productivity Apps
Recon - Person / Location / Activity / Relevance
Keys to the Kingdom: Third Party Apps
CloudLock focuses on the riskiest apps
● Third-party cloud apps are user-enabled SaaS apps that communicate with core, corporate SaaS platforms via an OAuth connection.
Keys to the Kingdom: Third Party Apps
CloudLock focuses on the riskiest apps
● Third-party cloud apps are user-enabled SaaS apps that communicate with core, corporate SaaS platforms via an OAuth connection.
Keys to the Kingdom: Third Party Apps
Recommendations - Cloud Malware
38
1. Understand which apps your users are leveraging -
understand the need behind
2. Prioritize highly privileged users’ app installs
3. Empower the end users by educating them on the risk
of 3rd party apps
4. Trust the insight of the security community, tap into
crowdsourced insight for 3rd party apps
03
39
Summary
Cloud Cybersecurity - Where You Should Focus
40
APPSACCOUNTS
DATA
Cloud Malware(Apps Discovery &
Control)
Data Breach(Cloud DLP)
4
Compliance(Reporting/Policy)
5
SecOps & Forensics(Security Admin)
3
2
CompromisedAccounts
(UBA)
1
40
CloudLock CyberSecurity Fabrics
IT Security
Homegrown Apps
IT Apps
ISV Cloud Apps
Enterprise
SaaS
force.com
All End - Users 41
PaaS and IaaS
force.com
IDaaS
CloudLock Confidential
Content Classification
AppsFirewall
SecurityAnalytics
EncryptionManagement
IncidentManagement
CentralAuditing
PolicyAutomation
User BehaviorAnalytics
ConfigurationSecurity
Next Step: Get a Cybersecurity Assessment
bit.ly/cloudlock-assessment
Q&A
Bernd LegerVP of Marketing
Ayse Kaya FiratDirector of Customer Insights & Analytics
43