Unlocking & Locking Big Data: Defending the DataLake



Similar documents
Did you know your security solution can help with PCI compliance too?

The Hillstone and Trend Micro Joint Solution

Next Generation Security Strategies. Marc Sarrias Regional Sales Manager

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Data Center security trends

Guest Speaker. Michael Sutton Chief Information Security Officer Zscaler, Inc.

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

How Attackers are Targeting Your Mobile Devices. Wade Williamson

Stallion SIA Seminar PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager

Breaking the Cyber Attack Lifecycle

Firewall and UTM Solutions Guide

Agenda , Palo Alto Networks. Confidential and Proprietary.

WatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

Chapter 10. Cloud Security Mechanisms

Finding Security in the Cloud

Fighting Advanced Threats

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

Tips for Banking Online Safely

VPN Lesson 2: VPN Implementation. Summary

Next-Generation Firewalls: CEO, Miercom

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Secure VidyoConferencing SM TECHNICAL NOTE. Protecting your communications VIDYO

Secure Your Mobile Device Access with Cisco BYOD Solutions

WildFire. Preparing for Modern Network Attacks

Next Generation Enterprise Network Security Platform

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Securing the Intelligent Network

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks

McAfee Network Security Platform

next generation privilege identity management

Originator: Chris Parkin Date: 4 March 2015 Approved by: Senior Management Team Type: Policy. Computer Security Policy

IBM QRadar Security Intelligence April 2013

SPEAR PHISHING UNDERSTANDING THE THREAT


Centrify Cloud Connector Deployment Guide

VISIBLY BETTER RISK AND SECURITY MANAGEMENT

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

Stay ahead of insiderthreats with predictive,intelligent security

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

Next Gen Firewall and UTM Buyers Guide

Network Security Topologies. Chapter 11

Guide to Evaluating Multi-Factor Authentication Solutions

White Paper: Cloud Security. Cloud Security

74% 96 Action Items. Compliance

Information Security Basic Concepts

DNP Serial SCADA to SCADA Over IP: Standards, Regulations Security and Best Practices

Intro to Firewalls. Summary

ISB13 Web security deployment options - which is really best for you? Duncan Mills, Piero DePaoli, Stuart Jones

Quick Start 5: Introducing and configuring Websense Cloud Web Security solution

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

SECURING SENSITIVE DATA WITHIN AMAZON WEB SERVICES EC2 AND EBS

AppGuard. Defeats Malware

Wireless Network Security

Our Cloud Offers You a Brighter Future

F5 and Microsoft Exchange Security Solutions

Security Threat Risk Assessment: the final key piece of the PIA puzzle

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Secure Your Mobile Workplace

Aadhaar. Security Policy & Framework for UIDAI Authentication. Version 1.0. Unique Identification Authority of India (UIDAI)

Bio-inspired cyber security for your enterprise

Redefining SIEM to Real Time Security Intelligence

High Performance NGFW Extended

Application Security Best Practices. Matt Tavis Principal Solutions Architect

Cloud Services Prevent Zero-day and Targeted Attacks

The Benefits of SSL Content Inspection ABSTRACT

PCI DSS 3.0 : THE CHANGES AND HOW THEY WILL EFFECT YOUR BUSINESS

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

DDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION

Post-TMG: Securely Delivering Microsoft Applications

Where every interaction matters.

How to set up Outlook Anywhere on your home system

A Decision Maker s Guide to Securing an IT Infrastructure

Network Security Solution. Arktos Lam

Transcription:

Day 2 DIGITAL BUSINESS TECHNOLOGIES Digital Business Transformation @ CeBIT Campus 2015 Unlocking & Locking Big Data: Defending the DataLake Part 1: Stephen Lloyd-Jones, MD, DataLake Solutions Part 2: Richard Brown, MD, Cogito Group

Day 2 DIGITAL BUSINESS TECHNOLOGIES Digital Business Transformation @ CeBIT Campus 2015 Part 2: Locking Data We can no longer fence this data in to protect it. We re witnessing the growth of the internet and the ever increasing connectivity of people and devices; dynamic intelligence over static intelligence and the borderless over the perimeter.

The Castle Defence Traditional data protection Until now strong protection of the border involved: Restricted entry based on entry points (ports) Not much else On compromise only options were: to further restrict entry points Maybe add IDS, IPS and SPI Still have a host of vulnerabilities.

Rapidly changing landscape Not all threats come in through the front door The trusted insider threat Bring Your Own Device Our systems are no longer just on our physical premises but in the cloud and accessible via the internet. Accessed by employees, contractors, customers and partners Accessed any time from anywhere in the world Once your in there are very few restrictions Data access is possible With the introduction of Virtualisation you can even steal and entire server or just alter it with malicious intent.

Rapidly changing landscape Business has evolved and needs solutions are adaptable, scalable and integrated. The security approach needs to do likewise. Security also needs to: See past one box or solution. A layered approach gives greater assurance See authentication and encryption as essential components. Adapt to internet scale rather than enterprise scale.

The New Look Castle Next Generation Firewalls Boundary Protection will always play an important role but has new and improved guards at the entrance including: Heuristic techniques to identify patterns and can now defend against zero-day vulnerabilities Rules based on user identification: Social networking apps can be enabled Content identification: stop threats and prevent data leaks Decryption and inspection of secure packets Filtering and checking based on daily updates (eg URL and AV) *Image courtesy of Palo Alto Networks

Identity is KEY You need to get it right from the start and to the end Provisioning, update and de-provisioning are key An identity is the set of attributes that uniquely identify an entity. An entity may be: a person (an employee, a contractor) a device a third party (such as a partner, an agency or a service provider) Entities include users from outside the organisation and may represent a group or role. Organisations now need to gain an understanding of the relationships it has with identities. Identity and Access Management: Outside the boundary participants *Image from Gartner

Authentication Know the other end, even internally Know that the communications is not only secure but that it has not been tampered with. For all devices eg Between Network devices Web services Servers PCs BYODs

Multi Factor Authentication MFA remains one of the most effective measures to prevent a cyber-intruder MFA is the provision of multiple pieces of information in order to perform tasks such as system authentication. Something you know (eg username and/or passwords) Something you have (eg OTP or smartcard) Something you are (eg biometrics) Edward Snowden proves why is can be so effective.

Encryption Assume a compromise of your boarder will occur at some point. Protect your data, not just the border using encryption Protecting the keys used for encryption from compromise and loss. Make sure you change keys regularly.

Protection Examples DB File Storage Unit Don t use storage managed encryption Applications Virtualised Platforms

Make sure the keys stay in the kingdom Keys to the kingdom must remain in control of the keepers of the castle. What environments can I do this with On-premises In the cloud Hybrid on-premises/cloud environment Keeping the keys means: On-premises administrators don t need to see the data to perform their roles In the cloud even the trusted service providers can t get to your data.

THANK YOU! Please contact us for more info Email Web www.cogitogroup.com.au Booth S51 Richard Brown CEO Cogito Group

Questions

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information