cloud security discussion isaca, jacksonville security discussion isaca, jacksonville chapter ......

Download Cloud Security Discussion ISACA, Jacksonville   Security Discussion ISACA, Jacksonville Chapter ... into the wrong hands. ... SaaS Security Concerns Cloud Provider

Post on 28-Apr-2018




3 download

Embed Size (px)


  • Cloud Security Discussion ISACA, Jacksonville Chapter

    October 2017 Meeting

    Craig GalleyInformation Security OfficerSANS Mentor

  • Intro and Bio

    Jacksonville Resident 34 years

    16 years involvement in Information Security

    Information Security Officer for the City of Jacksonville

    SANS Instructor

    Former Biker, now full time Dance Dad

    Searching for my next hobby (fishing?, crochet?, gardening?)

  • Why Cloud Services?

    Lower Total Cost of Ownership

    Reduce head count

    Performance gains and higher Return on Investment

    High Availability / Disaster Recovery

    Transfer Risk


  • Security?

    Lost laptops are a billion dollar business problem. And potentially greater than the loss of an expensive piece of kit is the loss of the sensitive data inside it. Cloud computing gives you greater security when this happens. Because your data is stored in the cloud, you can access it no matter what happens to your machine. And you can even remotely wipe data from lost laptops so it doesnt get into the wrong hands.

    ref -

  • Cloud Service Provider (CSP)

    Cloud Customer

    Cloud Access Security Broker (CASB)

    Public, Private, Community, and Hybrid




  • Cloud Security Responsibility?

    Cloud Customer!!!

    Cannot transfer the risk of housing PII data in the Cloud

    Ultimately responsible for ensuring that the Business Requirements are met when utilizing services in the Cloud

    Security concerns evolve rapidly; the Cloud Customer must understand how this impacts the organization.

  • Initial Considerations

    Reliability of the Cloud Service Provider

    Location of Service and Data

    Breach reports and history of the Cloud Service Provider

    Auditors and Regulation

    Resource considerations

  • Long Term Concerns

    Retention Policies

    What is the out strategy?

    Data Remnants



  • SaaS Security Concerns

    Cloud Provider

    Platform, Infrastructure, Physical

    Cloud Customer

    GRC, Data

    Shared Responsibilities


  • PaaS Security Concerns

    Cloud Provider

    Physical, Infrastructure

    Cloud Customer

    GRC, Data, Application

    Shared Responsibilities


  • IaaS Security Concerns

    Cloud Provider


    Cloud Customer

    GRC, Data, Application, Platform

    Shared Responsibilities


  • Continuous Monitoring

    Breach and Incident notifications

    Centralized logging

    Access to Cloud stored logs

  • Cloud Application Security

    Not all applications are Cloud ready

  • CSA - The Treacherous 12

    Data Breaches

    Insufficient Identity, Credential and Access Management

    Insecure Interfaces and APIs

    System Vulnerabilities

    Account Hijacking

    Malicious Insiders

    ref -

  • CSA - The Treacherous 12 (cont.)

    Advanced Persistent Threats

    Data Loss

    Insufficient Due Diligence

    Abuse and Nefarious Use of Cloud Services

    Denial of Service

    Shared Technology issues

    ref -

  • At the end of the day.

    Cloud Customer is always responsible for GRC and Data

    Cloud Services offer many advertised cost benefits

    Risk is present in many forms throughout Cloud models

    Information Security Professionals must be involved to voice the risk

    Senior Managers weigh the cost benefits vs the risk and make the decision based on risk appetite.

  • InfoSecJax

    ISACA, Infragard, ISSA, (ISC)2

    Tech Coast Conference

    B-Sides Jacksonville

    2600 Meetings


  • Craig Galleys SANS Schedule

    MGT414: SANS Training Program for CISSP Certification

    Not a bootcamp!

    Next Class starts on January 23rd, 2018 runs through March 6th 2018

    7 weeks

    Each Tuesday from 6:00pm - 9:00pm

    Location: TBD

  • Questions???


    @bullpwr (Twitter) or LinkedIn


View more >