USE THE FORCE, CIO! How to use the force in the cloud wisely, Or – have you outsourced your security to the cloud?
TAKE-AWAYS ➢ How-to´s keeping information safe regardless of where it is ➢ Other perspectives – CEO, COO, CIO, CISO, Dev/Innovation ➢ Guidance and good examples based on true stories
ANNA REHNSTRÖM • VP Infrastructure • Star wars fan • CSO • Forward • CISO • Mum of 3 teens • Lieutenant Swedish Airforce • Dog-mum • Information security consultant • Married to the same man for 20 years • Information security Swedish • Swedish contingency agency
REFERENCE CASE • AVAILABLE • EASY TO USE • DIGITAL • THE RIGHT PRICE • SECURE • BANG FOR THE BUCK
The developers
IOT APPLICATION LAYER LEGACY APPS CLOUD NATIVE APPS API’s LEGACY APPS LEGACY APPS 3 PARTY IOT IDENTIFY APP *NIX WINDOWS LINUX IAAS PAAS SERVERLESS SERVICES V V V V V OTHER P OTHER MSP ON PREMISE PRIVATE CLOUD PUBLIC CLOUD P P P P PaaS & SaaS N N N N N BIG DATA TRADITIONAL TRADITIONAL TRADITIONAL DATA STORAGE DATA STORAGE DATA STORAGE
IT operations Is there any good links?
GARTNER BIMODAL IT MODE 1 MODE 2
The CISO
Cloud security CUSTOMER CUSTOMER DATA PLATFORM, APPLICATIONS, IDENTITY & ACCESS MANAGEMENT OPERATING SYSTEM, NETWORK & FIREWALL CONFIGURATION CLIENT-SIDE DATA ENCRYPTION NETWORKING TRAFFIC SERVER-SIDE ENCRYPTION & DATA INTEGRITY PROTECTION (ENCRYPTION, (FILE SYSTEM AND/OR DATA) AUTHENTICATION INTEGRITY, IDENTITY) HARDWARE/PUBLIC CLOUD GLOBAL INFRASTRUCTURE PUBLIC CLOUD PROVIDER REGIONS AVAILABILITY ZONES EDGE LOCATIONS SOFTWARE DATABASE NETWORKING compute STORAGE
“WE ARE NOT ALONE, GOOD PEOPLE WILL FIGHT IF YOU LEAD THEM” Poe Dameron, acting General of the Resistance
CYBERHYGIENE
BIG GAME HUNTING Norsk Hydro • 19 th march 2019 • Zero day vulnerability • Sleeper agents – ready to extort • 3 months / 600 million NOK
Cyber hygiene Culture of • accountability Communication team • Awareness training Cybersecurity team • • (*link) Incident Response •
Manners! • Mutually Agreed Norms for Routing Security (MANRS) • CERT Resilience management model
“THERE IS NO NAVY, IT ´S JUST..PEOPLE !” First order command
HOW TO? WHAT IS NEEDED TO BE • CLASSIFY YOUR • PROTECTED AND WHY? DATA USE REFERENCES • USE SERVICE • USE EXPERTS FROM • PROVIDERS CLOUD PROVIDERS
“ IN MY EXPERIENCE THERE IS NO SUCH THING AS LUCK.” Obi-Wan Kenobi
“ I HAVE TAUGHT YOU EVERYTHING I KNOW. AND YOU HAVE BECOME A FAR GREATER JEDI THAN I COULD EVER HOPE TO BE.” Obi-Wan
TAKE-AWAYS ➢ How-to´s keeping information safe regardless of where it is ➢ Other perspectives – CEO, COO, CIO, CISO, Dev/Innovation ➢ Guidance and good examples based on true stories
USE THE FORCE, CIO! PEOPLE, PROCESSES AND TECHNOLOGY - AND EXCELLENT LEADERSHIP
Recommend
More recommend
