SlideShare a Scribd company logo

Lss implementing cyber security in the cloud, and from the cloud-feb14

L S Subramanian, profile picture
L S Subramanian

This document summarizes a presentation about implementing cyber security in and from the cloud. It discusses the Cloud Security Alliance (CSA), an organization that develops best practices for cloud security. The CSA has published a document called "Security Guidance for Critical Areas of Focus in Cloud Computing" that identifies important security domains for cloud computing like architecture, governance, compliance, and more. It also discusses how companies can provide cyber security solutions in the cloud through technologies like SecureCloud that give enterprises control over encrypted data in public clouds.

Business
Related topics:
Information Security
1 of 21
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
Implementing Cyber Security In & From The Cloud LS Subramanian niseindia.com
Today’s Agenda Cloud Security Alliance (CSA) CSA’s “ Security Guidance for Critical Areas of Focus in Cloud Computing V 3.0” Cyber Security Solutions in the Cloud and from the cloud.
About the Cloud Security Alliance • Global, not-for-profit organization • Over 23,000 individual members, 100 corporate members, 50 chapters • Building best practices and a trusted cloud ecosystem • Agile philosophy, rapid development of applied research – GRC: Balance compliance with risk management – Reference models: build using existing standards – Identity: a key foundation of a functioning cloud economy – Champion interoperability – Enable innovation – Advocacy of prudent public policy “To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.”
CSA - Initiatives https://cloudsecurityalliance.org/research/ Copyright © 2011 Cloud Security Alliance
HOW DO WE BUILD THE “TRUSTED CLOUD?”… • Strategy • Education • Security Framework • Assessment • Build for the Future Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
Security Guidance for Critical Areas of Focus in Cloud Computing V3.0 Prepared by the Cloud Security Alliance
What is Cloud Computing?
CSA Security Guidance Cloud Computing Architecture
CSA Security Guidance What is Security for Cloud Computing? Understanding the impact of these differences between service models and how they are deployed is critical to managing the risk posture of an organization.
CSA Guidance Domains Architecture 1. Cloud Computing Architectural Framework Governing in the Cloud 2. Governance & Enterprise Risk Management 3. Legal Issues : Contracts & Electronic Discovery 4. Compliance & Audit Management 5. Information Management & Data Security 6. Interoperability & Portability
CSA Guidance Domains Operating in the Cloud 7. Traditional Security, Business Continuity & DR 8. Data Center Operations 9. Incident Response 10. Application Security 11. Encryption & Key Mgmt 12. Identity & Access Mgmt 13. Virtualization 14. Security as a Service
CSA - Trend Micro Partnership  Founding Sponsor of CSA’s HQ in APAC  Chair of the CSA Executive Council  Sponsor one global CSA research project  Sponsor of all CSA events in APAC  Update from all CSA Chapters in APAC  CCSK certification for Trend Micro cloud security experts  Engaging regional key stake holders including government, legal experts, service providers, technology providers and consumers.  Customizing/developing relevant best practices and standards for the APAC market.  Centre of excellence for research and training.  Establishment of global standards secretariat within APAC
Cyber Security Solutions in the Cloud and from the cloud
Who Has Control? Servers Virtualization & Public Cloud Public Cloud Public Cloud Private Cloud’’’’’ IaaS PaaS SaaS End-User (Enterprise) Service Provider Trend Micro Confidential 2/26/2013 Copyright 2009 Trend Micro Inc.
SecureCloud: Enterprise Controlled Data Protection for the Cloud Patent pending Trend Micro technology enables enterprises to retain control of data in the cloud Trend Micro Confidential2/26/2013 Copyright 2009 Trend Micro Inc. 15
A New Security Architecture For A New Era All environments should be considered un-trusted Users access app Deep Security Datacenter SecureCloud: • Facilitates movement between Public Cloud datacenter & cloud • Delivers control, security and compliance through encryption • Host defends Avoids service provider lock-in • itself from attack Enables secure storage recycling SecureCloud Data encrypted within the server Encryption keys controlled by you Encrypted Data Data Data Copyright 2009 Trend Micro Inc.
CNAM – Real Time Attack Detection ARCHITECTURE
CNAM – Real Time Attack Detection TOPOLOGY
CNAM – Real Time Attack Detection MODEL
Acknowledgement All ownership and credits for pictures, logos copyright and trademarks rests with the owners. We Acknowledge & thank owners for the use of their material in this presentation to educate on cloud computing. Material for this presentation has been sourced from CSA, NIST & Trend Micro & Net Monastery & others. We thank the organizations for allowing us to use this material.
The Future of Computing is the Cloud lssubramanian@niseindia.com

More Related Content

PDF
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
YounesChafi1
 
PPTX
2012 10 cloud security architecture
Vladimir Jirasek
 
PPTX
The Cloud & I, The CISO challenges with Cloud Computing
Moshe Ferber
 
PPTX
ProtectV - Data Security for the Cloud
SafeNet
 
PPTX
Cloud Security
The TNS Group
 
PDF
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
 
PDF
2022 Q1 Webinar Securite du Cloud public (1).pdf
YounesChafi1
 
PDF
Cloud Computing Security - Cloud Controls Security
Hari Kumar
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
YounesChafi1
 
2012 10 cloud security architecture
Vladimir Jirasek
 
The Cloud & I, The CISO challenges with Cloud Computing
Moshe Ferber
 
ProtectV - Data Security for the Cloud
SafeNet
 
Cloud Security
The TNS Group
 
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
 
2022 Q1 Webinar Securite du Cloud public (1).pdf
YounesChafi1
 
Cloud Computing Security - Cloud Controls Security
Hari Kumar
 

What's hot (20)

PDF
CCSK, cloud security framework, Indonesia
Wise Pacific Venture
 
PDF
Cloud security
BikashPokharel3
 
PPTX
Security as a Service Model for Cloud Environment
KaashivInfoTech Company
 
PDF
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Trend Micro
 
PPTX
cloud security ppt
Devyani Vaidya
 
PPTX
Cloud Security for U.S. Military Agencies
NJVC, LLC
 
PPTX
Security As A Service In Cloud(SECaaS)
أحلام انصارى
 
PDF
Cloud Security Guide - Ref Architecture and Gov. Model
Vishal Sharma
 
PPTX
C-Level tools for Cloud security
Vladimir Jirasek
 
PPTX
Cloud security privacy- org
Dharmalingam S
 
PDF
Cloud Security: A New Perspective
Wen-Pai Lu
 
PDF
Cloud Security Governance
Shankar Subramaniyan
 
PPTX
Cloud security and security architecture
Vladimir Jirasek
 
PDF
SECURE CLOUD ARCHITECTURE
acijjournal
 
PDF
Cloud Security
Hi-Tech College
 
PPTX
Rik Ferguson
CloudExpoEurope
 
PDF
Cloud Security Demystified
Michael Torres
 
PPTX
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
Moshe Ferber
 
PDF
Cyber Security and Cloud Computing
Keet Sugathadasa
 
PDF
Cloud summit demystifying cloud security
David De Vos
 
CCSK, cloud security framework, Indonesia
Wise Pacific Venture
 
Cloud security
BikashPokharel3
 
Security as a Service Model for Cloud Environment
KaashivInfoTech Company
 
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Trend Micro
 
cloud security ppt
Devyani Vaidya
 
Cloud Security for U.S. Military Agencies
NJVC, LLC
 
Security As A Service In Cloud(SECaaS)
أحلام انصارى
 
Cloud Security Guide - Ref Architecture and Gov. Model
Vishal Sharma
 
C-Level tools for Cloud security
Vladimir Jirasek
 
Cloud security privacy- org
Dharmalingam S
 
Cloud Security: A New Perspective
Wen-Pai Lu
 
Cloud Security Governance
Shankar Subramaniyan
 
Cloud security and security architecture
Vladimir Jirasek
 
SECURE CLOUD ARCHITECTURE
acijjournal
 
Cloud Security
Hi-Tech College
 
Rik Ferguson
CloudExpoEurope
 
Cloud Security Demystified
Michael Torres
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
Moshe Ferber
 
Cyber Security and Cloud Computing
Keet Sugathadasa
 
Cloud summit demystifying cloud security
David De Vos
 
Ad

Similar to Lss implementing cyber security in the cloud, and from the cloud-feb14 (20)

PPTX
What is Cloud Security, and Can I Have Some?
John Kinsella
 
PDF
Nils Puhlmann Ncoic Slides
GovCloud Network
 
PPTX
Securing The Clouds Proactively-BlackisTech.pptx
Chinatu Uzuegbu
 
PDF
Who owns security in the cloud
Trend Micro
 
PPT
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Bill Annibell
 
PPT
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
TT L
 
PPT
Effectively and Securely Using the Cloud Computing Paradigm
fanc1985
 
PPT
Cloudcomputingoct2009 100301142544-phpapp02
abhisheknayak29
 
PDF
Cloud computing understanding security risk and management
Shamsundar Machale (CISSP, CEH)
 
PDF
Presd1 10
Niels Groeneveld
 
PPTX
Cloud computing and Cloud security fundamentals
Viresh Suri
 
PPT
4831586.ppt
ahmad21315
 
PPTX
talk6securingcloudamarprusty-191030091632.pptx
TrongMinhHoang1
 
PDF
Ciphercloud Solutions Overview hsa oct2011
Ramy Houssaini
 
PDF
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
Shah Sheikh
 
PPT
Cloud Security Alliance's GRC Stack Overview
Valdez Ladd MBA, CISSP, CISA,
 
PDF
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
ikanow
 
PDF
Cloudsecurity
drewz lin
 
PDF
Taiye Lambo - Auditing the cloud
nooralmousa
 
PDF
INFORMATION SECURITY IN CLOUD COMPUTING
ijitcs
 
What is Cloud Security, and Can I Have Some?
John Kinsella
 
Nils Puhlmann Ncoic Slides
GovCloud Network
 
Securing The Clouds Proactively-BlackisTech.pptx
Chinatu Uzuegbu
 
Who owns security in the cloud
Trend Micro
 
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Bill Annibell
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
TT L
 
Effectively and Securely Using the Cloud Computing Paradigm
fanc1985
 
Cloudcomputingoct2009 100301142544-phpapp02
abhisheknayak29
 
Cloud computing understanding security risk and management
Shamsundar Machale (CISSP, CEH)
 
Presd1 10
Niels Groeneveld
 
Cloud computing and Cloud security fundamentals
Viresh Suri
 
4831586.ppt
ahmad21315
 
talk6securingcloudamarprusty-191030091632.pptx
TrongMinhHoang1
 
Ciphercloud Solutions Overview hsa oct2011
Ramy Houssaini
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
Shah Sheikh
 
Cloud Security Alliance's GRC Stack Overview
Valdez Ladd MBA, CISSP, CISA,
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
ikanow
 
Cloudsecurity
drewz lin
 
Taiye Lambo - Auditing the cloud
nooralmousa
 
INFORMATION SECURITY IN CLOUD COMPUTING
ijitcs
 
Ad

Recently uploaded (20)

PDF
Hindu Circuler Economy - Model (Concept)
Avijit Kumar Roy
 
PDF
DOC-20250806-WA0002._20250806_112011_0000.pdf
dhanusriss08
 
PDF
Power and position in leadershipDOC-20250808-WA0011..pdf
meghavinikumar2006
 
PDF
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
PDF
Lecture 3 - Risk Management and Compliance.pdf
Quan Risk
 
PDF
Chapter 5_Foreign Exchange Market in .pdf
sophatphoniu
 
PDF
Types of control:Qualitative vs Quantitative
reshmaaslm06
 
PPTX
DMT - Profile Brief About Business .pptx
AkhileshKumar724847
 
DOCX
unit 1 COST ACCOUNTING AND COST SHEET
MANJU N
 
PDF
Roadmap Map-digital Banking feature MB,IB,AB
Alemayehu
 
PDF
A Brief Introduction About Julia Allison
Julia Allison
 
PDF
MSPs in 10 Words - Created by US MSP Network
Mayur Gudka
 
PDF
Reconciliation AND MEMORANDUM RECONCILATION
MANJU N
 
PPTX
ICG2025_ICG 6th steering committee 30-8-24.pptx
AtiarRahaman5
 
PPTX
AI-assistance in Knowledge Collection and Curation supporting Safe and Sustai...
Barry Hardy
 
PDF
Elevate Cleaning Efficiency Using Tallfly Hair Remover Roller Factory Expertise
farsookmon97766765
 
PPTX
Amazon (Business Studies) management studies
AbhirupVerma
 
DOCX
unit 2 cost accounting- Tender and Quotation & Reconciliation Statement
MANJU N
 
PDF
Laughter Yoga Basic Learning Workshop Manual
yeechensee
 
PDF
Katrina Stoneking: Shaking Up the Alcohol Beverage Industry
CIO WOMEN MAGAIZNE CIO WOMEN MAGAIZNE
 
Hindu Circuler Economy - Model (Concept)
Avijit Kumar Roy
 
DOC-20250806-WA0002._20250806_112011_0000.pdf
dhanusriss08
 
Power and position in leadershipDOC-20250808-WA0011..pdf
meghavinikumar2006
 
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
Lecture 3 - Risk Management and Compliance.pdf
Quan Risk
 
Chapter 5_Foreign Exchange Market in .pdf
sophatphoniu
 
Types of control:Qualitative vs Quantitative
reshmaaslm06
 
DMT - Profile Brief About Business .pptx
AkhileshKumar724847
 
unit 1 COST ACCOUNTING AND COST SHEET
MANJU N
 
Roadmap Map-digital Banking feature MB,IB,AB
Alemayehu
 
A Brief Introduction About Julia Allison
Julia Allison
 
MSPs in 10 Words - Created by US MSP Network
Mayur Gudka
 
Reconciliation AND MEMORANDUM RECONCILATION
MANJU N
 
ICG2025_ICG 6th steering committee 30-8-24.pptx
AtiarRahaman5
 
AI-assistance in Knowledge Collection and Curation supporting Safe and Sustai...
Barry Hardy
 
Elevate Cleaning Efficiency Using Tallfly Hair Remover Roller Factory Expertise
farsookmon97766765
 
Amazon (Business Studies) management studies
AbhirupVerma
 
unit 2 cost accounting- Tender and Quotation & Reconciliation Statement
MANJU N
 
Laughter Yoga Basic Learning Workshop Manual
yeechensee
 
Katrina Stoneking: Shaking Up the Alcohol Beverage Industry
CIO WOMEN MAGAIZNE CIO WOMEN MAGAIZNE
 

Lss implementing cyber security in the cloud, and from the cloud-feb14

  • 1. Implementing Cyber Security In & From The Cloud LS Subramanian niseindia.com
  • 2. Today’s Agenda Cloud Security Alliance (CSA) CSA’s “ Security Guidance for Critical Areas of Focus in Cloud Computing V 3.0” Cyber Security Solutions in the Cloud and from the cloud.
  • 3. About the Cloud Security Alliance • Global, not-for-profit organization • Over 23,000 individual members, 100 corporate members, 50 chapters • Building best practices and a trusted cloud ecosystem • Agile philosophy, rapid development of applied research – GRC: Balance compliance with risk management – Reference models: build using existing standards – Identity: a key foundation of a functioning cloud economy – Champion interoperability – Enable innovation – Advocacy of prudent public policy “To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.”
  • 5. HOW DO WE BUILD THE “TRUSTED CLOUD?”… • Strategy • Education • Security Framework • Assessment • Build for the Future Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
  • 6. Security Guidance for Critical Areas of Focus in Cloud Computing V3.0 Prepared by the Cloud Security Alliance
  • 7. What is Cloud Computing?
  • 8. CSA Security Guidance Cloud Computing Architecture
  • 9. CSA Security Guidance What is Security for Cloud Computing? Understanding the impact of these differences between service models and how they are deployed is critical to managing the risk posture of an organization.
  • 10. CSA Guidance Domains Architecture 1. Cloud Computing Architectural Framework Governing in the Cloud 2. Governance & Enterprise Risk Management 3. Legal Issues : Contracts & Electronic Discovery 4. Compliance & Audit Management 5. Information Management & Data Security 6. Interoperability & Portability
  • 11. CSA Guidance Domains Operating in the Cloud 7. Traditional Security, Business Continuity & DR 8. Data Center Operations 9. Incident Response 10. Application Security 11. Encryption & Key Mgmt 12. Identity & Access Mgmt 13. Virtualization 14. Security as a Service
  • 12. CSA - Trend Micro Partnership  Founding Sponsor of CSA’s HQ in APAC  Chair of the CSA Executive Council  Sponsor one global CSA research project  Sponsor of all CSA events in APAC  Update from all CSA Chapters in APAC  CCSK certification for Trend Micro cloud security experts  Engaging regional key stake holders including government, legal experts, service providers, technology providers and consumers.  Customizing/developing relevant best practices and standards for the APAC market.  Centre of excellence for research and training.  Establishment of global standards secretariat within APAC
  • 13. Cyber Security Solutions in the Cloud and from the cloud
  • 14. Who Has Control? Servers Virtualization & Public Cloud Public Cloud Public Cloud Private Cloud’’’’’ IaaS PaaS SaaS End-User (Enterprise) Service Provider Trend Micro Confidential 2/26/2013 Copyright 2009 Trend Micro Inc.
  • 15. SecureCloud: Enterprise Controlled Data Protection for the Cloud Patent pending Trend Micro technology enables enterprises to retain control of data in the cloud Trend Micro Confidential2/26/2013 Copyright 2009 Trend Micro Inc. 15
  • 16. A New Security Architecture For A New Era All environments should be considered un-trusted Users access app Deep Security Datacenter SecureCloud: • Facilitates movement between Public Cloud datacenter & cloud • Delivers control, security and compliance through encryption • Host defends Avoids service provider lock-in • itself from attack Enables secure storage recycling SecureCloud Data encrypted within the server Encryption keys controlled by you Encrypted Data Data Data Copyright 2009 Trend Micro Inc.
  • 17. CNAM – Real Time Attack Detection ARCHITECTURE
  • 18. CNAM – Real Time Attack Detection TOPOLOGY
  • 19. CNAM – Real Time Attack Detection MODEL
  • 20. Acknowledgement All ownership and credits for pictures, logos copyright and trademarks rests with the owners. We Acknowledge & thank owners for the use of their material in this presentation to educate on cloud computing. Material for this presentation has been sourced from CSA, NIST & Trend Micro & Net Monastery & others. We thank the organizations for allowing us to use this material.
  • 21. The Future of Computing is the Cloud lssubramanian@niseindia.com