Security Implications of the Cloud - CSS ATX 2017
0 likes316 views
The document discusses the security implications of cloud computing. It notes that web application attacks are now the number one source of data breaches, but less than 5% of data center security budgets are spent on application security. It also summarizes that the risks are moving up the application stack as attacks can happen at every layer. Defending applications and workloads in the cloud is complex due to a wide range of attacks, rapidly changing code introducing vulnerabilities, and a shortage of cloud security expertise. Perimeter security tools also fail to protect the larger cloud attack surface that now includes web and mobile applications.
Security Implications of the Cloud - CSS ATX 2017
- 1. SECURITY IMPLICATIONS OF THE CLOUD. Michael Stoeger Vice President Sales, Alert Logic
- 2. 5 47 74 89 184 289 277 222 207 571 Denial of Service Crimeware Physical Theft / Loss Payment Card Skimmers Everything Else Cyber-espionage Privilege Misuse Miscellaneous Errors POS Intrusions Web App Attacks Security risk is shifting to unprotected web applications Web app attacks are now the #1 source of data breaches But less than 5% of data center security budgets are spent on app security Source: Verizon DBIR 2017 n= 1,935 UP 300% SINCE 2014 $23 to $1 Percentage of Breaches 10% 20% 30% Source: Gartner Web App Attacks
- 3. Vulnerabilities + Change + Shortage Complexity of defending web applications and workloads Risks are moving up the stack 1. Wide range of attacks at every layer of the stack 2. Rapidly changing codebase can introduces unknown vulnerabilities 3. Long tail of exposures inherited from 3rd party development tools 4. Extreme shortage of cloud and application security expertise Web App Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks Perimeter & end-point security tools fail to protect cloud attack surface Web Apps Server-side Apps App Frameworks Dev Platforms Server OS Hypervisor Databases Networking Cloud Management
- 4. Tame the Beast Industry Challenge: The Good, the Bad and the Ugly Known Good Known Bad Suspicious Allow Identify | Tune | Permit Block Drop | Reconfigure Application Stack Web Apps Server-side Apps App Frameworks Dev Platforms Databases Server OS Hypervisor Hardware Classification Action HUMAN EXPERT REQUIRED
- 6. Customer X – Data Exfiltration Company Profile Textile Industry $65M Annual Revenue 500+ Employees 4 Branch Offices (NA) IT Dedicated Headcount – 14 Security Dedicated Headcount – 2 Hybrid Data Center (AWS & CoLo)
- 7. Customer X – Data Exfiltration Company Profile Textile Industry $65M Annual Revenue 500+ Employees 4 Branch Offices (NA) IT Dedicated Headcount – 14 Security Dedicated Headcount – 2 Hybrid Data Center (AWS & CoLo) Attack Progression Stalked company on LinkedIn and Google Gained entry through PHP (KNOWN) flaws Replaced PHP login to capture credentials Leveraged credentials to access critical system Stole Financial, Design data & Roadmap Undetected for 4 months – FBI Notification Cost of Breech - $1.8M
- 8. Thank You.