Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!

Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!

• 1.
  2020 © Netskope.All rights reserved. Reimagine your perimeter Why everyone needs a cloud-first security program SASEfaction guaranteed! JR:JR
• 2.
  2020 © Netskope.All rights reserved. Introductions James Robinson Ross Asquith Deputy CISO, Netskope jrobinson@netskope.com Security Transformation Principal, Netskope ross@netskope.com JR:RA
• 3.
  2020 © Netskope.All rights reserved. Work from the office Work from home RA:RA For many organizations there is increasingly little difference between working in the office and working remotely. This is due to the network perimeter changing…
• 4.
  2020 © Netskope.All rights reserved. Source:NetskopeCloudReport,August2019;Security2025 of enterprise web traffic consists of cloud 85% of enterprise devices are mobile and off the network half the time 90% Numbers Don’t Lie – Your Perimeter is Dissolving
• 5.
  2020 © Netskope.All rights reserved. IaaSSaaSWeb Data Center Apps FW SWG VPN Endpoint IPS Designed for controlled access RA:RA
• 6.
  2020 © Netskope.All rights reserved. Inappropriate Content Filtering Bandwidth Control Threat Protection APT & Malware Phishing Protection Cloud Delivered SSL @ Scale Mobile User Protection Branch Office Protection Activity Visibility Granular App Controls App Risk Insight Data Protection Cloud-Enabled Threat Defenses Websense ForcePoint Blue Coat / Symantec Cisco McAfee Zscaler Netskope Web Filtering On-Prem SWG Cloud Delivered SWG Next Gen SWG YEARS VERSION DESCRIPTION VENDORS BUSINESS DRIVER 0% 10% 30% 85% 0% of enterprise traffic that is cloud 1 9 9 9 - 2 0 0 8 1.0 10% of enterprise traffic that is cloud 2 0 0 8 - 2 0 1 3 2.0 30% of enterprise traffic that is cloud 2 0 1 3 - 2 0 1 7 3.0 85% of enterprise traffic that is cloud 2 0 1 8 - 2 0 2 5 4.0 Static Web (HTML) App Based Web (SaaS) Evolution of Secure Web Gateways RA:JR
• 7.
  2020 © Netskope.All rights reserved. 7 Top three cloud service workloads Leading cloud security concerns Leading cloud security priority 52%apps 48%storage 46%security 52%data privacy 51%data loss and leakage 32%malware protection Your data is in the cloud, is your security? Cloud migration and concerns JR:JR
• 8.
  2020 © Netskope.All rights reserved. • For the first time, phishing attacks on SaaS (36%) have surpassed phishing attacks on payment systems (27%) and financial institutions (16%). • Phishing attempts increase 400% 1H19, many malicious URLs found on trusted domains. • So far in 2019, nearly 1 in 4 malicious URLs (24%) were found on trusted domains. • It’s more difficult for security measures to block URLs on these trusted domains. WebrootAPWG Phishing Activity Trends Report, May 2019 Evidence JR:JR
• 9.
  2020 © Netskope.All rights reserved. 9 Profile Cloud Services Misconfigurations Open to Public Rogue Instances Cloud Hosting & C2 Landing Pages Phishing SaaS/Cloud (#1) Cloud Script / File Share Valid Domain & Certificate Fake Access Logins Compromise Credentials Cloud Payloads / Malware White Listed Domains/IPs Facebook, YouTube, Twitter Slack, GitHub (SLUB) Cloud Data Exfiltration Cloud Lateral Movement Resource Consumption Cloud-enabled Kill Chain JR:JR
• 10.
  2020 © Netskope.All rights reserved.
• 11.
  2020 © Netskope.All rights reserved. Device Managed Personal User, Group, OU Accounting Pat Smith Cloud Storage App Managed Unmanaged App Personal Instance Company File Sharing 100+ Categories URL Category Upload File (up, down, share, view) Activity AV/ML IOCs Scripts Macros Sandbox Threat DLP Profiles And Rules Content Policy Action Allow Block Coach Encrypt Legal Hold Quarantine etc. Risk Security Privacy Legal/Audit GDPR 50+ Risk Rating 36K Apps 97 Context is key Instance Awareness – determine company, personal, and rogue instances Activity-level Policy – determine 20+ activities for cloud services and apps Data Protection – determine login credentials (PII) in phishing forms Threat Protection – prevent known and detect unknown cloud-enabled threats JR:JR
• 12.
  2020 © Netskope.All rights reserved. Complexity of trying to implement security at the perimeter
• 13.
  2020 © Netskope.All rights reserved. What’s the solution?
• 14.
  2020 © Netskope.All rights reserved.
• 15.
  2020 © Netskope.All rights reserved. HQ + Data center Firewall VPN Sandbox IPS / IDS UEBA Web Sec DLP BYOD Branch Remote Device Web and Cloud RA:RA
• 16.
  2020 © Netskope.All rights reserved. HQ + Data center Firewall BYOD Branch Remote Device Security will no longer be “entombed” in a box in the data center SASE will be as disruptive to network and network security architectures as IaaS was to the data center. Digital business transformation will require SASE SASE – Secure Access Service Edge Web and Cloud RA:RA VPN Sandbox IPS / IDS UEBA Web Sec DLP
• 17.
  2020 © Netskope.All rights reserved. HQ + Data center 5G Mobile WiFi APs Commodity hardware SDN fabric Legacy Apps IOT Devices BYOD Branch Remote Device Future operating model SASE – Secure Access Service Edge Web and Cloud RA:RA
• 18.
  2020 © Netskope.All rights reserved. Future Security Stack is in the Cloud The Future Stack includes: • SASE • Identity authentication • Endpoint Security Management • Security Operations • User Behavior Analysis Endpoint machines Threat Intel Exchange Response Actions UEBA / SOAR SECURE ACCESS SERVICE EDGE ENDPOINT Web SaaS IaaS/PaaS User Data Entity Data IDENTITY Authentication and SSO Response Actions Private Access RA:RA
• 19.
  2020 © Netskope.All rights reserved. Visit us: Netskope booth #5981 (Moscone North) Thank you. QUESTIONS? Netskope cloud security report: www.netskope.com RA:RA