Secureworks Cloud Security Journey: Threat to Opportunities

This presentation was by Yaqub Ismail from Secureworks

This presentation followed the Splunk presentation and was also a very good talk that went over several topics such as cloud adoption and lack of cloud security, threat landscape, and proper development lifecycle. There were fewer slides in this however there were was a lot of talking that was not on the slides including discussing the recent major twitter attack (https://threatpost.com/the-great-twitter-hack-what-we-know-what-we-dont/157538/) so I highly recommend watching the recording of it to get everything out of this talk (this talk start around 50 minutes in).

  • Challenges faced by security leaders

    • How can I allocate resources and funds and identify where to prioritize investment and time efficiently while meeting security, regulatory, and business objectives?

    • How can I gain confidence in my approach and its ability to align risk and business goals?

    • How can I enable the business to securely innovate, migrate to the cloud, and drive digital transformation

    • According to Gartner, through 2025, 99% of cloud security failures will be the customer's fault and 90% of the organization that fail to control public cloud use will inappropriately share sensitive data

  • Current threat landscape

    • Vulnerabilities

      • Misconfigurations

      • Hardening standards

      • Lack of policy/standards

      • Breakdown in shared responsibility model

      • Lack of shared database

      • Infrastructure as code templates

      • Excess privileges

      • Attack automation

    • Threats

      • Impact to reputation

      • Loss of intellectual property (IP)

      • Regulatory implications

      • Brand impact

      • Legal and contractual liabilities

      • Financial impact from incident and breaches

    • Opportunities

      • Information security needs executive level attention

      • A skilled cyber workforce is essential to keep pace with evolving threats

      • More oversight and partnership with cloud service providers (CSPs)

      • The financial impact of breaches is not fully examined

      • Improving employee awareness & vigilance is increasingly important

  • Cybersecurity Journey

    • Meet

      • Security and compliance requirement

      • Streamline compliance, build business context & reporting

    • Address

      • Known & unknown risks

      • Expand risk focus, improve analysis & metrics

    • Enable

      • New business opportunities

      • Connect risk and the business with cross functional processes

  • Cybersecurity Lifecycle

    • Know & Assess

      • Cyber-risk assessment

      • Controls & technical assessment

    • Build & Operate

      • Cybersecurity countermeasures

      • Means of risk reduction

      • Integrate new business

    • Test & Maintain

      • Maintenance, monitoring, and management of change

      • Incident response & recovery

  • Assessing and Understanding Risk

    • Risk = Threat x Impact x Probability