SlideShare a Scribd company logo

Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!

Netskope
Netskope

Security teams are constantly keeping up with complex attacks leveraging the cloud, but traditional security stacks just can’t keep pace with malicious actors or insiders. In the session, we’ll explore Gartner’s new SASE framework and how organizations can utilize Zero Trust, visibility into cloud-based traffic and cloud threat protection to build a modernized cloud-first stack.

Related slideshows

Mainframe Modernization with Precisely and Microsoft Azure
Mainframe Modernization with Precisely and Microsoft AzureMainframe Modernization with Precisely and Microsoft Azure
Mainframe Modernization with Precisely and Microsoft Azure
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
Security architecture
Security architectureSecurity architecture
Security architecture
 
1 of 19
Download to read offline
2020 © Netskope. All rights reserved. Reimagine your perimeter Why everyone needs a cloud-first security program SASEfaction guaranteed! JR:JR
2020 © Netskope. All rights reserved. Introductions James Robinson Ross Asquith Deputy CISO, Netskope jrobinson@netskope.com Security Transformation Principal, Netskope ross@netskope.com JR:RA
2020 © Netskope. All rights reserved. Work from the office Work from home RA:RA For many organizations there is increasingly little difference between working in the office and working remotely. This is due to the network perimeter changing…
2020 © Netskope. All rights reserved. Source:NetskopeCloudReport,August2019;Security2025 of enterprise web traffic consists of cloud 85% of enterprise devices are mobile and off the network half the time 90% Numbers Don’t Lie – Your Perimeter is Dissolving
2020 © Netskope. All rights reserved. IaaSSaaSWeb Data Center Apps FW SWG VPN Endpoint IPS Designed for controlled access RA:RA
2020 © Netskope. All rights reserved. Inappropriate Content Filtering Bandwidth Control Threat Protection APT & Malware Phishing Protection Cloud Delivered SSL @ Scale Mobile User Protection Branch Office Protection Activity Visibility Granular App Controls App Risk Insight Data Protection Cloud-Enabled Threat Defenses Websense ForcePoint Blue Coat / Symantec Cisco McAfee Zscaler Netskope Web Filtering On-Prem SWG Cloud Delivered SWG Next Gen SWG YEARS VERSION DESCRIPTION VENDORS BUSINESS DRIVER 0% 10% 30% 85% 0% of enterprise traffic that is cloud 1 9 9 9 - 2 0 0 8 1.0 10% of enterprise traffic that is cloud 2 0 0 8 - 2 0 1 3 2.0 30% of enterprise traffic that is cloud 2 0 1 3 - 2 0 1 7 3.0 85% of enterprise traffic that is cloud 2 0 1 8 - 2 0 2 5 4.0 Static Web (HTML) App Based Web (SaaS) Evolution of Secure Web Gateways RA:JR
2020 © Netskope. All rights reserved. 7 Top three cloud service workloads Leading cloud security concerns Leading cloud security priority 52%apps 48%storage 46%security 52%data privacy 51%data loss and leakage 32%malware protection Your data is in the cloud, is your security? Cloud migration and concerns JR:JR
2020 © Netskope. All rights reserved. • For the first time, phishing attacks on SaaS (36%) have surpassed phishing attacks on payment systems (27%) and financial institutions (16%). • Phishing attempts increase 400% 1H19, many malicious URLs found on trusted domains. • So far in 2019, nearly 1 in 4 malicious URLs (24%) were found on trusted domains. • It’s more difficult for security measures to block URLs on these trusted domains. WebrootAPWG Phishing Activity Trends Report, May 2019 Evidence JR:JR
2020 © Netskope. All rights reserved. 9 Profile Cloud Services Misconfigurations Open to Public Rogue Instances Cloud Hosting & C2 Landing Pages Phishing SaaS/Cloud (#1) Cloud Script / File Share Valid Domain & Certificate Fake Access Logins Compromise Credentials Cloud Payloads / Malware White Listed Domains/IPs Facebook, YouTube, Twitter Slack, GitHub (SLUB) Cloud Data Exfiltration Cloud Lateral Movement Resource Consumption Cloud-enabled Kill Chain JR:JR
2020 © Netskope. All rights reserved.
2020 © Netskope. All rights reserved. Device Managed Personal User, Group, OU Accounting Pat Smith Cloud Storage App Managed Unmanaged App Personal Instance Company File Sharing 100+ Categories URL Category Upload File (up, down, share, view) Activity AV/ML IOCs Scripts Macros Sandbox Threat DLP Profiles And Rules Content Policy Action Allow Block Coach Encrypt Legal Hold Quarantine etc. Risk Security Privacy Legal/Audit GDPR 50+ Risk Rating 36K Apps 97 Context is key Instance Awareness – determine company, personal, and rogue instances Activity-level Policy – determine 20+ activities for cloud services and apps Data Protection – determine login credentials (PII) in phishing forms Threat Protection – prevent known and detect unknown cloud-enabled threats JR:JR
2020 © Netskope. All rights reserved. Complexity of trying to implement security at the perimeter
2020 © Netskope. All rights reserved. What’s the solution?
2020 © Netskope. All rights reserved.
2020 © Netskope. All rights reserved. HQ + Data center Firewall VPN Sandbox IPS / IDS UEBA Web Sec DLP BYOD Branch Remote Device Web and Cloud RA:RA
2020 © Netskope. All rights reserved. HQ + Data center Firewall BYOD Branch Remote Device Security will no longer be “entombed” in a box in the data center SASE will be as disruptive to network and network security architectures as IaaS was to the data center. Digital business transformation will require SASE SASE – Secure Access Service Edge Web and Cloud RA:RA VPN Sandbox IPS / IDS UEBA Web Sec DLP
2020 © Netskope. All rights reserved. HQ + Data center 5G Mobile WiFi APs Commodity hardware SDN fabric Legacy Apps IOT Devices BYOD Branch Remote Device Future operating model SASE – Secure Access Service Edge Web and Cloud RA:RA
2020 © Netskope. All rights reserved. Future Security Stack is in the Cloud The Future Stack includes: • SASE • Identity authentication • Endpoint Security Management • Security Operations • User Behavior Analysis Endpoint machines Threat Intel Exchange Response Actions UEBA / SOAR SECURE ACCESS SERVICE EDGE ENDPOINT Web SaaS IaaS/PaaS User Data Entity Data IDENTITY Authentication and SSO Response Actions Private Access RA:RA
2020 © Netskope. All rights reserved. Visit us: Netskope booth #5981 (Moscone North) Thank you. QUESTIONS? Netskope cloud security report: www.netskope.com RA:RA

More Related Content

Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!

  • 1. 2020 © Netskope. All rights reserved. Reimagine your perimeter Why everyone needs a cloud-first security program SASEfaction guaranteed! JR:JR
  • 2. 2020 © Netskope. All rights reserved. Introductions James Robinson Ross Asquith Deputy CISO, Netskope jrobinson@netskope.com Security Transformation Principal, Netskope ross@netskope.com JR:RA
  • 3. 2020 © Netskope. All rights reserved. Work from the office Work from home RA:RA For many organizations there is increasingly little difference between working in the office and working remotely. This is due to the network perimeter changing…
  • 4. 2020 © Netskope. All rights reserved. Source:NetskopeCloudReport,August2019;Security2025 of enterprise web traffic consists of cloud 85% of enterprise devices are mobile and off the network half the time 90% Numbers Don’t Lie – Your Perimeter is Dissolving
  • 5. 2020 © Netskope. All rights reserved. IaaSSaaSWeb Data Center Apps FW SWG VPN Endpoint IPS Designed for controlled access RA:RA
  • 6. 2020 © Netskope. All rights reserved. Inappropriate Content Filtering Bandwidth Control Threat Protection APT & Malware Phishing Protection Cloud Delivered SSL @ Scale Mobile User Protection Branch Office Protection Activity Visibility Granular App Controls App Risk Insight Data Protection Cloud-Enabled Threat Defenses Websense ForcePoint Blue Coat / Symantec Cisco McAfee Zscaler Netskope Web Filtering On-Prem SWG Cloud Delivered SWG Next Gen SWG YEARS VERSION DESCRIPTION VENDORS BUSINESS DRIVER 0% 10% 30% 85% 0% of enterprise traffic that is cloud 1 9 9 9 - 2 0 0 8 1.0 10% of enterprise traffic that is cloud 2 0 0 8 - 2 0 1 3 2.0 30% of enterprise traffic that is cloud 2 0 1 3 - 2 0 1 7 3.0 85% of enterprise traffic that is cloud 2 0 1 8 - 2 0 2 5 4.0 Static Web (HTML) App Based Web (SaaS) Evolution of Secure Web Gateways RA:JR
  • 7. 2020 © Netskope. All rights reserved. 7 Top three cloud service workloads Leading cloud security concerns Leading cloud security priority 52%apps 48%storage 46%security 52%data privacy 51%data loss and leakage 32%malware protection Your data is in the cloud, is your security? Cloud migration and concerns JR:JR
  • 8. 2020 © Netskope. All rights reserved. • For the first time, phishing attacks on SaaS (36%) have surpassed phishing attacks on payment systems (27%) and financial institutions (16%). • Phishing attempts increase 400% 1H19, many malicious URLs found on trusted domains. • So far in 2019, nearly 1 in 4 malicious URLs (24%) were found on trusted domains. • It’s more difficult for security measures to block URLs on these trusted domains. WebrootAPWG Phishing Activity Trends Report, May 2019 Evidence JR:JR
  • 9. 2020 © Netskope. All rights reserved. 9 Profile Cloud Services Misconfigurations Open to Public Rogue Instances Cloud Hosting & C2 Landing Pages Phishing SaaS/Cloud (#1) Cloud Script / File Share Valid Domain & Certificate Fake Access Logins Compromise Credentials Cloud Payloads / Malware White Listed Domains/IPs Facebook, YouTube, Twitter Slack, GitHub (SLUB) Cloud Data Exfiltration Cloud Lateral Movement Resource Consumption Cloud-enabled Kill Chain JR:JR
  • 10. 2020 © Netskope. All rights reserved.
  • 11. 2020 © Netskope. All rights reserved. Device Managed Personal User, Group, OU Accounting Pat Smith Cloud Storage App Managed Unmanaged App Personal Instance Company File Sharing 100+ Categories URL Category Upload File (up, down, share, view) Activity AV/ML IOCs Scripts Macros Sandbox Threat DLP Profiles And Rules Content Policy Action Allow Block Coach Encrypt Legal Hold Quarantine etc. Risk Security Privacy Legal/Audit GDPR 50+ Risk Rating 36K Apps 97 Context is key Instance Awareness – determine company, personal, and rogue instances Activity-level Policy – determine 20+ activities for cloud services and apps Data Protection – determine login credentials (PII) in phishing forms Threat Protection – prevent known and detect unknown cloud-enabled threats JR:JR
  • 12. 2020 © Netskope. All rights reserved. Complexity of trying to implement security at the perimeter
  • 13. 2020 © Netskope. All rights reserved. What’s the solution?
  • 14. 2020 © Netskope. All rights reserved.
  • 15. 2020 © Netskope. All rights reserved. HQ + Data center Firewall VPN Sandbox IPS / IDS UEBA Web Sec DLP BYOD Branch Remote Device Web and Cloud RA:RA
  • 16. 2020 © Netskope. All rights reserved. HQ + Data center Firewall BYOD Branch Remote Device Security will no longer be “entombed” in a box in the data center SASE will be as disruptive to network and network security architectures as IaaS was to the data center. Digital business transformation will require SASE SASE – Secure Access Service Edge Web and Cloud RA:RA VPN Sandbox IPS / IDS UEBA Web Sec DLP
  • 17. 2020 © Netskope. All rights reserved. HQ + Data center 5G Mobile WiFi APs Commodity hardware SDN fabric Legacy Apps IOT Devices BYOD Branch Remote Device Future operating model SASE – Secure Access Service Edge Web and Cloud RA:RA
  • 18. 2020 © Netskope. All rights reserved. Future Security Stack is in the Cloud The Future Stack includes: • SASE • Identity authentication • Endpoint Security Management • Security Operations • User Behavior Analysis Endpoint machines Threat Intel Exchange Response Actions UEBA / SOAR SECURE ACCESS SERVICE EDGE ENDPOINT Web SaaS IaaS/PaaS User Data Entity Data IDENTITY Authentication and SSO Response Actions Private Access RA:RA
  • 19. 2020 © Netskope. All rights reserved. Visit us: Netskope booth #5981 (Moscone North) Thank you. QUESTIONS? Netskope cloud security report: www.netskope.com RA:RA