SlideShare une entreprise Scribd logo

Securing the Cloud

Télécharger en tant que PPTX, PDF
GGV Capital
GGV Capital

GGV Managing Partner Glenn Solomon reviews the current state of cybersecurity, the key targets and threats, and how the landscape is evolving.

Technologie
1  sur  19
Securing the Cloud Glenn Solomon Feb 2016
• 1 team in the US and China • $2.6 billion under management • 6 funds | 150+ investments • 15 years | 27 IPOs GLEN N SOLOMON • Managing Partner • 10 years at GGV Capital • Enterprise, SaaS, Cloud, Security, Mobile • goinglongblog.com | @glennsolomon
Cybercrime is a Growth Industry Source: 2015 Verizon DBIR Report; ITRC ; HP 2015 Cost of Cyber Crime Study; The Global State of Information Security Survey 2015; McAfee Net Losses – Estimating the Cost of Cybercrime 42.8M Security Incidents 5,810 Confirmed Data Breaches 61 Countries $445B Annual Cost to the Global Economy
Data Breaches by the Numbers Data Records Lost or Stolen in 2014 2,803,306 records lost or stolen every day 116,793 records every hour 1,947 records every minute 32 records every second Source: SafeNet – The Art of Data Protection, Feb 2015 Only 4% of breaches were “Secure Breaches” where encryption was used and the stolen data was rendered useless
Data Breaches are across all Industries Source: WSJ
Hackers & Their Weapons Participants Hackers Hacktivists Criminal Organizations Commercial Vendors State Sponsored Terror Groups Available to Purchase Hacking Tools Zero-day Exploits Credit Card Data eCommerce/Social- Media Credentials Key Participants Eastern Europe Russia China US Latin America Source: RAND National Security Research Division
The Cybersecurity Landscape is Vast Source: Momentum Partners
Common Threats & Victims Identity Theft Phishing Social Engineering Cyber AttackCyber Extortion When you protect your company, you need to focus on all possible weaknesses. Hackers only need to find one way in…
The Corporate Challenge Source: 2015 Verizon DBIR Report; BTIG Security Report – Attack of the Clones Cloud-based Applications Social Networking Virtualization BYOD 83 million software applications today; 141 million by 2017 Stolen or weak credentials involved in 76% of cyber attacks 14% of attacks or exploits are on cloud services, applications, or storage systems Mobile security breaches have affected 65% of global organizations in the last 12 months
The Next Generation of Cyber Security Source: BTIG Security Report – Attack of the Clones Legacy Security Companies Next Generation Equivalent Firewall/Intrusion Prevention System Next Generation Network Security Antivirus Next Generation Endpoint/Malicious Detection Web Gateway/URL Filtering Cloud Security & Data Protection Authentication, Authorization & Accounting Identity & Access Management – The New Perimeter Secure Event Management Security Intelligence & Analytics Data Security Data Security, Discovery, Clarification, Control & Intel Data Loss Prevention Inside Threat Protection Governance, Risk Management & Compliance Compliance Automation and Data Governance
New Threat Vectors Source: Immuniweb, Symantec Internet Security Threat Report 2015; Crowd Research Partners – Insider Threat Report Social Media Protection While email remains a significant attack vector, 70% of social media scams were manually shared. Advanced Persistent Threats Zero-day exploits are almost impossible to detect and will work 9 out of 10 cases because they have legal, financial and banking industry experts, psychologists, and even ex-law enforcement officers behind them. Insider Threats Privileged users, such as managers with access to sensitive information, pose the biggest insider threat to organizations. This is followed by contractors, consultants, and regular employees. Compromised account credentials, or when someone’s account is hijacked, are also a big part of this risk.
New Threat Vectors Internet of Things These hubs, switches, and router are increasingly used to target the network. They have processing, storage, and internet connectivity. Mobile Security & Protection As more users rely on their mobile devices, more spam, scams, and threats are tailored to these devices. Mobile malware such as bootkits will become harder to remove. Critical Infrastructure The most significant trend is the use of malware to compromise supervisory control and data acquisition (SCADA) systems, including Homeless Management Information System (HMIS), historians, and other connected devices. Source: Symantec Internet Security Threat Report 2015; Crowd Research Partners – Insider Threat Report
Approaches Over Time 1987-2009 2009-2014 2014 onward 2015 onward Signatures Sandboxes Anomaly Detection Zero-Trust APT Attack Sophistication Level Hammertoss, Black Energy, etc Endpoint Content Network Source: Based on Agari presentation material
Modern Security Challenges in the Cloud Challenge: Corporate services are migrating to the cloud Secure Application Access Privileged Access Management Multi-Factor Authentication FirewallsNetwork Access Control SSO Challenge: Dynamic workloads due to multi-tiered apps & virtualization, containers, micro-services, etc. Protect Server to Server Interactions Cloud Workload ManagementMachine Firewalls
Modern Security Challenges in the Cloud (cont) Challenge: Employees on websites via HTTP and mail –some malicious Securing Employee to Internet Cloud Policy ManagementCloud Access Security Brokers SaaS Data Encryption Challenge: Rapid development cycles leave little room for security checks Web App Security RASPsWAFs CDNs
Emerging Protection for Emerging Threats Insider Threat Detection Machine Learning to Spot Attacks Industrial & Connected Device Security
Security Startups Raised $10.9B across 1074 Deals since 2010 Source: Momentum Partners, CB Insights
Additional Resources Books Blogs http://goinglongblog.com/ https://krebsonsecurity.com/
Q&A

Recommandé

Snyk investor deck late 2015 short
Snyk investor deck late 2015 shortSnyk investor deck late 2015 short
Snyk investor deck late 2015 short
Ed Sim
 
Black Box Global Corporate Presentation - Jul'23
Black Box Global Corporate Presentation - Jul'23Black Box Global Corporate Presentation - Jul'23
Black Box Global Corporate Presentation - Jul'23
Black Box
 
N26 - NOAH16 London
N26 - NOAH16 LondonN26 - NOAH16 London
N26 - NOAH16 London
NOAH Advisors
 
Accenture Sales Transformation - Agile Selling by Yasuf Tayob
Accenture Sales Transformation - Agile Selling by Yasuf TayobAccenture Sales Transformation - Agile Selling by Yasuf Tayob
Accenture Sales Transformation - Agile Selling by Yasuf Tayob
InsideSales.com
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
ICT Frame Magazine Pvt. Ltd.
 
Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3
DallasHaselhorst
 
IT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation SlidesIT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation Slides
SlideTeam
 
Kickfolio - 500Startups Batch 5
Kickfolio - 500Startups Batch 5Kickfolio - 500Startups Batch 5
Kickfolio - 500Startups Batch 5
500 Startups
 

Recommandé

Snyk investor deck late 2015 short
Snyk investor deck late 2015 shortSnyk investor deck late 2015 short
Snyk investor deck late 2015 short
Ed Sim
 
Black Box Global Corporate Presentation - Jul'23
Black Box Global Corporate Presentation - Jul'23Black Box Global Corporate Presentation - Jul'23
Black Box Global Corporate Presentation - Jul'23
Black Box
 
N26 - NOAH16 London
N26 - NOAH16 LondonN26 - NOAH16 London
N26 - NOAH16 London
NOAH Advisors
 
Accenture Sales Transformation - Agile Selling by Yasuf Tayob
Accenture Sales Transformation - Agile Selling by Yasuf TayobAccenture Sales Transformation - Agile Selling by Yasuf Tayob
Accenture Sales Transformation - Agile Selling by Yasuf Tayob
InsideSales.com
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
ICT Frame Magazine Pvt. Ltd.
 
Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3
DallasHaselhorst
 
IT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation SlidesIT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation Slides
SlideTeam
 
Kickfolio - 500Startups Batch 5
Kickfolio - 500Startups Batch 5Kickfolio - 500Startups Batch 5
Kickfolio - 500Startups Batch 5
500 Startups
 
(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion
Pitch Decks
 
Simba Chain pitch deck
Simba Chain pitch deckSimba Chain pitch deck
Simba Chain pitch deck
HajeJanKamps
 
Implementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptxImplementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptx
damilolasunmola
 
Heyday
HeydayHeyday
Heyday
PPerksi
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
Cristian Mihai
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
Okta-Inc
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
Ronald Soh
 
MetaCert Investor Pitch Deck That Secured $1.2M in Seed Capital (Unedited)
MetaCert Investor Pitch Deck That Secured $1.2M in Seed Capital (Unedited)MetaCert Investor Pitch Deck That Secured $1.2M in Seed Capital (Unedited)
MetaCert Investor Pitch Deck That Secured $1.2M in Seed Capital (Unedited)
Paul Walsh
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk Programs
Rahul Neel Mani
 
Transferwise: €56K VC investment turned into $3.5B. Transferwise's initial pi...
Transferwise: €56K VC investment turned into $3.5B. Transferwise's initial pi...Transferwise: €56K VC investment turned into $3.5B. Transferwise's initial pi...
Transferwise: €56K VC investment turned into $3.5B. Transferwise's initial pi...
AA BB
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
Jen Ruhman
 
Publishing Production: From the Desktop to the Cloud
Publishing Production: From the Desktop to the CloudPublishing Production: From the Desktop to the Cloud
Publishing Production: From the Desktop to the Cloud
Deanta
 
The Complete Starter Guide To Tumblr Marketing
The Complete Starter Guide To Tumblr MarketingThe Complete Starter Guide To Tumblr Marketing
The Complete Starter Guide To Tumblr Marketing
Viraltag Inc.
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
PhishingBox
 
Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1
DallasHaselhorst
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
William Mann
 
Monzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deck
Monzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deckMonzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deck
Monzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deck
AA BB
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
kishore golla
 
Rethinking Transformational Change
Rethinking Transformational ChangeRethinking Transformational Change
Rethinking Transformational Change
Jason Little
 
31+ Startup Tools, Both Online & Offline
31+ Startup Tools, Both Online & Offline31+ Startup Tools, Both Online & Offline
31+ Startup Tools, Both Online & Offline
Pixc
 

Contenu connexe

Tendances

(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion
Pitch Decks
 
Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1
DallasHaselhorst
 
Monzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deck
Monzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deckMonzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deck
Monzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deck
AA BB
 

Tendances (20)

(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion
 
Simba Chain pitch deck
Simba Chain pitch deckSimba Chain pitch deck
Simba Chain pitch deck
 
Implementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptxImplementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptx
 
Heyday
HeydayHeyday
Heyday
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
 
MetaCert Investor Pitch Deck That Secured $1.2M in Seed Capital (Unedited)
MetaCert Investor Pitch Deck That Secured $1.2M in Seed Capital (Unedited)MetaCert Investor Pitch Deck That Secured $1.2M in Seed Capital (Unedited)
MetaCert Investor Pitch Deck That Secured $1.2M in Seed Capital (Unedited)
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk Programs
 
Transferwise: €56K VC investment turned into $3.5B. Transferwise's initial pi...
Transferwise: €56K VC investment turned into $3.5B. Transferwise's initial pi...Transferwise: €56K VC investment turned into $3.5B. Transferwise's initial pi...
Transferwise: €56K VC investment turned into $3.5B. Transferwise's initial pi...
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Publishing Production: From the Desktop to the Cloud
Publishing Production: From the Desktop to the CloudPublishing Production: From the Desktop to the Cloud
Publishing Production: From the Desktop to the Cloud
 
The Complete Starter Guide To Tumblr Marketing
The Complete Starter Guide To Tumblr MarketingThe Complete Starter Guide To Tumblr Marketing
The Complete Starter Guide To Tumblr Marketing
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
 
Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Monzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deck
Monzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deckMonzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deck
Monzo: £19.3M VC investment turned into $2B. Monzo's Series C pitch deck
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
 

En vedette

Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
AdNerds
 
Innovation Enablers: Culture, Community & Code
Innovation Enablers: Culture, Community & Code Innovation Enablers: Culture, Community & Code
Innovation Enablers: Culture, Community & Code
Angel Diaz
 

En vedette (20)

Rethinking Transformational Change
Rethinking Transformational ChangeRethinking Transformational Change
Rethinking Transformational Change
 
31+ Startup Tools, Both Online & Offline
31+ Startup Tools, Both Online & Offline31+ Startup Tools, Both Online & Offline
31+ Startup Tools, Both Online & Offline
 
TEDxSanFrancisco – Review
TEDxSanFrancisco – ReviewTEDxSanFrancisco – Review
TEDxSanFrancisco – Review
 
Net neutrality: The Basics
Net neutrality: The BasicsNet neutrality: The Basics
Net neutrality: The Basics
 
The Human Body in the IoT. Tim Cannon + Ryan O'Shea
The Human Body in the IoT. Tim Cannon + Ryan O'SheaThe Human Body in the IoT. Tim Cannon + Ryan O'Shea
The Human Body in the IoT. Tim Cannon + Ryan O'Shea
 
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
Facebook, LinkedIN & Beyond - or how the new media changed how sales people d...
 
Business optimization | building your first million is easy
Business optimization | building your first million is easyBusiness optimization | building your first million is easy
Business optimization | building your first million is easy
 
Innovation Enablers: Culture, Community & Code
Innovation Enablers: Culture, Community & Code Innovation Enablers: Culture, Community & Code
Innovation Enablers: Culture, Community & Code
 
Innovating supply chains in Asia
Innovating supply chains in AsiaInnovating supply chains in Asia
Innovating supply chains in Asia
 
Kuala Lumpur CTO Summit - How to fire employees
Kuala Lumpur CTO Summit - How to fire employeesKuala Lumpur CTO Summit - How to fire employees
Kuala Lumpur CTO Summit - How to fire employees
 
ADP ReThink 2016: Evolution of Work
ADP ReThink 2016: Evolution of WorkADP ReThink 2016: Evolution of Work
ADP ReThink 2016: Evolution of Work
 
Facebook et la présidentielle 2012
Facebook et la présidentielle 2012Facebook et la présidentielle 2012
Facebook et la présidentielle 2012
 
Enterprise 2.0 @ Sun Microsystems
Enterprise 2.0 @ Sun MicrosystemsEnterprise 2.0 @ Sun Microsystems
Enterprise 2.0 @ Sun Microsystems
 
Vers une architecture de l'information
Vers une architecture de l'informationVers une architecture de l'information
Vers une architecture de l'information
 
Infographic: Cloud Security Superhero
Infographic: Cloud Security SuperheroInfographic: Cloud Security Superhero
Infographic: Cloud Security Superhero
 
Brennpunkt2015 Neuburger
Brennpunkt2015 NeuburgerBrennpunkt2015 Neuburger
Brennpunkt2015 Neuburger
 
Offline is the new online - Le futur d'internet n'est plus derrière un écran
Offline is the new online - Le futur d'internet n'est plus derrière un écranOffline is the new online - Le futur d'internet n'est plus derrière un écran
Offline is the new online - Le futur d'internet n'est plus derrière un écran
 
Understanding strategy in innovation and technology oriented business
Understanding strategy in innovation and technology oriented businessUnderstanding strategy in innovation and technology oriented business
Understanding strategy in innovation and technology oriented business
 
Knowledge Management: Putting Information to Good Use
Knowledge Management: Putting Information to Good UseKnowledge Management: Putting Information to Good Use
Knowledge Management: Putting Information to Good Use
 
The Future of Education is Digital
The Future of Education is DigitalThe Future of Education is Digital
The Future of Education is Digital
 

Similaire à Securing the Cloud

Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
IBM Security
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government Sector
Symantec
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Cristian Garcia G.
 

Similaire à Securing the Cloud (20)

Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber Security
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government Sector
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
The State of Data Security
The State of Data SecurityThe State of Data Security
The State of Data Security
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful Business
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.
 
Centrify rethink security brochure
Centrify rethink security brochureCentrify rethink security brochure
Centrify rethink security brochure
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – Netmagic
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Level3-ATC comSpark.tech Presentation Snapshot
Level3-ATC comSpark.tech Presentation SnapshotLevel3-ATC comSpark.tech Presentation Snapshot
Level3-ATC comSpark.tech Presentation Snapshot
 

Plus de GGV Capital

Plus de GGV Capital (20)

THE DIGITAL ECONOMY INDEX 2021
THE DIGITAL ECONOMY INDEX 2021THE DIGITAL ECONOMY INDEX 2021
THE DIGITAL ECONOMY INDEX 2021
 
THE DIGITAL ECONOMY INDEX 2020
THE DIGITAL ECONOMY INDEX 2020THE DIGITAL ECONOMY INDEX 2020
THE DIGITAL ECONOMY INDEX 2020
 
Lessons from US & China for Global Entrepreneurs
Lessons from US & China for Global EntrepreneursLessons from US & China for Global Entrepreneurs
Lessons from US & China for Global Entrepreneurs
 
Hans Y Combinator Presentation on Lessons from China for Global Entrepreneurs
Hans Y Combinator Presentation on Lessons from China for Global EntrepreneursHans Y Combinator Presentation on Lessons from China for Global Entrepreneurs
Hans Y Combinator Presentation on Lessons from China for Global Entrepreneurs
 
WSJ Converge 2017 Final: China Frontier Tech Trends
WSJ Converge 2017 Final: China Frontier Tech TrendsWSJ Converge 2017 Final: China Frontier Tech Trends
WSJ Converge 2017 Final: China Frontier Tech Trends
 
Evolving Ecommerce NYC Summit Quotes
Evolving Ecommerce NYC Summit QuotesEvolving Ecommerce NYC Summit Quotes
Evolving Ecommerce NYC Summit Quotes
 
Evolving Enterprise Highlights
Evolving Enterprise HighlightsEvolving Enterprise Highlights
Evolving Enterprise Highlights
 
2016 Year in Review
2016 Year in Review2016 Year in Review
2016 Year in Review
 
GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016
GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016
GGV Capital Jenny Lee: Next Gen Wearables, Transportation and Robotics June 2016
 
GGV Capital 2015 Year in Review
GGV Capital 2015 Year in ReviewGGV Capital 2015 Year in Review
GGV Capital 2015 Year in Review
 
Monetization in the US and China: Where to Invest
Monetization in the US and China: Where to InvestMonetization in the US and China: Where to Invest
Monetization in the US and China: Where to Invest
 
The Mobile Generation: China's Millennials
The Mobile Generation: China's MillennialsThe Mobile Generation: China's Millennials
The Mobile Generation: China's Millennials
 
GGV Capital Cross-Border Opportunities
GGV Capital Cross-Border OpportunitiesGGV Capital Cross-Border Opportunities
GGV Capital Cross-Border Opportunities
 
GGV Capital Mobile Trends Review
GGV Capital Mobile Trends ReviewGGV Capital Mobile Trends Review
GGV Capital Mobile Trends Review
 
Silicon Valley and Emerging Markets
Silicon Valley and Emerging Markets Silicon Valley and Emerging Markets
Silicon Valley and Emerging Markets
 
Big Data, Big Investment
Big Data, Big InvestmentBig Data, Big Investment
Big Data, Big Investment
 
State of the US VC Market
State of the US VC MarketState of the US VC Market
State of the US VC Market
 
GGV Capital Viewpoint: Internet of Things
GGV Capital Viewpoint: Internet of ThingsGGV Capital Viewpoint: Internet of Things
GGV Capital Viewpoint: Internet of Things
 
Sales and Marketing 3.0: The High Velocity Model
Sales and Marketing 3.0: The High Velocity ModelSales and Marketing 3.0: The High Velocity Model
Sales and Marketing 3.0: The High Velocity Model
 
GGV Capital Year in Review 2014
GGV Capital Year in Review 2014GGV Capital Year in Review 2014
GGV Capital Year in Review 2014
 

Dernier

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Dernier (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Securing the Cloud

  • 1. Securing the Cloud Glenn Solomon Feb 2016
  • 2. • 1 team in the US and China • $2.6 billion under management • 6 funds | 150+ investments • 15 years | 27 IPOs GLEN N SOLOMON • Managing Partner • 10 years at GGV Capital • Enterprise, SaaS, Cloud, Security, Mobile • goinglongblog.com | @glennsolomon
  • 3. Cybercrime is a Growth Industry Source: 2015 Verizon DBIR Report; ITRC ; HP 2015 Cost of Cyber Crime Study; The Global State of Information Security Survey 2015; McAfee Net Losses – Estimating the Cost of Cybercrime 42.8M Security Incidents 5,810 Confirmed Data Breaches 61 Countries $445B Annual Cost to the Global Economy
  • 4. Data Breaches by the Numbers Data Records Lost or Stolen in 2014 2,803,306 records lost or stolen every day 116,793 records every hour 1,947 records every minute 32 records every second Source: SafeNet – The Art of Data Protection, Feb 2015 Only 4% of breaches were “Secure Breaches” where encryption was used and the stolen data was rendered useless
  • 5. Data Breaches are across all Industries Source: WSJ
  • 6. Hackers & Their Weapons Participants Hackers Hacktivists Criminal Organizations Commercial Vendors State Sponsored Terror Groups Available to Purchase Hacking Tools Zero-day Exploits Credit Card Data eCommerce/Social- Media Credentials Key Participants Eastern Europe Russia China US Latin America Source: RAND National Security Research Division
  • 7. The Cybersecurity Landscape is Vast Source: Momentum Partners
  • 8. Common Threats & Victims Identity Theft Phishing Social Engineering Cyber AttackCyber Extortion When you protect your company, you need to focus on all possible weaknesses. Hackers only need to find one way in…
  • 9. The Corporate Challenge Source: 2015 Verizon DBIR Report; BTIG Security Report – Attack of the Clones Cloud-based Applications Social Networking Virtualization BYOD 83 million software applications today; 141 million by 2017 Stolen or weak credentials involved in 76% of cyber attacks 14% of attacks or exploits are on cloud services, applications, or storage systems Mobile security breaches have affected 65% of global organizations in the last 12 months
  • 10. The Next Generation of Cyber Security Source: BTIG Security Report – Attack of the Clones Legacy Security Companies Next Generation Equivalent Firewall/Intrusion Prevention System Next Generation Network Security Antivirus Next Generation Endpoint/Malicious Detection Web Gateway/URL Filtering Cloud Security & Data Protection Authentication, Authorization & Accounting Identity & Access Management – The New Perimeter Secure Event Management Security Intelligence & Analytics Data Security Data Security, Discovery, Clarification, Control & Intel Data Loss Prevention Inside Threat Protection Governance, Risk Management & Compliance Compliance Automation and Data Governance
  • 11. New Threat Vectors Source: Immuniweb, Symantec Internet Security Threat Report 2015; Crowd Research Partners – Insider Threat Report Social Media Protection While email remains a significant attack vector, 70% of social media scams were manually shared. Advanced Persistent Threats Zero-day exploits are almost impossible to detect and will work 9 out of 10 cases because they have legal, financial and banking industry experts, psychologists, and even ex-law enforcement officers behind them. Insider Threats Privileged users, such as managers with access to sensitive information, pose the biggest insider threat to organizations. This is followed by contractors, consultants, and regular employees. Compromised account credentials, or when someone’s account is hijacked, are also a big part of this risk.
  • 12. New Threat Vectors Internet of Things These hubs, switches, and router are increasingly used to target the network. They have processing, storage, and internet connectivity. Mobile Security & Protection As more users rely on their mobile devices, more spam, scams, and threats are tailored to these devices. Mobile malware such as bootkits will become harder to remove. Critical Infrastructure The most significant trend is the use of malware to compromise supervisory control and data acquisition (SCADA) systems, including Homeless Management Information System (HMIS), historians, and other connected devices. Source: Symantec Internet Security Threat Report 2015; Crowd Research Partners – Insider Threat Report
  • 13. Approaches Over Time 1987-2009 2009-2014 2014 onward 2015 onward Signatures Sandboxes Anomaly Detection Zero-Trust APT Attack Sophistication Level Hammertoss, Black Energy, etc Endpoint Content Network Source: Based on Agari presentation material
  • 14. Modern Security Challenges in the Cloud Challenge: Corporate services are migrating to the cloud Secure Application Access Privileged Access Management Multi-Factor Authentication FirewallsNetwork Access Control SSO Challenge: Dynamic workloads due to multi-tiered apps & virtualization, containers, micro-services, etc. Protect Server to Server Interactions Cloud Workload ManagementMachine Firewalls
  • 15. Modern Security Challenges in the Cloud (cont) Challenge: Employees on websites via HTTP and mail –some malicious Securing Employee to Internet Cloud Policy ManagementCloud Access Security Brokers SaaS Data Encryption Challenge: Rapid development cycles leave little room for security checks Web App Security RASPsWAFs CDNs
  • 16. Emerging Protection for Emerging Threats Insider Threat Detection Machine Learning to Spot Attacks Industrial & Connected Device Security
  • 17. Security Startups Raised $10.9B across 1074 Deals since 2010 Source: Momentum Partners, CB Insights
  • 19. Q&A