Nava Levy, cVidya's VP SaaS/Cloud Solutions, chaired and spoke at TM Forum's Management World America's 2011 on Racing Ahead of the Competition by Capitalizing on Your Potential to be the Safe and Secure Choice for Cloud at The Race to Cloud Services Summit
Becoming the safe choice for the cloud by addressing cloud fraud & security threats
1. Racing Ahead of the Competition by Capitalizing on Your
Potential to be the Safe and Secure Choice for Cloud
The Race to Cloud Services Summit
Chair: Nava Levy, VP SaaS Cloud Solutions, cVidya Networks
November 9th, 2011
3. Session • Becoming the Safe Choice for Cloud by Addressing
Overview Cloud Fraud & Security Threats
– Nava Levy, VP SaaS/Cloud Solutions, cVidya Networks
• Blind Trust or Dumb Luck - How do you want
customers to choose your cloud service?
– Guy Bejerano, Chief Security Officer, Liveperson
• Managing Through Security Requirements in the Race
to the Cloud
– Mark Weeks, Product Manager - Managed Security Services, Sprint
• Achieving Security Assurance and Compliance in the
Cloud
– Scott Morrison, CSA Council Member, Cloud Security Alliance
• Panel: Addressing the Challenges and Dilemmas of
Securing Cloud Services
– Varun Badhwar, Vice President Products, CipherCloud
Mark Weeks, Sprint; Scott Morrison, CSA;
Guy Bejerano, Liveperson
• Interactive Dialogue between Panelists and Audience
4. Nava Levy, cVidya Networks
With 18 years experience in developing new,
innovative strategic directions, Nava Levy leads
cVidya’s efforts in SaaS/Cloud. Before joining cVidya,
Nava was the Head of SaaS/Cloud Computing Program
at Amdocs and prior to this position played a key role
in developing a new strategic direction for Amdocs
which resulted in their becoming a leader in their
domain, generating hundreds of millions dollars for the
company.
cVidya Networks is a global leader of revenue-
Nava Levy
intelligence solutions. The company’s product Vice President,
portfolio helps service providers maximize margins, SaaS/Cloud Solutions
improve customer experience and optimize
ecosystem relationships through revenue assurance,
fraud, risk, dealer and margin analytics. cVidyaCloud
is its umbrella of On Demand revenue intelligence
solutions. With over 130 customers cVidya has one of
the largest installed bases of revenue-assurance and
fraud-management implementations worldwide.
5. Becoming the safe choice for the cloud by
addressing cloud fraud & security threats
Wednesday, November 9
Nava Levy, VP SaaS/Cloud Solutions, cVidya Networks
6. Cloud Computing is not just a hype…
Huge Market Growing Extremely Disrupting Existing
Potential Fast Markets
• $60B by 2014 • 5 times vs. • Today is dominated
traditional IT! by pureplay SaaS/
Cloud vendors
By 2012 Cloud computing will become so pervasive that 1 out of
5 businesses will own no IT assets at all (Gartner, 2010)
6
7. The number of operators offering
Cloud Services has doubled in 18 months
Oct, 2011
Allows service providers to move up the value chain and avoid
becoming “dumb pipes”
8. However, security remains biggest
barrier to cloud adoption
Forrester's clients have consistently rated
security as their top concern with cloud
computing, ahead of other issues such as
performance and availability.
Source: Forrester, 2011
Security still top concern with
cloud, despite Amazon outage.
Enterprises I speak to are more
concerned about security than they
are about availability, reliability, or
performance.
Source: Gartner, 2011
Source: Survey by Marketing Solutions, 2011
10. What are CSPs strengths & weaknesses
for delivering cloud services?
Strengths Weaknesses
CSPs should Leverage their Strengths to Become the
Safe & Secure Choice for Cloud!
11. Addressing Security Threats
- Mapping the risks
- Impact, likelihood
- Determine the controls and
Risk which risks we can tolerate
Management - Periodical
Security Fraud
Management Management
- Threats - Fraudsters
- Real time defense - Combating and recovering
- Preventing services disruption financial losses
- 24X7 - On going
11
12. Top Threats to Cloud Computing
Percent* Threat Type IaaS PaaS SaaS
28.8% Data Loss or Leakage
17.8% Abuse & Nefarious Use of Cloud
Computing
15.1% Insecure Interfaces and APIs
11.0% Malicious Insiders
9.6% Account or Service Hijacking
9.6% Unknown Risk Profile
8.2% Shared Technology Vulnerabilities
Source: CSA, 2010; *percent per survey
12
13. What’s special about Cloud Security
for Telecom Cloud Providers?
SaaS/Cloud transfers IT
Risk to Cloud Provider
ICT significantly larger
wallet share
Cloud expands risk
potential and type of
threats spectrum
Telco’s role as Cloud
Services Brokerage –
further increases
complexity
Telco’s critical
positioning as trusted
suppliers
13
14. What’s special about Cloud Security
for Telcos? (cont.)
IT Theft of software … leapt 14 percent
globally in 2010 to $59 Billion
5/2011
Internet
Internet crime has affected Millions
…. report demonstrates how
2/2011 pervasive online crime has become…
Telecom Experts estimate annual fraud losses
are $40.1 Billion …. the results
…confirm that telecom fraud remains
10/2011 a lucrative criminal business.
Need to combat Telecom Fraud, Software Theft and
CyberCrime Combined!
14
15. Cloud Security – Risk Assessment
Cloud computing has "unique attributes that
require risk assessment in areas such as data
integrity, recovery, and privacy, and an evaluation of
legal issues in areas such as e-discovery, regulatory
compliance, and auditing,"
15
17. Integrated approach to Risk and Fraud
and Security management is needed
Risk
Management
Security Fraud
Management Management
With a comprehensive and integrated approach to
addressing Cloud security threats, Telcos are well
17
positioned to become the safe choice for cloud