1
Latest Data Threats in the Cloud…And What They Mean to You
• This webinar is being recorded and an on-demand version will be available at the same URL at the conclusion of the webinar
• Please submit questions via the button on the upper left of the viewer• If we don’t get to your question during the
webinar, we will follow up with you via email• Download related resources via the
“Attachments” button above the viewing panel• On Twitter? Join the conversation:
@HOSTINGdotcom, @Vormetric
2
Housekeeping
Agenda
• Introduction• Latest Data Threats in the Cloud• Cloud Security Solutions• Customer Case Study Example• Q&A
• Larry Collins• Product Manager at HOSTING
• responsible for managing the HOSTING Security Services product line
• Andy Kicklighter• Director of Product Marketing at Vormetric,
• Over 25 years of experience
• Previously responsible for bringing to market data center and cloud-based tools and services for start up established companies
• @akicklighter – Twitter
• Enterprise software product management, product marketing and marketing communications leader
• Expertise in IT Security, IT infrastructure, IT Services and cloud
4
Presenters
2016 VORMETRICDATA THREAT REPORT
1114 IT DECISION MAKERSUS (505), UK (101), DE (100), JP (102), AUS(100), MEX (103), BRZ (103)
HealthcareRetail OtherEnterprise
FinancialServices
Enterprises of: $250M+ for US, UK, DE, JP$100M+ for BRZ, MEX, AUS
Polling and Analysis by 451 Research
100%
Government
ENTERPRISES FEEL VULNERABLEAND HAVE GOOD REASONS FOR IT
91% 61%VULNERABLE TO DATA THREATS
9%
61%
22%
8%
NOT VULNERABLESOMEWHATVULNERABLEVERY VULNERABLEEXTREMELY VULNERABLE
HAD A DATA BREACH
RATES OF VULNERABILITY TO DATA THREATS
COMPLIANCE DOES NOT EQUALDATA BREACH PREVENTION
64%46%
BELIEVE COMPLIANCE IS EFFECTIVE AT PREVENTING DATA BREACHES
Compliance does not ensure security”..being compliant does not mean you won’t be breached”
“
“
Garrett BekkerSr. Analyst Enterprise Security, 451 Research
(58% IN THE 2015 REPORT)
RANK COMPLIANCE AS A TOP 3 IT SECURITY SPENDING PRIORITY
Rates of ranking as a Top 3 IT Security Spending Priority 39% - BEST PRACTICES
32% - PARTNERS/CUSTOMERS
46% - COMPLIANCE
46% - REPUTATION AND BRAND PROTECTION
36% - DATA BREACH AVOIDANCE
PUTTING FAITH INTHE WRONG DEFENSES
INCREASES IN IT SECURITY SPENDING PLANS BY CATEGORY
44% - ANALYSIS & CORRELATION TOOLS
48% - NETWORK DEFENSES
40% - DATA IN MOTION DEFENSES
39% - DATA AT REST DEFENSES
… perimeter defenses offer little help defending against multi-stage attacks”
“It’s no longer enough just to secure networks and endpoints”
“
Garrett BekkerSr. Analyst Enterprise Security, 451 Research
… data-at-rest approaches have proven to be effective at protecting the data itself”
“
INCREASES IN SPENDING ON DATA AT REST DEFENSES FELL
47%
2014
39%
2015
44% - END POINT AND MOBILE
SOME ORGANIZATIONSARE GETTING IT RIGHT
58%INCREASING SPENDING ONIT SECURITYTO PROTECT SENSITIVE DATA
NOW MAKE PREVENTING DATA BREACHES A TOP SPENDING PRIORITY
36%
IMPLEMENTING EFFECTIVE DATA SECURITY TOOLS
39% - MULTI-FACTOR AUTHENTICATION
38% - SIEM SYSTEMS
40% - APPLICATION LAYER ENCRYPTION
39% - TOKENIZATION
38% - CLOUD SECURITY GATEWAY
39%
58%
45%
35%
EXECUTIVE MANAGEMENT
CONTRACTOR ACCOUNTS
INTERNAL AND EXTERNALDATA THREATSTHE MOST DANGEROUS INSIDERS (TOP 3 SELECTION)
TOP EXTERNAL THREATS
15% 12%39% 19% 15%CYBER CRIMINALS
HACKTIVISTSCYBER-
TERRORISTS
NATION STATES
COMPETITORS
PRIVILEGED USERS
SERVICE PROVIDER ACCOUNTS
70%
DRAMATIC INCREASE IN RATESOF SENSITIVE DATA USE IN THE CLOUD
USE OF SENSITIVE DATA IN CLOUD ENVIRONMENTS
54%
2015
85%
2016CONCERNS - HIGH
VERY OR EXTREMELY CONCERNED ABOUT SENSITIVE DATA IN
THE CLOUD
DATA SECURITY USAGE - LOW 24%
USING ENCRYPTION TO SAFEGUARD CLOUD
DATA TODAY
TOP CONCERNS FOR DATAWITH ADOPTING CLOUD SERVICES70% – GLOBAL
SECURITY BREACHES /
ATTACKS AT CSP75% – U.S.
66% – GLOBAL73% – U.S.
SHARED INFRASTRUCTURE VULNERABILITIES
66% – GLOBAL LACK OF DATA LOCATION CONTROL70% – U.S.
65% – GLOBAL LACK OF DATA PRIVACY POLICY /
SLA71% – U.S.
64% – GLOBAL CLOUD PRIVILEGED USER
ABUSE/THREATS70% – U.S.
62% – GLOBAL MEETING COMPLIANCE
REQUIREMENTS69% – U.S.
66% ONLINE BACKUP67% ONLINE STORAGE
GLOBAL RATES OF VERY OR EXTREMELY CONCERNED
53% COLLABORATION TOOLS
61% CRM / SOCIAL CRM57% ERP
66% ONLINE ACCOUNTING
51% ONLINE OFFICE SUITES
56% PROJECT / TASK MANAGEMENT
DATA PROTECTION CONCERNSARE HIGH FOR SAAS APPLICATIONS
WHAT CAN CSP’s DO TO INCREASEENTERPRISE CLOUD ADOPTION?
35%DATA
ENCRYPTION IN THE CLOUD
CSP KEY CONTROL
27%EXPOSURE OF
SECURITY MONITORING
DATA
36%
DETAILED PHYSICAL AND IT
SECURITY IMPLEMENTATION INFORMATION
48%
DATA ENCRYPTION IN
THE CLOUD
ENTERPRISE PREMISE KEY
CONTROL
TOP CHANGE FROM LAST YEAR
53%DATA ENCRYPTION IN THE
CLOUD WITH CSP KEY CONTROL
35%2015 2016
RATES OF SENSITIVE DATA USEBY EMERGING TECHNOLOGY TYPE
WHILE CLOUD HAS THE HIGHEST OVERALL ADOPTION, BIG DATA AND IoT ARE ALSO EMERGING QUICKLY AS LOCATIONS WHERE SENSITIVE DATA IS PRESENT
47% - PaaS
33% - IoT
53% - SaaS
50% - BIG DATA
47% - IaaS
85%TOTAL FOR CLOUD
(ALL TYPES)
SENSITIVE DATA USE INCREASESIN BIG DATA ENVIRONMENTS
SENSITIVE DATA MAY RESIDE ANYWHERE
PRIVACY VIOLATIONS - DATA ORIGINATES IN MANY COUNTRIES
41%
42%
40%
37%
33%
SECURITY OF REPORTS THAT MAY INCLUDE SENSITIVE
DATA
LACK OF SECURITYFRAMEWORKS AND CONTROLS
PRIVILEGED USER ACCESS TO PROTECTED DATA
USE OF SENSITIVE DATA IN BIG DATA
31%
2015
50%
2016
TOP 5 CONCERNS
DOUBLE JEOPARDY
BIG DATA IS OFTEN IMPLEMENTED IN
THE CLOUD
TOP 3 SELECTIONS FOR LOSS OF VOLUMES OF SENSITIVE DATA
BIG DATA - U.S. - MORE TO LOSEWITH HIGHEST SENSITIVE DATA USE
30% 27% 21%24% 22% 12%18%U.S. U.K. MEXICOBRAZIL GERMANYAUS JAPAN
IoT THREAT AWARENESS LOWCOMPARED TO CLOUD AND BIG DATAMANY ORGANIZATIONS HAVE STRONG CONCERNS FOR THE SAFETY OF THEIR DATA
29% - IDENTIFYING WHICH DATA IS SENSITIVE
27% - IMPACT OF ATTACKS ON IoT DEVICES
35% - PROTECTING SENSITIVE DATA GENERATED BY IOT30% - PRIVACY VIOLATIONS
28% - PRIVILEGED USER ACCESS TO DATA AND DEVICES
33%ORGANIZATIONS THAT
EXPECT SENSITIVE DATA USE IN IoT
WHAT SHOULDORGANIZATIONS BE DOING
Get a better handle on where organization is using sensitive data – Both internal and external locations
Discover and classify
Use platform solutions that deliver a broad range of data security solutions on a single platform to reduce costs
Data security platforms
Security analytics Use data access monitoring combined with other threat indicators to identify threat activity patterns
Encryption and access control
Use encryption for more than just compliance.Data Center: Consider an Encrypt Everything policyCloud: Encrypt and manage your keys appropriatelyBig Data: Make sure encryption includes access controlIoT: Encrypt on devices, in transit and on the back end
Vormetric Data Security#DefenderOfData
VisionTo Secure the World’s Information
Purpose Protect business assets and brand
Customers1500+ Customers Across 21 Countries17 of Fortune 30 30+ Cloud and Hosting Providers
Global PresenceGlobal Headquarters - San Jose, CA, USAEMEA Headquarters - Reading, United KingdomAPAC Headquarters - Singapore
Data-at-Rest Protection ProductsTransparent Encryption, Application-layer EncryptionTokenization with Dynamic Data MaskingCloud Encryption GatewayProtection for Teradata DatabaseKey Management
HOSTING Cloud SolutionData-at-rest security enabled by Vormetric
Transparent
Encryption
Key Manageme
nt
Transparent
Encryption
Transparent
Encryption
HOSTING Customer Success StoryHealthcare Example / MTE Environment
Implement with Confidence
“In our view, it is a sound practice – irrespective of the HIPAA mandates – to find a best-in-class security solution. With data encryption, I believe it’s essential to be prepared ahead of time, instead of trying to react after there’s been a data breach.”
i i
Carl Mudra, CIO, Delta Dental of Missouri
2016 Vormetric Data Threat Report: Cloud Edition
Vormetric.com -> Resources -> White Papers
24
Q&ALarry Collins | Product Manager, HOSTING
Andy Kicklighter | Director Solution Marketing, Vormetric
For more information about Data Encryption Solutions by HOSTING, please contact our team at 888.894.4678.