SLIDE 1
Does Your Cloud Solution Look Like a Mushroom? 1: Asset - - PowerPoint PPT Presentation
Does Your Cloud Solution Look Like a Mushroom? 1: Asset - - PowerPoint PPT Presentation
Does Your Cloud Solution Look Like a Mushroom? 1: Asset Identification 2: Identify Risks 3: Countermeasures 4: What risks does solution cause? 5: Costs and Trade-offs 1: Asset Identification 5: Identify Risks? 1: Asset Identification 5:
SLIDE 2
SLIDE 3
5: Identify Risks? 1: Asset Identification
SLIDE 4
5: Identify Risks? 1: Asset Identification
SLIDE 5
5: Identify Risks? 1: Asset Identification
SLIDE 6
5: Identify Risks? 1: Asset Identification
Python Script by François Marier
SLIDE 7
5: Identify Risks? 1: Asset Identification
SLIDE 8
1: Asset Identification 2: Identify Risks 3: Countermeasures 4: What risks does solution cause? 5: Costs and Trade-offs
SLIDE 9
5: Identify Risks? 2: Identify Risks
SLIDE 10
5: Identify Risks? 2: Identify Risks Risk = Likelihood * Impact
SLIDE 11
5: Identify Risks? 2: Identify Risks
Dependency
SLIDE 12
5: Identify Risks? 2: Identify Risks Likelihood Threat Agent Factors
- Skill level
- Motive
- Opportunity
- Size
SLIDE 13
5: Identify Risks? 2: Identify Risks Likelihood Vulnerability Factors
- Ease of discovery
- Ease of exploit
- Awareness
- Intrusion detection
SLIDE 14
5: Identify Risks? 2: Identify Risks Impact Technical Factors
- Loss of confidentiality
- Loss of integrity
- Loss of availability
- Loss of accountability
SLIDE 15
5: Identify Risks? 2: Identify Risks Impact Business Factors
- Financial damage
- Reputation damage
- Non-compliance
- Privacy violation
SLIDE 16
2: Identify Risks The Cloud vs In-House Security Comparisons
SLIDE 17
2: Identify Risks The Cloud vs In-House Security Comparisons
SLIDE 18
2: Identify Risks The Cloud vs In-House Security Comparisons
SLIDE 19
2: Identify Risks Control Lost
SLIDE 20
5: Identify Risks? 2: Identify Risks
SLIDE 21
1: Asset Identification 2: Identify Risks 3: Countermeasures 4: What risks does solution cause? 5: Costs and Trade-offs
SLIDE 22
3: Countermeasures
SLIDE 23
SLIDE 24
3: Countermeasures
- Avoid Commercial
- Use Public-Domain
SLIDE 25
3: Countermeasures
SLIDE 26
3: Countermeasures Hardening VPS's
- Create Multiple Partitions
- Review Password Strategies
- Disable Remote Root Logins
- Harden SSH
SLIDE 27
3: Countermeasures Hardening VPS's
- Disable or Remove Services
- Schedule Backups
- Keep Systems Up to date
- Logging to Off-site
SLIDE 28
3: Countermeasures Hardening VPS's
SLIDE 29
3: Countermeasures Hardening VPS's
SLIDE 30
3: Countermeasures Hardening VPS's
SLIDE 31
SLIDE 32
3: Countermeasures Break Your System
SLIDE 33
1: Asset Identification 2: Identify Risks 3: Countermeasures 4: Risks that solution causes 5: Costs and Trade-offs
SLIDE 34
4: Risks that solution causes New Risks
SLIDE 35
4: Risks that solution causes New Risks
SLIDE 36
4: Risks that solution causes
New Risks
>
SLIDE 37
4: Risks that solution causes New Mitigated
SLIDE 38
1: Asset Identification 2: Identify Risks 3: Countermeasures 4: Risks that solution causes 5: Costs and Trade-offs
SLIDE 39
5: Costs and Trade-offs Establish Value Loss of Convenience
SLIDE 40
5: Costs and Trade-offs Staying on Top
SLIDE 41
Resource Compilation
- Cloud Security Assessment
- Automation
- Security Focused Facility
- In-house Cloud Planning
SLIDE 42