5. Growth of cloud end points
Mainframe
Minicomputer
PC
Desktop/
Internet
Mobile
Internet
1
10
100
1000
10000
100000
1000000
10000000
1950 1960 1970 1980 1990 2000 2010 2020 2030
Devices/Users(millions)
Year
Ref: ITU, Morgan Stanley Research, 2009
- Smartphone
- Tablets
- Car Electronics
-- Mobile Medicine
-- Payment Systems
-- Mobile Banking
- GPS/Navigation
- Mobile Video
- Home Entertainment
- Games
- Home Appliances
11. Top 10 Security Issues
1. Governance
2. Compliance
3. Trust
4. Architecture
5. Identity & Access control
6. Isolation in multi-tenancy
7. Data protection
8. Availability
9. Timely Incidence Response
10. Malware propagation
12. Identified top threats
1. Abuse & Evil Use of Cloud ({I,P}aaS)
2. Insecure Interfaces and APIs ({I,P,S}aaS)
3. Malicious Insiders ({I,P,S}aaS)
4. Shared Technology Issues (IaaS)
5. Data Loss or leakage ({I,P,S}aaS)
6. Account or Service Hijacking ({I,P,S}aaS)
7. Unknown Risk Profile ({I,P,S}aaS)
https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
23. Final Thoughts
Cloud represents important opportunities & challenges
Hybrid models most practical
Security is a challenge
Consider:
– Governance
– Proactive Security
– Collaborate & consolidate expertise
– Security is a continuous skilled process
– TBS – Protection > Detection + Reaction
– Infinite time between failures vs 0 time to recovery
“Don’t bring a knife to a gun fight”