Top Banner
Incident Response In the Cloud
35

Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Jan 29, 2016

Download

Documents

Evangeline Anderson

fatal cloud security

title incident responsein

alerting mechanisms31practise

notification rules

disclosure rules

ir requirements

ir principles18engage

media stories bbc

Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Incident ResponseIn the Cloud

Page 2: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

CEO of BH Consulting – Independent Information Security Firm

Founder & Head of IRISSCERT – Ireland’s first Computer Emergency Response Team

Special Advisor on Internet Security Europol's CyberCrime Centre (EC3)

Adjunct Lecturer at University College Dublin

Expert Advisor to European Network & Information Security Agency (ENISA)

Regularly comments on media stories – BBC, Forbes, Bloomberg, FT, Guardian, Sunday Times

Who Am I?

Page 3: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Business View of Cloud Computing

Page 4: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Vendors’ View of Cloud Computing

Page 5: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Security View of Cloud Computing

Page 6: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Stuff Happens

Page 7: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Cloud Security Alliance’s Notorious Nine

Data Breaches

Data Loss Account Hijacking

Insecure APIs

Denial of Service

Malicious Insiders

Abuse of Cloud

Services

Insufficient Due

Diligence

Shared Technology

Issues

Most Severe

Least Severe

Source: https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf

Page 8: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Cloud Security Breaches

Page 9: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Fatal Cloud Security Breaches

Page 10: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Traditional Incident Response

Detect

Contain

Eradicate

Remediate

Recover

Review

Communicate

Page 11: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Traditional Incident Response

Page 12: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Cloud Incident Response

Page 13: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Cloud Incident Response – Acquiring Evidence

Page 14: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Where Are Your Data?

Page 15: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.
Page 16: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Change of Mindset

Page 17: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Change of Mindset

Page 18: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Same IR Principles

Detect

Contain

Eradicate

Remediate

Recover

Review

Communicate

Page 19: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Engage Early with the Business

Page 20: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Ensure IR Requirements in T&Cs

Page 21: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Establish Team

Information Security Operations Human

Resources Legal Public Relations

Facilities Management CSP

Page 22: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Establish Relationships

Page 23: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Agree Roles & Responsibilities

Page 24: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Agree Policies & Procedures

Page 25: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Agree Jurisdictional Issues

Page 26: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Agree Disclosure Rules

Page 27: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Put Notification Rules in Place

Page 28: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Set Up Alerting Mechanisms

Page 29: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Ensure Access to Key Logs

Page 30: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Other Alerting Mechanisms

Page 31: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Other Alerting Mechanisms

Page 32: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Practise, Practise, Practise ….

Page 33: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Agree Testing

Page 34: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Review & Measure

Page 35: Incident Response In the Cloud. CEO of BH Consulting – Independent Information Security Firm Founder & Head of IRISSCERT – Ireland’s first Computer.

Questions

[email protected] @BrianHonan


Related Documents
Ireland’s Woodland heritage

Ireland’s Woodland heritage

Category: Documents
Lolanden 8 - 3010 Leuven - t 016 25 24 15 - Dijledal · BH 2010 x 1,16959 BH vastgelegd in 2011 BH 2011 x 1,14635 BH vastgelegd in 2012 BH 2012 x 1,11002 BH vastgelegd in 2013 BH

Lolanden 8 - 3010 Leuven - t 016 25 24 15 - Dijledal · BH....

Category: Documents
BH Dani - bh

BH Dani - bh

Category: Documents
Tridandi Swami BH Bon -The Founder

Tridandi Swami BH Bon -The Founder

Category: Documents
Guide to Ireland’s Inland Waterways - River Shannon · Ireland’s Inland Waterways – A Glimpse of Ireland’s Inland Waterways. 9 The Royal Canal, on its 146km journey from the

Guide to Ireland’s Inland Waterways - River Shannon ·...

Category: Documents
Ireland’s Competitiveness competitiveness... · Ireland’s Competitiveness Scorecard provides a comprehensive statistical assessment of Ireland's competitiveness performance; and

Ireland’s Competitiveness competitiveness... ·...

Category: Documents
デザインバリエーションは、...2 共通柄のエッジテープについてはお問い合わせください。 BH-001 BH-002 BH-003 BH-004 BH-005 BH-006 BH-103 BH-104 BH-105

デザインバリエーションは、...2...

Category: Documents
Ireland’s Global University - hub.ucd.ie

Ireland’s Global University - hub.ucd.ie

Category: Documents
Ireland’s Emerging Property Needs

Ireland’s Emerging Property Needs

Category: Documents
Brexit Ireland’s Priorities - Home - MerrionStreet Brexit: Ireland’s Priorities Brexit: Ireland’s Priorities 3 The challenges of Brexit The decision of the United Kingdom to

Brexit Ireland’s Priorities - Home - MerrionStreet Brexit:...

Category: Documents
CONSERVING IRELAND’S MARITIME HERITAGE · Human pressures on Ireland’s coastal areas, amenities and resources are immense and increasing. Around 80% of Ireland’s population

CONSERVING IRELAND’S MARITIME HERITAGE · Human pressures...

Category: Documents
Ireland’s Competitiveness Challenge 2018...Ireland’s Competitiveness Challenge uses this information along with the latest research to outline the main challenges to Ireland’s

Ireland’s Competitiveness Challenge 2018...Ireland’s...

Category: Documents