CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - Andre Durand
5 likes•1,695 views
This document introduces a new identity security system called Sierra Border Security V1.0. It discusses how the assumptions around internet and enterprise security have changed over time as the perimeter has expanded with new technologies. The key challenges mentioned are that identity is now too weak and disconnected to protect organizations at scale. The proposed new system aims to evolve authentication beyond single-factor to continuous multi-factor authentication using standards-based interactions. It will leverage big data and intelligence for dynamic access control and move to identity-based security definitions.
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - Andre Durand
- 4. “WE DIDN’T FOCUS ON HOW YOU COULD WRECK THE SYSTEM INTENTIONALLY” Vinton G. Cerf
- 5. $100 BILLION Estimated loss in US per annum due to cybercrimeTHE INTERNET “THEY THOUGHT THEY WERE BUILDING A CLASSROOM AND IT TURNS OUT THEY BUILT A BANK.” Abbate
- 6. SECURITY WASN’T EVEN A GOAL
- 7. UNFORTUNATE TRUTH ATTACKS SECURITY Ubiquitous Internet New Vulnerabilities Market for Identity Success & Profits 30 Million Bots Insider Recruitment Organization
- 8. WHAT IF OUR PERIMETER NO LONGER DEFINES OUR PERIMETER?
- 9. THE PERIMETER IS EXPANDING 2007 2008 2009 2010 2011 2012 2013 2014 2015Timeline Software-as-a-Service ENTERPRISE (apps, users, network)
- 10. THE PERIMETER IS EXPANDING 2007 2008 2009 2010 2011 2012 2013 2014 2015Timeline Software-as-a-Service ENTERPRISE (apps, users, network) Smart Mobile Devices
- 11. Infrastructure-as-a-Service 2007 2008 2009 2010 2011 2012 2013 2014 2015Timeline Software-as-a-Service ENTERPRISE (apps, users, network) Smart Mobile Devices THE PERIMETER IS EXPANDING
- 12. “DON’T EVER TAKE DOWN YOUR FENCE UNTIL YOU KNOW THE REASON IT WAS PUT UP.” G.K. Chesterton
- 16. WE’RE BUILDING A HAMSTER TRAIL SECURE TUNNELS TO TRANSMIT AUTHENTICATED USERS
- 17. REDEFINING SECURITY with IDENTITY CORE SECURITY IDENTITY DEFINED SECURITY IDENTITY
- 18. WE’RE ON A JOURNEY TO FULL IDENTITY VISIBILITY
- 19. ANONYMOUS BY DEFAULT IDENTIFIED BY DEFAULT FUTURE PAY EXTRA FOR ANONAMOUS TRANSACTIONS
- 21. ONLY GOOD ACTORS COULD ACCESS THE NETWORK ASSUMPTION #1 1970
- 22. THE PERIMETER IS SECURE ASSUMPTION #2 1970–TODAY
- 23. IDENTITY IS MORE SECURE ASSUMPTION #3 2015
- 24. WHAT WOULD WE DO IF PERIMETER ALREADY BREACHED
- 25. WHAT IF THE RIGHT IDENTITY BECOMES A BAD ACTOR?
- 26. WHAT IF… IDENTITY IS TOO WEAK & TOO DISCONNECTED TO PROTECT US AT SCALE?
- 27. MOVING FORWARD
- 29. TO CONTINUOUS AND CONTEXTUAL MULTI-FACTOR
- 31. micro trust trust a little > trust a little more login > trust a lot > trust a little more trust a little less and so on… TIME OUT / LOGOUTLOGIN > TRUST A LOT > BIG TRUST
- 32. NEED A NEW SYSTEM FOR IDENTITY PROOFING & RESOLUTION
- 33. move beyond STATIC ACCESS CONTROL
- 34. LEVERAGE BIG-DATA & INTELLIGENCE TO ENABLE DYNAMIC ACCESS CONTROL
- 36. THANK YOU
- 37. REGISTER EARLY!