can security & agility co-exist
DESCRIPTION
Can Security & Agility Co-Exist Presentation given at the 2014 Arizona Technology Summit by Scott Carlson, PayPal @relaxed137TRANSCRIPT
![Page 1: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/1.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
Can Security and Agility Co-Exist?Arizona Technology Summit 2014Scott Carlson – PayPal – September 17, 2014
![Page 2: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/2.jpg)
26CURRENCIES SUPPORTED
152MACTIVE REGISTERED ACCOUNTS
203MARKETS OFFER PAYPAL
80LOCALIZED MARKETING SITES
GLOBALLY
EUROPEAN UNIONEURO
AUSTRALIANDOLLAR
CANADIANDOLLAR
NEW ZEALANDDOLLAR
HUNGARIANFORINT
MALAYSIANRINGGIT
UNITED KINGDOMPOUNDS STERLING
HONG KONGDOLLAR
UNITED STATESDOLLAR
TAIWANNEW DOLLAR
CHINESERMB
SWEDISHKRONA
SINGAPOREDOLLAR
PHILIPPINEPESO
BRAZILIANREAL
RUSSIANRUBLE
NORWEGIANKRONE
JAPANESEYEN
MEXICANPESO
TURKISHLIRA
SWISSFRANC
CZECHKORUNA
ISRAELINEW SHEKEL
DANISHKRONE
THAIBAHT
POLISHZLOTY
![Page 3: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/3.jpg)
$1.95B850M
$40.4B $14.7B
152M$55B
Revenue Total20% YoY
TotalTransactions
Merchant Services Payment 35% YoYVolume
Active Accounts
Net Total Payment29% YoYVolume
Volume
Marketplaces Payment
Q2 2014 Results
![Page 4: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/4.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
Compliant with PCI-DSS 2.0 StandardsCompliant with local country regulations
4
Compliance Statement: http://www.visa.com/splisting/viewSPDetail.do?coName=PayPal
![Page 5: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/5.jpg)
5© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
secureIn safe custody or keepingassured; sure; certain; free from or not exposed to danger or harm; safe.
agilequick and well-coordinated in movement; marked by an ability to think quickly; intellectual acuity
http://www.dictionary.com
![Page 6: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/6.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
6
@ http://xkcd.com used with permission under Creative commons License
![Page 7: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/7.jpg)
7© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
secureIn safe custody or keeping assured; sure; certain; free from or not exposed to danger or harm; safe.
preventBe patched, be compliant, be hardened, be layered, don’t let data leave your network
detect Log it all; parse it all; sesame street logic; leave no stone unturned
respondQuarantine; active defense; mitigate; high priority patches; bug fixes; block ports; kill data streams; sever connections
![Page 8: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/8.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
8
@ http://xkcd.com used with permission under Creative commons License
“Cyber Attack”
http://www.digitalattackmap.com
![Page 9: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/9.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
9
“Cyber Attack”
http://www.digitalattackmap.com
![Page 10: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/10.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
10
![Page 11: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/11.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
11
http://hackmageddon.com/2014/07/07/june-2014-cyber-attacks-statistics/
![Page 12: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/12.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
12
http://www.geekherocomic.com used with permission under Creative commons License
![Page 13: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/13.jpg)
13© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
agilequick and well-coordinated in movement; marked by an ability to think quickly; intellectual acuity
washConsider everything dirty; examine it; spray the bad parts; clean it; use machines to do the dirty work
rinseRun traffic over it; verify assumptions; send it back to the wash if needed; deliver to customer; use it yourself
repeatCheck you work; check new versions; talk to new people; find all of the new and exciting ways people are doing things
![Page 14: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/14.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
14
http://www.lynnecazaly.com - used with permission
![Page 15: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/15.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
15
@ http://xkcd.com used with permission under Creative commons License
![Page 16: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/16.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
16
Compliant≠
Secure
![Page 17: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/17.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
17
Agile≠
Risky
![Page 18: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/18.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
18
Secure is nota permanent
state
![Page 19: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/19.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
19
Security can not work effectively unless you
have Agility
![Page 20: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/20.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
20
debate… decide…deliver
secure
![Page 21: Can Security & Agility Co-Exist](https://reader033.vdocuments.us/reader033/viewer/2022060119/559055691a28ab213e8b4593/html5/thumbnails/21.jpg)
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
For more information, please contact:
Scott Carlson@[email protected]