doesn’t have to be shady - chapters site - homedoesn’t have to be shady bob justus cso &...
TRANSCRIPT
![Page 1: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/1.jpg)
SHADOW IT doesn’t have to be
SHADYSHADY
Bob Justus
CSO & Director GRC Services, Siege Secure
![Page 2: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/2.jpg)
Cloud app
revenue
explosion
2
![Page 3: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/3.jpg)
Cloud app projects
double in 12 months
3
First Half Second Half
2013
x 2x451 Research
![Page 4: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/4.jpg)
4
There are 4,000 enterprise apps
today (and growing).
![Page 5: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/5.jpg)
People love their cloud apps, and for good reason
Anywhere Access
CollaborationProductivity
5
![Page 6: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/6.jpg)
6
Actual:
461
IT estimate:
40-50
Source: Netskope Data
Business
underestimates cloud app usage by
90%
![Page 7: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/7.jpg)
7
Actual:
461
IT estimate:
40-50
Source: Netskope Data
App redundancy
35 HR
26 Storage
18 FinanceThis was controlled
by IT in the past
![Page 8: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/8.jpg)
8
61%Of those surveyed don’t have a or don’t know about their cloud app policy.
17% don’t know
44%don’t have
![Page 9: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/9.jpg)
People love their cloud apps, and for good reason
9
Love doesn’t have to be blind
![Page 10: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/10.jpg)
10
STEP 1:Discover the cloud
apps running in your
enterprise
![Page 11: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/11.jpg)
11
STEP 1:Discover the cloud
apps running in your
enterprise
• 3rd party tools like Netskope can analyze firewall logs (and others) for this information
• Resist the urge to immediately blacklist unsanctioned apps
![Page 12: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/12.jpg)
12
User Location Device
Time
Activity
App
Content
Risk
w/Whom
STEP 2:Understand the context of
usage at a deeper level
![Page 13: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/13.jpg)
13
STEP
3:Plot a course of action based
on risk, usage criticality
![Page 14: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/14.jpg)
14
STEP
3:Plot a course of action based
on risk, usage criticality
• Use an objective criteria for assessing app. The Cloud Controls Matrix from CSA is good start and vendors have taken this to a whole new level.
• After risk, look at usage, including the nature of the content. This will help triage next steps, especially when hundreds of apps are in play.
• Risky usage can be more important than app risk.
![Page 15: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/15.jpg)
STEP
4:
15
Enact a cloud app policy that
people can get behind
![Page 16: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/16.jpg)
16
STEP
4:Enact a cloud app policy that
people can get behind
• Consumerization is a strong force — being too heavy-handed with policy is a recipe for revolt
• Consider what other policies need to be modified
• Be transparent about how you’ll treat unsanctioned apps
• Create an amnesty program for cloud app admins that are embedded in business units
![Page 17: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/17.jpg)
17
STEP
5:Monitor usage, detect
anomalies, conduct forensics
![Page 18: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/18.jpg)
18
STEP
5:Monitor usage, detect
anomalies, conduct forensics
• Use machine learning tools to establish baselines and monitor anomalous behavior in real-time
• Use context to reduce false positives and false negatives
• Establish clear rules for forensic analysis to maintain user privacy while protecting data
![Page 19: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/19.jpg)
19
STEP
6:Identify and prevent the loss
of sensitive data
![Page 20: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/20.jpg)
20
STEP
6:Identify and prevent the loss
of sensitive data
• Rely on tools that are built for analysis of content in the cloud (don’t backhaul data on-premises for analysis)
• Leverage rich context around app, user, time, etc. before you look at the data to help reduce unnecessary analysis
![Page 21: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/21.jpg)
21
STEP
7:Implement security without
breaking business process
![Page 22: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/22.jpg)
22
STEP
7:Implement security without
breaking business process
• Understand app usage and dependencies. Talk to users and find out what they’re doing with these apps
• Stop blocking by default. Think about how stopping a specific behavior (i.e., sharing outside of the company) might be enough
![Page 23: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/23.jpg)
23
STEP
8:Don’t leave users in the dark.
Coach them on safe usage.
![Page 24: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/24.jpg)
24
STEP
8:Don’t leave users in the dark.
Coach them on safe usage.
• Users are acutely aware of how an app should work. If you’re doing something that changes that experience, let them know.
• A little coaching goes a long ways. You’re buying good will.
• Tell them what you’d like them to do instead. Offer alternatives if you’re going to stop something.
![Page 25: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/25.jpg)
4:Enact a cloud app policy that
people can get behind
3:Plot your course of action
based on risk, usage, criticality
2:Understand the context of
usage at a deeper level
8:Don’t leave users in the dark.
Coach them on safe usage.
7:Implement security without
breaking business process
6:Identify and prevent the loss
of sensitive data
5:Monitor usage, detect
anomalies, conduct forensics1:Discover the cloud apps
running in your enterprise
![Page 26: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/26.jpg)
26
The real face of shadow IT is you and me.
Ultimately, this is simply unmanaged risk.
![Page 27: doesn’t have to be SHADY - Chapters Site - Homedoesn’t have to be SHADY Bob Justus CSO & Director GRC Services, Siege Secure. Cloud app revenue explosion 2. Cloud app projects](https://reader030.vdocuments.us/reader030/viewer/2022040405/5e9cd8835759386980702bcd/html5/thumbnails/27.jpg)
Allow is the new block (allow is new block green
light slide)
27