TiE Cloud: Breakthroughs in Cloud Security

Tim MatherFebruary 2nd, 2012

2© 2011 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

That’s me (co-author)

3© 2011 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

Definition of “break”

Main Entry: breakPronunciation: \ˈbrāk\Function: verbInflected Form(s): broke \ˈbrōk\; bro·ken \ˈbrō-kən\...Etymology: Middle English breken...Date: before 12th century

transitive verb: to render inoperable; as in<the cloud broke the security technology>

4© 2011 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

5 security technologies ‘broken’ by the cloud

1) Cryptographic Key Management

2) Data Leakage Prevention (DLP)

3) Data Sanitization – remanence

4) Federated Identity Management (FIM)

5) Security Incident & Event Management (SIEM)

5© 2011 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

Cloud security winners and losers: products

Virtual private SaaS• Examples: CipherCloud, Navajo Systems

(recently acquired by Salesforce.com), PerspecSys, and Vaultive

‘Big data’ security platforms• Examples: Red Lambda (proprietary), Splunk

SIEM (security incident and event management)• Examples: multiple vendors

6© 2011 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

Cloud security winners and losers: job roles

Data scientists• Someone needs to be able to query, manipulate

and makes sense of all that ‘big data’

DBAs• NoSQL databases do not have schemas and

do not need DBAs

SysAdmins• Fabric gets humans out of the loop

7© 2011 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

Upcoming ‘food fights’

8© 2011 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

Upcoming ‘food fights’

• Telcos are moving to become CSPs (cloud service providers)

• EU updates the Data Protection Directive (95/46/EC) – and effectively regulates cloud computing (‘Safe Harbor II’)

• ITU-T meeting in Dubai in December – will seek to bring ICAAN under UN control (and probably regulate cloud computing)

• Net neutrality (United States)

• ‘CALEA II’ (United States)