eweekchat

Next-Gen Security Trends
JOIN US: This is a chat-based conversation about what SecOps and DataOps admins are looking at to fortify their systems following the huge Solarwinds and FireEye data breaches.
   9 months ago
#eweekchatPredixions/Wild Guesses 2021JOIN US: This is a chat-based conversation about what we predict in terms of IT trends, new products and services in 2021.
   7 months ago
#eweekchatTrends in Data OrchestrationJOIN US: This is a chat-based conversation about how batch processing, while still being used pretty extensively, is nonetheless being eclipsed by newer methods of making data work inside IT systems.
Chris Preimesberger
This has been an outstanding discussion; I know I learned a lot. But let's go off the beaten path for a minute: Q6: Here's a wild card question for
Jed, Bruce and Scott: Tell me something about Delphix, StorMagic and McAfee that I probably don't know?
Bruce Kornfeld
Can I answer for Scott/McAfee? : )

(edited)

Jedidiah Yueh
A6. We have a new feature, called Delphix Live--a magic mount point that enables all the data automation and compliance of the platform.
Scott Howitt
If you have not checked out our new Insights product you should, as a former CISO, I would have loved to have had this tool's dashboard on my office screen all day.
Jedidiah Yueh
A6. Also, with our focus on programmable data infrastructure, we're increasingly used to wire data into toolchains for SRE, DevOps, CI/CD, and AI/ML.
Bruce Kornfeld
A6: At StorMagic, we're seeing increased demand from our edge customers (retails stores, manufacturing sites, smart cities) where storage and security are an even bigger problem than before. They all struggle with protecting/securing data at these small sites.
Jedidiah Yueh
A6. We now protect and ensure compliance for data in Salesforce.com, especially for UAT environments.
http://Salesforce.com
Salesforce.com: The Customer Success Platform To Grow Your Business
Salesforce.com: The Customer Success Platform To Grow Your Business
Personalize every experience along the customer journey with the Customer 360. Unify marketing, sales, service, commerce, and IT on the world's #1 CRM.
Chris Preimesberger
See? This is the way I get news sources!
Jedidiah Yueh
A6. And our continuous and immutable time machine is a superior ransomware solution being used by many industry leading enterprises to close data gaps and enable data observability.
Scott Howitt
@brucekornfeld You are absolutely right, they have a big challenge with a very distributed environment with at very heterogenous hardware stack.
Bruce Kornfeld
A6: We recently installed at an auto parts manufacturer that needed to manage encryption keys from these tiny little sensors that they sell to car manufacturers.
Jedidiah Yueh
A6. In 2020, the increased dependence on digital operations drove incredible demand for Delphix, which pushed us into significantly faster growth AND profitability.
Bruce Kornfeld
@ScottHowitt And these smaller, remote sites have been easy for the central IT/Security teams to ignore........but no longer.
Chris Preimesberger
Q4: All of the following approaches are certainly viable for various data security use cases, but do you see any particular advantages for file, network, cloud, software-defined or container-based security coming in 2021?
Jedidiah Yueh
A4. Data immutability is now here for containers. You can capture full history of data in an immutable time machine and also mask/de-identify data before provisioning to new containers.
Bruce Kornfeld
A4: Containers are happening and moving fast - hypervisors will be a thing of the past at some point. Container-based security becomes really important. (and file, network, cloud will all need to be part of the container solution).
Chris Preimesberger
@jedidiahyueh Containers and security never saw eye-to-eye in the past. A lot has improved since those early days.
Scott Howitt
There are advantages to using something and destroying it when you are done with it and that is much easier to do in the cloud. We struggled to do this in Data Centers. The cost of keeping things in the cloud is a deterrent for the old "save everything" mentality.
Jedidiah Yueh
A4. Agree. Security generally lags innovation.
Bruce Kornfeld
A4: Redhat/IBM recently announced the acquisition of Stackrox - everyone is thinking along the same lines.
Chris Preimesberger
@ScottHowitt Yep. Many people are misled by the cost of access and egress in cloud services.
Scott Howitt
@jedidiahyueh That is an interesting approach. Have you seen this in practice? How hard was it to implement?
Chris Preimesberger
@brucekornfeld What does Stackrox bring to IBM/Red Hat's huge cadre of products?
Scott Howitt
You certainly have to be thoughtful, lift and shift principles will not save you money. You have to totally rethink how your infrastructure and data adjacency works.
Jedidiah Yueh
@scotthowitt A4. Just need a mount point and the rest is automated.
Bruce Kornfeld
Seems like Redhat needed a quick way to shore-up their security strategy for containers/Kubernetes - apparently - security isn't a top focus area for Kubernetes either. Its a wide open playing field for many and will drive more innovation (and acquisitions).
Chris Preimesberger
Q5: What new security devices, software and services might we expect to see in 2021?
John Furrier
To me it has to be credential focus many of the hackers are not hacking but just logging in
Bruce Kornfeld
A5: Software that enables organizations to adopt Zero-Trust architectures. These solutions are really starting to take hold and become more prevalent in the industry.
Jedidiah Yueh
Q5. Data will become increasingly programmable for DataOps and SecOps use cases. Better integrations across tools can reduce risk and improve recoverability.
Scott Howitt
The market for SASE and EDR continues to grow, but I am also seeing some really interesting ML/AI tools come out. They early ones seemed to be a lot of hype but there are now some that really seem to be emerging that have merit.
Jedidiah Yueh
@furrier Are they still hackers if they're just logging in?!
Chris Preimesberger
@furrier Hi, JF! So yo're talking about insider access with bad intentions?
Scott Howitt
@brucekornfeld And it has to be true zero trust. I am seeing too many architects still building admin level access into environments. It really goes against the fundamental principles of ZTA.
Bruce Kornfeld
Agreed, REALLY trust no one - even admins.
Scott Howitt
But I would love to see us get away from what you know and have authentication only based on what you are and what you have.
Chris Preimesberger
@brucekornfeld I only know this because I used to be a television critic, but there used to be a TV show "Who Do You Trust." Johnny Carson was the host. No, I don't remember seeing it, but it appears that NOBODY is perfectly trustworthy anymore.
Scott Howitt
Hey, Frank Abagnale eventually went to work for the good guys!
Chris Preimesberger
Q3: How will we be able to defend all the new attack surfaces we are now using in IoT, edge computing and mobile computing? Especially in this increased WFH environment?
Bruce Kornfeld
A3: Secure the endpoints with encryption and Zero-Trust technologies like biometrics. Implement proper security policies. Treat cybersecurity as a business decision not just an afterthought.
Jedidiah Yueh
A3. As access points proliferate at the edge, it's even more important to safeguard the target data in core systems and environments. Masking and de-identification can reduce the total data at risk by 80%+.
Chris Preimesberger
@jedidiahyueh Masking I get, but can you define de-identification for us, Jed?
Jedidiah Yueh
A3. Have to assume the perimeter will be breached. So defenses inside the data are paramount.
Scott Howitt
It will get harder to secure the device itself. You are going to have to watch the behavior as people are accessing your assets and data. You want to get out of the way when the data is not important and insert yourself when the behavior is not as expected.
Jedidiah Yueh
A3. De-identification is removing the personally identifiable information and replacing it with data that still maintains referential integrity but does not have risk.

(edited)

Bruce Kornfeld
@ScottHowitt Interesting and agreed. Do you know of tools available that can help?
Scott Howitt
@brucekornfeld There are great SASE tools out there that will help watch the behavior of moving in and out of your cloud and SaaS products. TIP tools are also getting better at plugging into tools that will analyze them and predict for your environment.
Chris Preimesberger
We've 4 mins left, how about some final thoughts and perhaps some takeaways you got from this session?
Scott Howitt
Technology is moving so fast you can no longer learn what you need to solely from a book. You need to collaborate with others outside your enterprise to keep yourself up to date.
Chris Preimesberger
Sidebar for Q3: Sounds like we're not going to secure our data well enough unless we have multiple layers (perimeter, network, device, data) of protection. Agree/disagree?
Jedidiah Yueh
A3. Totally agree.
Bruce Kornfeld
A3: Completely agree. This is exactly what makes security professional's jobs so hard!
Scott Howitt
Yep, it has alway been about defense in depth and adapting to changing models
Jedidiah Yueh
A3. Even then we can't stop a hostile nation state from corrupting bad actors that are hired or are granted access.
Chris Preimesberger
Enough prep! Let's get to it ...
Q1: What does the government hack of SolarWinds and FireEye signify in terms of a warning to all DevSecOps admins?
Bruce Kornfeld
A1: The biggest thing this points out is: "be careful of your supply chain"
Scott Howitt
Where before we may have been less vigilant about watching out CI/CD pipelines were set-up, we may have to dig deep to ensure security is built in the process. We also need deep assurance of code signing processes for sensitive products.
Bruce Kornfeld
A1: I know its hard to do and to enforce - but educating all employees about cybersecurity hygiene (not opening suspicious emails, etc...) is paramount
Bruce Kornfeld
@ScottHowitt Agreed, Scott. There are plenty of security technologies available to help - but training and processes are equally (or more) important.
Chris Preimesberger
@ScottHowitt Isn't se urity being built into the silicon and hardware and processes a lot more, now that we know it's effective?
Scott Howitt
We are seeing that some, but a lot of time they can also be updated to keep up with the latest trends and that embedded code can still have vulnerabilities