O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

The Evolving Practice of Security

41 visualizações

Publicada em

Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/2JE123h.

Michael Brunton-Spall talks about practices that are evolving in the security space, and how developers and security can collaborate more with new and modern practices. Filmed at qconlondon.com.

Michael Brunton-Spall is an independent Cybersecurity consultant, working for the UK Government. He is a former Deputy Director with the Cabinet Office, where he headed up Technology and Operations for the Government Digital Service as well as being head of Cybersecurity.

Publicada em: Tecnologia
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

The Evolving Practice of Security

  1. 1. Michael Brunton-Spall Bruntonspall Ltd The evolving practice of security
  2. 2. InfoQ.com: News & Community Site Watch the video with slide synchronization on InfoQ.com! https://www.infoq.com/presentations/ security-best-practices • Over 1,000,000 software developers, architects and CTOs read the site world- wide every month • 250,000 senior developers subscribe to our weekly newsletter • Published in 4 languages (English, Chinese, Japanese and Brazilian Portuguese) • Post content from our QCon conferences • 2 dedicated podcast channels: The InfoQ Podcast, with a focus on Architecture and The Engineering Culture Podcast, with a focus on building • 96 deep dives on innovative topics packed as downloadable emags and minibooks • Over 40 new content items per week
  3. 3. Purpose of QCon - to empower software development by facilitating the spread of knowledge and innovation Strategy - practitioner-driven conference designed for YOU: influencers of change and innovation in your teams - speakers and topics driving the evolution and innovation - connecting and catalyzing the influencers and innovators Highlights - attended by more than 12,000 delegates since 2007 - held in 9 cities worldwide Presented at QCon London www.qconlondon.com
  4. 4. Michael Brunton-Spall Bruntonspall Ltd Michael Brunton-Spall He/His/Him michael@bruntonspall.com https://tinyletter.com/cyberweekly
  5. 5. Michael Brunton-Spall Bruntonspall Ltd Why is security evolving Where we’ve come from Where we are going
  6. 6. Michael Brunton-Spall Bruntonspall Ltd How to rethink security practices in organisations
  7. 7. Michael Brunton-Spall Bruntonspall Ltd Some Context
  8. 8. 08/05/2019 6 Michael Brunton-Spall Bruntonspall Ltd 2005
  9. 9. 08/05/2019 7 Michael Brunton-Spall Bruntonspall Ltd 2010
  10. 10. 08/05/2019 8 Michael Brunton-Spall Bruntonspall Ltd 2013
  11. 11. 08/05/2019 9 Michael Brunton-Spall Bruntonspall Ltd 20182018
  12. 12. Michael Brunton-Spall Bruntonspall Ltd Maginot Line
  13. 13. Michael Brunton-Spall Bruntonspall Ltd 1930 France “We’d really like the Germans not to invade”
  14. 14. Michael Brunton-Spall Bruntonspall Ltd
  15. 15. Michael Brunton-Spall Bruntonspall Ltd
  16. 16. Michael Brunton-Spall Bruntonspall Ltd In WW1, they came slowly overland and built trenches
  17. 17. Michael Brunton-Spall Bruntonspall Ltd
  18. 18. Michael Brunton-Spall Bruntonspall Ltd The Germans had invented Blitzkrieg “Lightning Strike” which simply went around
  19. 19. Michael Brunton-Spall Bruntonspall Ltd
  20. 20. Michael Brunton-Spall Bruntonspall Ltd The French were fighting a war from 1920 against an adversary using 1939 techniques
  21. 21. Michael Brunton-Spall Bruntonspall Ltd The evolution of compute
  22. 22. Michael Brunton-Spall Bruntonspall Ltd
  23. 23. Michael Brunton-Spall Bruntonspall Ltd From on premise to cloud
  24. 24. Michael Brunton-Spall Bruntonspall Ltd Physical machine
  25. 25. Michael Brunton-Spall Bruntonspall Ltd Remote hosted machine
  26. 26. Michael Brunton-Spall Bruntonspall Ltd Virtual machines in a data center
  27. 27. Michael Brunton-Spall Bruntonspall Ltd Virtual machines at scale
  28. 28. Michael Brunton-Spall Bruntonspall Ltd Side note: Wardley Mapping
  29. 29. Michael Brunton-Spall Bruntonspall Ltd
  30. 30. Michael Brunton-Spall Bruntonspall Ltd
  31. 31. Michael Brunton-Spall Bruntonspall Ltd
  32. 32. Michael Brunton-Spall Bruntonspall Ltd Why Wardley Maps?
  33. 33. Michael Brunton-Spall Bruntonspall Ltd We can see changing landscapes
  34. 34. Michael Brunton-Spall Bruntonspall Ltd We can discuss strategies
  35. 35. Michael Brunton-Spall Bruntonspall Ltd A map isn’t reality, it’s just an abstraction
  36. 36. Michael Brunton-Spall Bruntonspall Ltd Things evolve
  37. 37. Michael Brunton-Spall Bruntonspall Ltd As servers move from physical to virtual, single to multiple, practice evolves
  38. 38. Michael Brunton-Spall Bruntonspall Ltd Coevolution of product and practice
  39. 39. Michael Brunton-Spall Bruntonspall Ltd
  40. 40. Michael Brunton-Spall Bruntonspall Ltd
  41. 41. Michael Brunton-Spall Bruntonspall Ltd
  42. 42. Michael Brunton-Spall Bruntonspall Ltd From pets to cattle
  43. 43. Michael Brunton-Spall Bruntonspall Ltd How do we administer servers?
  44. 44. Michael Brunton-Spall Bruntonspall Ltd Worries about hard drives, CPU’s, power etc
  45. 45. Michael Brunton-Spall Bruntonspall Ltd Cloud providers give us abstractions
  46. 46. Michael Brunton-Spall Bruntonspall Ltd
  47. 47. Michael Brunton-Spall Bruntonspall Ltd We stop worrying about whether a hard drive fails in a server
  48. 48. Michael Brunton-Spall Bruntonspall Ltd This results in changing operations practice
  49. 49. Michael Brunton-Spall Bruntonspall Ltd DevOps, SRE
  50. 50. Michael Brunton-Spall Bruntonspall Ltd This results in different developer consumption of operations
  51. 51. Michael Brunton-Spall Bruntonspall Ltd Kubernetes, Serverless
  52. 52. Michael Brunton-Spall Bruntonspall Ltd What does this mean for security?
  53. 53. Michael Brunton-Spall Bruntonspall Ltd How we think about security has to change
  54. 54. Michael Brunton-Spall Bruntonspall Ltd Security practices are evolving
  55. 55. Michael Brunton-Spall Bruntonspall Ltd
  56. 56. Michael Brunton-Spall Bruntonspall Ltd Traditional security is about assurance
  57. 57. Michael Brunton-Spall Bruntonspall Ltd Where will my data sit
  58. 58. Michael Brunton-Spall Bruntonspall Ltd Where does the data go
  59. 59. Michael Brunton-Spall Bruntonspall Ltd
  60. 60. Michael Brunton-Spall Bruntonspall Ltd This works when you have individual servers
  61. 61. Michael Brunton-Spall Bruntonspall Ltd This doesn’t work with modern cloud
  62. 62. Michael Brunton-Spall Bruntonspall Ltd This doesn’t work the same with modern cloud
  63. 63. Michael Brunton-Spall Bruntonspall Ltd
  64. 64. Michael Brunton-Spall Bruntonspall Ltd “Skate to where the puck is going, not where it has been” Wayne Gretsky
  65. 65. Michael Brunton-Spall Bruntonspall Ltd Where the puck was yesterday
  66. 66. Michael Brunton-Spall Bruntonspall Ltd What are solved problems?
  67. 67. Michael Brunton-Spall Bruntonspall Ltd Commonly solved the same way
  68. 68. Michael Brunton-Spall Bruntonspall Ltd Productionised processes
  69. 69. Michael Brunton-Spall Bruntonspall Ltd
  70. 70. Michael Brunton-Spall Bruntonspall Ltd SDLC, Assurance of suppliers, network assurance, hardware assurance
  71. 71. Michael Brunton-Spall Bruntonspall Ltd All cloud customers have similar concerns in this area
  72. 72. Michael Brunton-Spall Bruntonspall Ltd Buy don’t Build
  73. 73. Michael Brunton-Spall Bruntonspall Ltd Compliance via certificates ISO27001, CSA, ISO27017, SOC, FISMA, HIPAA …
  74. 74. Michael Brunton-Spall Bruntonspall Ltd Where the puck is today
  75. 75. Michael Brunton-Spall Bruntonspall Ltd
  76. 76. Michael Brunton-Spall Bruntonspall Ltd Continuous Integration, Continuous Deployment, DevOps
  77. 77. Michael Brunton-Spall Bruntonspall Ltd Patching
  78. 78. Michael Brunton-Spall Bruntonspall Ltd How quickly can you patch?
  79. 79. Michael Brunton-Spall Bruntonspall Ltd DevOps
  80. 80. Michael Brunton-Spall Bruntonspall Ltd How secure is your code?
  81. 81. Michael Brunton-Spall Bruntonspall Ltd Code review and Pull requests
  82. 82. Michael Brunton-Spall Bruntonspall Ltd Staff identity and single sign on
  83. 83. Michael Brunton-Spall Bruntonspall Ltd Zero Trust Networking
  84. 84. Michael Brunton-Spall Bruntonspall Ltd
  85. 85. Michael Brunton-Spall Bruntonspall Ltd But where is the puck going?
  86. 86. Michael Brunton-Spall Bruntonspall Ltd
  87. 87. Michael Brunton-Spall Bruntonspall Ltd Adversary thinking
  88. 88. Michael Brunton-Spall Bruntonspall Ltd ATT&CK Framework
  89. 89. Michael Brunton-Spall Bruntonspall Ltd Goals, Restrictions
  90. 90. Michael Brunton-Spall Bruntonspall Ltd No adversary has unlimited funds, time and energy
  91. 91. Michael Brunton-Spall Bruntonspall Ltd Anti Personas
  92. 92. Michael Brunton-Spall Bruntonspall Ltd Han Solo Motivation Han Solo is motivated primarily by money, but also works with the rebel alliance. Han is capable of using common tools as well as modifying existing tools on the fly Han doesn’t want to be caught and so takes an effort to avoid head on confrontations Capabilities Resources: 2/5 Capability: 4/5 Bravery: 2/5 Criminal connections: 3/5 Connections Rebel Alliance, Hutts
  93. 93. Michael Brunton-Spall Bruntonspall Ltd Red Teams
  94. 94. Michael Brunton-Spall Bruntonspall Ltd Internal pentesting
  95. 95. Michael Brunton-Spall Bruntonspall Ltd Threat Hunting
  96. 96. Michael Brunton-Spall Bruntonspall Ltd DevSecOps
  97. 97. Michael Brunton-Spall Bruntonspall Ltd Security as code
  98. 98. Michael Brunton-Spall Bruntonspall Ltd Compliance as Code
  99. 99. Michael Brunton-Spall Bruntonspall Ltd
  100. 100. Michael Brunton-Spall Bruntonspall Ltd Cloud configuration as code
  101. 101. Michael Brunton-Spall Bruntonspall Ltd Pull requests = audit trail
  102. 102. Michael Brunton-Spall Bruntonspall Ltd
  103. 103. Michael Brunton-Spall Bruntonspall Ltd
  104. 104. Michael Brunton-Spall Bruntonspall Ltd AWS System Manager
  105. 105. Michael Brunton-Spall Bruntonspall Ltd Azure Policy
  106. 106. Michael Brunton-Spall Bruntonspall Ltd Final thoughts?
  107. 107. Michael Brunton-Spall Bruntonspall Ltd How to get value from your existing security teams?
  108. 108. Michael Brunton-Spall Bruntonspall Ltd Empathy first
  109. 109. Michael Brunton-Spall Bruntonspall Ltd “Regardless of what we discover, we understand and truly believe that everyone did the best job they could, given what they knew at the time, their skills and abilities, the resources available, and the situation at hand.”
  110. 110. Michael Brunton-Spall Bruntonspall Ltd Michael Brunton-Spall michael@bruntonspall.com https://tinyletter.com/cyberweekly
  111. 111. Watch the video with slide synchronization on InfoQ.com! https://www.infoq.com/presentations/ security-best-practices

×