Explore a comprehensive overview of Cloud Access Security Broker (CASB) strategies in this 45-minute conference talk from Louisville InfoSec 2016. Delve into the evolving landscape of cloud security, examining the challenges and risks associated with cloud adoption. Learn about the limitations of traditional blocking methods and discover a more effective six-step approach to addressing cloud risks. Gain insights into risky cloud activities, data exfiltration prevention, threat detection, and user coaching. Compare first-generation and second-generation CASB solutions while understanding how to effectively discover, prevent, enable, and detect security issues in cloud environments.
Overview
Syllabus
Introduction
Cloud Security
The Wave
The Problem
Security Controls
Poll
Addressing at risk
The original strategy
Why blocking doesnt work
How to approach cloud security
National Association of Corporate Directors
How do you access cloud
Risky activities
Date of activity
Proxy data
App activities
Discover the problem
Prevent exfiltration
Enable
Detect
Threat Detection
Coaching Users
First Generation vs Second Generation
