Assume you’ve been breached: security in the cloud era | #AWSSummit
by Rachel Schramm | Apr 13, 2015
Every business “assumes [it’s] been breached,” said Swaroop Sayeram, Group Product Manager, Cloud & Data Center Security at the Intel Security Group, the question is how to “identify, stop the spread, [and] remediate,” Sayeram stated. He predicted that solving rampant security breeches will require new approaches and collaboration.
A new focus on secure servers
Perimeter-based security measures are no longer up to snuff, asserted Sayeram, since customers are “designing for the cloud and setting up auto-scaling environments.” Security is now the host’s responsibility and server security is becoming paramount. In fact, on Amazon.com, Inc.’s AWS, the “focus is on the servers, not the perimeter [because] all security needs to be in-host in order to get the most from cloud usage,” Sayeram explained.
Server security is focused on “the infrastructure level,” Sayeram said. While AWS gives its customers what he called “physical securities” and “access controls,” it’s the customer that really owns the security. That’s why, he commented “there are so many security vendors at the [AWSSummit] conference.”
Security & Storage
When it comes to security in the storage space, Sayeram explained the he believes there “needs to be a framework that identifies security instances.” Ideal products right now aggregate data from different sources and directions, but Sayeram said that in an ideal world, there would be “an analytics layer” that offers insight into security threats.
Speed and connectivity are of the essence
Sayeram agreed with the common consensus that “security is broken.” That’s partially becomes right now, the tech world has “mostly point solutions,” he continued. While point solutions may work well independently, “you end up with three different vendors that aren’t connected,” Sayeram explained.
Sayeram said he “believes in the security connected strategy.” There’s a “1+1 = 3″ theory behind this approach in which “different pieces of security connect with each other,” he stated. Above all, Sayeram stressed that the point is for customers to quickly understand: “You’re breached. How do you find the damage and fix it?”
The collaborative approach has been made possible because “the industry has matured,” according to Sayeram. Now, different security vendors come together and work as an alliance. They exchange threat information and work well with each other’s solutions. There’s been a realization, said Sayeram, that “if you compete with each other, the bad guys are going to win.”
@theCUBE
#AWSSummit
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS Summit 2015 | San Francisco. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For AWS Summit 2015 | San Francisco
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for AWS Summit 2015 | San Francisco.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS Summit 2015 | San Francisco. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to AWS Summit 2015 | San Francisco
Please sign in with LinkedIn to continue to AWS Summit 2015 | San Francisco. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Swaroop Sayeram, Intel | AWS Summit 2015
Assume you’ve been breached: security in the cloud era | #AWSSummit
by Rachel Schramm | Apr 13, 2015
Every business “assumes [it’s] been breached,” said Swaroop Sayeram, Group Product Manager, Cloud & Data Center Security at the Intel Security Group, the question is how to “identify, stop the spread, [and] remediate,” Sayeram stated. He predicted that solving rampant security breeches will require new approaches and collaboration.
A new focus on secure servers
Perimeter-based security measures are no longer up to snuff, asserted Sayeram, since customers are “designing for the cloud and setting up auto-scaling environments.” Security is now the host’s responsibility and server security is becoming paramount. In fact, on Amazon.com, Inc.’s AWS, the “focus is on the servers, not the perimeter [because] all security needs to be in-host in order to get the most from cloud usage,” Sayeram explained.
Server security is focused on “the infrastructure level,” Sayeram said. While AWS gives its customers what he called “physical securities” and “access controls,” it’s the customer that really owns the security. That’s why, he commented “there are so many security vendors at the [AWSSummit] conference.”
Security & Storage
When it comes to security in the storage space, Sayeram explained the he believes there “needs to be a framework that identifies security instances.” Ideal products right now aggregate data from different sources and directions, but Sayeram said that in an ideal world, there would be “an analytics layer” that offers insight into security threats.
Speed and connectivity are of the essence
Sayeram agreed with the common consensus that “security is broken.” That’s partially becomes right now, the tech world has “mostly point solutions,” he continued. While point solutions may work well independently, “you end up with three different vendors that aren’t connected,” Sayeram explained.
Sayeram said he “believes in the security connected strategy.” There’s a “1+1 = 3″ theory behind this approach in which “different pieces of security connect with each other,” he stated. Above all, Sayeram stressed that the point is for customers to quickly understand: “You’re breached. How do you find the damage and fix it?”
The collaborative approach has been made possible because “the industry has matured,” according to Sayeram. Now, different security vendors come together and work as an alliance. They exchange threat information and work well with each other’s solutions. There’s been a realization, said Sayeram, that “if you compete with each other, the bad guys are going to win.”
@theCUBE
#AWSSummit
