DATA BREACH: MULTIPLIERTHE CLOUD

EFFECT

These slides are part of an on-demand webinar. To watch

the on-demand video with commentary, please visit:

http://www.netskope.com/webinars/data-breach-cloud-multiplier-effect/

3

Cloud App Explosion

4

Driven by individual and

line of business adoption

of cloud and mobile.

2011 2016

$21.2B

$92.8B

SaaS

Rev

enu

e

Forrester

5

There are 5,000 enterprise apps

today (and growing).

6

But this means sleepless nights for IT

But how bad is it?

7

Of respondents don’t think IT is vetting cloud

service security enough before deploying

8

69%

* Includes “unsure” responses

Do you think your cloud service provider would

notify you if they had a data breach?

9

72% of

respondents

said: “NO”

The invisible cloud is troubling to IT

10

The percentage of cloud

services respondents think

they know about22.5 =

Netskope data shows it’s

actually more like 10%

11

Actual:

461

IT estimate:

40-50

85% cloud apps aren’t enterprise-ready

Cloud procurementhappens outside of IT

App redundancy:

• 41 HR

• 27 storage

• 27 finance

Source: Netskope Data

The following are contributors to

the cloud multiplier effect

12

Cloud app

adoption

Mobile and

consumerization

Ease and speed

of data sharing

13

Increase use and

increase probability

If your organization had 100 cloud apps and added 25 more in a 12-month period, you would increase your probability (and expected economic impact) of a data breach by 75%

We looked at 2 data breach types

14

Loss or theft of 100,000 customer records

Theft of high-value information

Baseline cost of a data breach

15

$20.1M $11.8M

Survey respondents said…

11.8% 25.4%probability of this happening in current environment

The probability adjusted estimated

economic impact

11.8% of $20.1 =

$2.37M25.4% of $11.8 =

$2.99M

Effects of cloud on the probability of theft or

loss of 100,000 or more customer records

18

Use of cloud services

(SaaS)

Backup and storage of sensitive and/or

confidential information

Increase use of cloud by 50% in 12 months

19

Use of cloud services

(SaaS)

Backup and storage of sensitive and/or

confidential information

Increase use of cloud by 50% in 12 months

Effects of cloud on the probability of theft of

high-value information

20

124% increase in probability of a data breach

Increase BYOD access of cloud services

Invisible to IT

21

36% of business-critical apps are in the cloud. IT isn’t aware of nearly

half of them.

30% of business information resides in the cloud.

IT doesn't have visibility into more than one third of it.

22

Love doesn’t have to be blind

People love the cloud

23

MEASURE:Discover the cloud

apps running in your

enterprise

24

MEASURE:Discover the cloud

apps running in your

enterprise

• 3rd party tools like Netskope can analyze firewall logs (and others) for this information

• Resist the urge to immediately blacklist unsanctioned apps

25

User Location Device

Time

Activity

App

Content

Risk

w/Whom

ANALYZE:Understand the context of

usage at a deeper level

26

ACT:Take action based on risk,

usage criticality

27

ACT:Take action based on risk,

usage criticality

• Identify business-critical apps. Are they risky?

• If alternatives exist, consolidate users to low-risk apps

• If not, enforce usage and data policies to ensure protect data and ensure compliance

• Monitor key apps for usage and data anomalies, alert on known risky behaviors, and perform periodic forensic analysis

ACT:Take action based on risk, usage

criticality

ANALYZE:Understand the context of app usage at

a deeper level

MEASURE:Discover the cloud apps running in your

enterprise

Granular Context

ONLY NETSKOPE

Any App Any Device

• Cover sanctioned or unsanctioned apps

• API-level understanding

• Cover web-based or native mobile apps

• Covers remote access

• User

• Device, browser

• App risk score

• Time

• Location

• Content

• DLP profile

• Activity

• With whom (sharing)

In Real-time

30

The real face of shadow IT is you and me.

Ultimately, this is simply unmanaged risk.

Allow is the new block (allow is new block green

light slide)

31

SM