Cyber Security: (Cloud

Security)

Muhammad Ahsan
Chairman Cyber Security @ UMT
School of Systems and Technology

(MSc.EE, USC, Los Angeles, California, USA)

Author: Muhammad Ahsan ©

 What is Cyber Security.
• In computing context it means both security while on internet as well
as physical security….both are used by enterprises to protect against
unauthorized access to data centers and other computerized systems.
• Information security, which is designed to maintain the
confidentiality, integrity and availability of data, is a subset of
cybersecurity.

Author: Muhammad Ahsan ©

Elements of cybersecurity

• Application security
• Information security
• Network security
• Disaster recovery/business continuity planning
• Operational security
• End-user education

Author: Muhammad Ahsan ©

Types of cybersecurity threats…( continuously
changing )

• Ransomware is a type of malware that involves an attacker locking the

victim's computer system files -- typically through encryption -- and
demanding a payment to decrypt and unlock them.
• Malware is any file or program used to harm a computer user, such as
worms, computer viruses, Trojan horses and spyware.
• Social engineering is an attack that relies on human interaction to trick
users into breaking security procedures in order to gain sensitive
information that is typically protected.
• Phishing is a form of fraud where fraudulent emails are sent that resemble
emails from reputable sources; however, the intention of these emails is to
steal sensitive data, such as credit card or login information.
Author: Muhammad Ahsan ©
Operational security five-step
process
• 1. Identify critical information: The first step is to determine exactly what data would be particularly harmful to an
organization if it was obtained by an adversary. This includes intellectual property, employees' and/or customers'
personally identifiable information and financial statements.
• 2. Determine threats: The next step is to determine who represents a threat to the organization's critical information.
There may be numerous adversaries that target different pieces of information, and companies must consider any
competitors or hackers that may target the data.
• 3. Analyze vulnerabilities: In the vulnerability analysis stage, the organization examines potential weaknesses among
the safeguards in place to protect the critical information that leave it vulnerable to potential adversaries. This step
includes identifying any potential lapses in physical/electronic processes designed to protect against the
predetermined threats, or areas where lack of security awareness training leaves information open to attack.
• 4. Assess risks: After vulnerabilities have been determined, the next step is to determine the threat level associated
with each of them. Companies rank the risks according to factors such as the chances a specific attack will occur and
how damaging such an attack would be to operations. The higher the risk, the more pressing it will be for the
organization to implement risk management controls.
• 5. Apply appropriate countermeasures: The final step consists of implementing a plan to mitigate the risks beginning
with those that pose the biggest threat to operations. Potential security improvements stemming from the risk
mitigation plan include implementing additional hardware and training or developing new information governance
policies.
Author: Muhammad Ahsan ©
Information Security overview
• What happens in 60 seconds

Author: Muhammad Ahsan ©

60 seconds
• Sixty seconds is very important term in Information Technology. In just
60 seconds
• 37000 calls are made on Skype
• 90K tweets are done on twitter
• 444 million messages are sent through the WhatsApp
• 79364 posts are published on the walls of facebook!
• 510040 Comments come on the facebook statuses
• 694445 searches are done on Google
• 168 Million emails are sent
Author: Muhammad Ahsan ©
 Are we Safe?

• Computer Viruses so far is responsible for 100 million world wide losses” The Guardian
• Most of the biggest robbery in the world are done without entering the bank premises, or using any
weapons!
• Below are the financial deficit due to financial institutions being HACKED!

Author: Muhammad Ahsan ©

Cloud Computing
• Cloud computing enables companies to consume a compute resource,
such as a virtual machine (VM), storage or an application, as a utility --
just like electricity -- rather than having to build and maintain
computing infrastructures in house.

Author: Muhammad Ahsan ©

Different Cloud Models

Author: Muhammad Ahsan ©

Cloud security controls in the
network
• Modern IT architecture is rapidly evolving, with the cloud and devices
becoming the new anchors for enterprise data. Your move to Office
365 (SaaS) enables rapid collaboration, while Amazon Web Services
(AWS) (IaaS) and Microsoft Azure (IaaS) as well as (PaaS) help your
infrastructure become more responsive and elastic, which drives
unparalleled innovation. However, theft of data or an attacker gaining
entry to your cloud infrastructure can stop innovation in its tracks.
• Implementing cloud security controls in the network requires a
careful balance between protecting points of connectivity while still
making it easy for users to access services.

Author: Muhammad Ahsan ©

 Top Concerns in Cloud Security
• Poor configuration of the cloud can lead to circumvention of internal
policies that classify sensitive data and protect access to it.
• Not all cloud services offer strong authentication, encryption (both in
transit and at rest) and audit logging.
• Failure to isolate a user’s data from other tenants in a cloud
environment together with privacy controls that are not robust
enough to control access.
• Failure to maintain and patch to ensure that known flaws are not
exploited in the cloud service.

Author: Muhammad Ahsan ©

 Cloud Security
Network security looks to cover all relevant security components of the
underlying physical environment and the logical security controls that
are inherent in the service or available to be consumed as a service
(SaaS, PaaS, and laaS). Two key elements need to be drawn out at this
point:

Author: Muhammad Ahsan ©

 Key Elements of Cloud
Security
• Physical environment security ensures that access to the cloud service
is adequately distributed, monitored, and protected by underlying
physical resources within which the service is built.

• Logical cloud security controls for the network consist of link,

protocol, and application layer services.

Author: Muhammad Ahsan ©

Add-on components to enhance
cloud security

• 1. Cryptography ------- Use encryption/de-cryption using keys

Author: Muhammad Ahsan ©

 Data in transit (data in
motion)
Data transiting from an end user endpoint (laptop, desktop, smart
device, and so on) on the Internet to a web-facing service in the
cloud;

Data moving between machines within the cloud (including between

different cloud services), such as between a web virtual machine (VM)
and a database; and

Data traversing trusted and untrusted networks (cloud- and non-

cloud-based environments).
Author: Muhammad Ahsan ©
Using SSL/TLS and IP Sec for
securing data in transit
• The best-known use of cryptography for the data in transit scenario is
secure sockets layer (SSL) and transport layer security (TLS). TLS
provides a transport layer -- encrypted "tunnel" between email
servers or message transfer agents (MTAs), whereas SSL certificates
encrypt private communications over the Internet using private and
public keys.
• IP security (IPSec), which has been used extensively, is a transit
encryption protocol widely used and adopted for virtual private
network (VPN) tunnels; it makes use of cryptography algorithms such
as Triple DES (3DES) and Advanced Encryption Standard (AES).

Author: Muhammad Ahsan ©

Data at Rest

• Data at rest focuses on information or data while stagnant or at rest

(typically not in use) within systems, networks, or storage volumes.
When data is at rest, appropriate and suitable security controls need
to be applied to ensure the ongoing confidentiality and integrity of
information.

• -- Proper encryption needs to be applied.

Author: Muhammad Ahsan ©

Key management

In the old traditional banking environments, two people with keys were
required to open the safe; this led to a reduced number of thefts,
crimes, and bank robberies. Encryption, as with bank processes, should
never be handled or addressed by a single person.
Two approaches used:

Remote Key Management Service (KMS):

Client-Side Key Management:

Author: Muhammad Ahsan ©

Performance Impact of tight security
controls
• When establishing cloud security controls, the selection and testing of
encryption form an essential component prior to ensuring
performance impacts. In some cases, encryption can affect
performance.

• User interface (UI) response times and processor capabilities are up to

a quarter or even half of the processor in an unencrypted
environment.

Author: Muhammad Ahsan ©

 Top 5 Cloud Security Companies.
• Sophos
Established in the year 1985, Sophos is a Security Company that
provides cloud solutions like encryption, firewall, mobile and web
security, etc. Its cloud based console is known as Sophos Central.
• · Features that Sophos offers:
• Sophos Central provides runtime protection against attacks like
ransomware, preventing external DLLs to load, mitigating exploits in
the web, java applications, plugins etc.
• Provides security solutions like web, email, wireless, mobiles,
encryption, web servers etc.
Author: Muhammad Ahsan ©
• SiteLock
Established in the year 2008, SiteLock secures over 12+ million websites
all across the globe. It is a cloud based security solution that protects
websites from malware and other cyber threats.
• · Features that SiteLock offers:
• SiteLock offers website protection by scanning vulnerabilities, detecting
and eliminating malware, backdoors, and against attacks like DDoS, SQLi
& XSS.
• It also offers static & dynamic caching, global CDN (Content Delivery
Network) and load balancing thereby, accelerating and improving
website performance.

Author: Muhammad Ahsan ©

• Proofpoint
Established in the year 2002, Proofpoint is another leading cloud based
security solution providing protection against various cybersecurity threats.
It is a security and compliance company offering cloud based encryption
support and solution.
•
• Features that Proofpoint offers:
• Proofpoint offers SaaS, email, social, attacks from email attachments and
mobile solution from targeted cyber threats.
• It protects sensitive business data through cloud email security, providing
solutions to small business and digital brands.

Author: Muhammad Ahsan ©

• Qualys
Established in the year 1999, Qualys is another secure cloud solutions
provider that offers security to your web and device apps, compliance and
related services. It enables data protection by identifying compromised
assets and securing them.
• Features that Qualys offers:
• Qualys offers end-to-end solutions like Cloud Infrastructure Security, Web
App security, compliance, Endpoint security, DevSecOps etc keeping your
teams in sync with each other.
• Offers security and reliability across public and private clouds, Vulnerability
Management, Threat Protection, File Integrity Monitoring, etc.

Author: Muhammad Ahsan ©

• CipherCloud
Established in the year 2010, CipherCloud is another popular cloud based
security company across the three cloud models – IaaS, PaaS and SaaS. It
helps in protecting your data by monitoring and analyzing it
• Features that CipherCloud offers:
• CipherCloud offers services across various sectors like government,
telecommunication, pharmaceutical firms etc. It protects popular cloud
applications like Google Drive, OneDrive, Dropbox, Office 365 etc.
• Some of the services CipherCloud offers are preventing data loss, cloud
encryption gateway, cloud computing and related security, tokenization
etc.

Author: Muhammad Ahsan ©