(Community Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web

Progress Till Date : 

  • 300+ check-lists, frameworks & playbooks
  • Platform for comparing security products
  • Task force initiatives to solve specific industry problems
  • Kid’s cyber safety initiatives

Key Discussion Points : 

  • What is Shadow IT?
  • What are the types of Shadow IT?
  • Practical demo using open source tools
  • Controls to manage shadow IT risk

Reason Of Risk : 

  • No standardization
  • Unknown risks
  • Security breaches
  • Data leaks

Types Of Risks :

  • Third party email service
  • Third party applications – whatspp, box
  • Unknown assets
  • Custom applications / individual built applications / scripts
  • Database
  • Cloud Buckets, S3
  • Github ..online code repository
  • Online Free tools / SaaS
  • API
  • Owner change of assets (person has left)
  • Data in non electronical/ Physical forms
  • Shadow accounts/privileges
  • Shared / Leaked / Default / Weak / Written down passwords
  • Backdoors
  • IoT
  • Rogue devices
  • BYOD
  • CCTV – source and data destination; set-top box
  • 3rd party
  • 4th party
  • Supply chain

(PPT) Presentation from the discussion : 

Views: 234

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service