---
marp: true
theme: uncover
class:
- lead
- invert
---
# Securing Boring Financial's Hybrid Cloud Journey
## A Unified Approach with Trend Micro
**Jason Davis** | Senior Channel Solutions Engineer Candidate
---
# Top 3 Business Risks
| Risk | Business Impact |
|------|-----------------|
| **Phishing & Credential Theft** | Financial data breach, PCI fines, customer trust |
| **Siloed Visibility** | Delayed threat detection, audit failures, compliance gaps |
| **Ad Hoc Incident Response** | Extended dwell time, ransomware potential, manual errors |
*These aren't just technical problems—they're business risks.*
---
# A Unified Platform Approach
- **Trend Vision One** – XDR + SIEM + Threat Intelligence
- **Trend Cloud One** – Workload security for AWS (EC2, RDS, containers)
- **Trend Email Security** – Stops phishing before it reaches inbox
- **Integrates with existing investments** (CrowdStrike, O365, Okta)
*Single pane of glass across your entire digital estate.*
---
# Architecture Overview
```mermaid
graph TD
subgraph "Boring Financial Environment"
A[AWS
CloudTrail, VPC Flow] -->|Connector| TVO[Trend Vision One]
B[On-prem Firewalls
Cisco] -->|Syslog| TVO
C[CrowdStrike EDR] -->|API| TVO
D[O365 / Okta] -->|API| TVO
TVO --> E[Workbench Automation]
E --> F[AWS Security Groups
Okta Session Revoke]
end
TVO --> G[Compliance Reports
PCI, SOC2]
```
**Key Integration Points:**
- AWS CloudTrail & VPC Flow → real-time threat detection (proven at AWS GovCloud)
- CrowdStrike ingestion → enrich without rip/replace
- Automated playbooks → isolate instances, revoke identities (Python/Ansible ready)
---
# Phased Rollout – Low Risk, High Impact
| Phase | Duration | Activities |
|-------|----------|------------|
| **Phase 1: Quick Wins** | 2 weeks | Deploy Trend Email Security, ingest O365/Okta logs into Vision One |
| **Phase 2: Cloud Workloads** | 4 weeks | Deploy Cloud One agents on EC2, connect AWS accounts |
| **Phase 3: Automation** | 6 weeks | Build custom playbooks (Python/Ansible) for automated response |
*Minimal disruption – we validate in a staging environment first*
*(like the staging I built at Entrust that caught critical errors).*
---
# Measurable Business Outcomes
| Metric | Baseline | Target |
|--------|----------|--------|
| Mean Time to Detect (MTTD) | Days | Hours |
| Mean Time to Respond (MTTR) | Manual, ad hoc | Automated minutes |
| Phishing emails reaching inbox | Current volume | -90% |
| Audit evidence collection | Weeks | Real-time dashboards |
**ROI:** Reduced breach risk, lower compliance costs, faster innovation.
*Based on my work at Verizon and TBX, automation alone cut deployment errors by 35%.*
---
# Why Trend Micro?
| Challenge | Competitors | Trend Advantage |
|-----------|-------------|-----------------|
| **Siloed tools** | Point products (Palo Alto, CrowdStrike alone) | **Unified XDR + SIEM** across cloud, network, email |
| **Integration complexity** | Rip/replace required | **Integrates with existing stack** (CrowdStrike, O365) |
| **Manual response** | Basic SOAR | **AI-powered automation** + custom playbooks (Python/Ansible) |
| **Cloud workload security** | Separate licenses | **Cloud One** built into the platform |
*You keep your investments; we make them work together.*
---
# Proven in Similar Environments
> *"A fintech client reduced breach risk by 70% in 6 months with Trend Vision One – unifying visibility and automating response."*
**Your Next Steps:**
1. **Pilot Program** – Deploy Vision One in your AWS environment (2 weeks)
2. **Architecture Workshop** – Tailor playbooks to your specific risks
3. **Full Rollout** – Phased, measured, supported
**Let's start with a no‑risk proof of concept.**
---