2017 infragard atlanta conference - matthew rosenquist
TRANSCRIPT
Matthew Rosenquist Cybersecurity StrategistJanuary 2017
“We manage security through Leadership and Preparation, otherwise we face Crisis and Desperation”
Cyber and Physical Domains Collide
3
“...If security breaks down, technology breaks down”
Brian KrebsNoted Cybersecurity Reporter
Convergence of Cyber & Physical SecurityPhysical Cyber
Integration of technology blends the risks, requiring a cohesive approach
PR
OC
ES
S
People and Technology
Convergence of Cyber & Physical Security
Protecting People, Property, and Business Assets
Limited Resources and Budgets
Seeking an Optimal Balance of Risk and Cost
Aligned Goals and Challenges
Security, Safety, and Privacy
Innovation and tech adoption Drives Risk Convergence
New technology bridges the virtual and physical worlds, to connect and enrich peoples lives
Convergence without control, places security, safety, and privacy at risk!
OPERATIONAL, INDUSTRIAL, AND VIRTUAL SYSTEMS
GOVERNANCE, TRUST,AND OVERSIGHT SYSTEMS
DATA, INFORMATIONAND CONTROL MECHANISMS
ENDPOINTS, NETWORKS,SERVICES, AND MACHINES
ACCES CONTROL AND IDENTITY
SECURITY, SAFETY, ANDPRIVACY CONTROLS
The 5 most cyber-attacked industries in 2015:1. Healthcare2. Manufacturing3. Financial Services4. Government5. Transportation
Rate of Convergence quickens
11
Industrial Electricity grid taken offline
National oil interest attacked
Life-safety failures at industrial facilities
Supply chain compromises
Cyber Impacting the Physical WorldTransportation
Automobiles remotely controlled by threat researchers
Airplane systems hacked by passengers mid-flight
Undermining autonomous driving
Physical security IP Camera image feeds hijacked
Biometric authentication system fooled
Smart locks hacked
Drones as attack platforms
Privacy Healthcare records theft
Phone conversation surveillance
Email accounts breached
Login accounts compromised
Images, video, and messages stolen
Cyber Impacting the Physical World
Consumer IoT ‘Smart’ home device botnets
Security and safety systems hacked
Personal and home devices manipulated
Ransomware locking devices
Finance SWIFT transaction manipulation
Accounting system compromises
ATM ‘Jack-potting’
Account access and siphoning
Tax and identity fraud
Cyber Impacting the Physical World
Healthcare Emergency care systems
Implantable device vulnerabilities
Medicine delivery systems
Remote medical care
Government Governance/voting manipulation
Asymmetric military attacks
Malware/ransomware of agencies
Political influencing and policy enforcement
Cyber Impacting the Physical World
Future Challenges in Cyber/Physical Security
16
25+ Million Applications
Connected and creating 50x the volume of data
50-200 Billion DevicesConnected to the Internet
$6 trillion Cyber-crime impact
globally by 2021
$3 –$90 trillion Aggregate innovation impact of
cyber-risks
400k New Malware/Day575 million unique
samples of malware exist today
29 countries Have formal cyberwarfare units today
4 Billion Users OnlineUp from 2+ billion today
50 Trillion Gigabytes
Amount of data being created
A World of Targets with Increased Value
Dante's Inferno of Cybersecurity Impacts
18
Denial of Service (Availability)• Access of customers• Availability of data,
systems, & services• DDOS network attacks,
ransom-ware data locking attacks
Data Theft& Exposure (Confidentiality)• ID Theft• Privacy• Data Breach• Transaction data• Database hacks,
skimming, lost storage, keylogging
Monitor & Manipulate (Integrity)• Internal-access
surveillance for advantage
• Tamper/Manipulation• Long-term data
gathering campaign Security Competency
Attacker Innovation
Attacks expand over time, increasing in severity based upon different
technology and usages
Own & Obliterate (C/I/A)• Administrative ownership and control• Capability of unrecoverable obliteration• Strategic attack, undermining of org capability
Security Futures :
19
1. Threats remain equitable to the growth and use of technology
2. Age of massive connectivity drives opportunities for cyber threats
3. Society expectations raise for cyber security, privacy, and safety
4. Tipping points approach: threats to life-safety, cybercrime hyper-growth, offensive cyberwarfare
5. Pendulum swings towards more security, ultimately settles for an optimal balance (regulatory, nation-states, technology innovators/manufacturers)
6. Emerging data, devices, and services are targeted by Threat Agents pursuing their objectives, driven by their specific motivations
Industry Best Practices & Perspectives
20
The Best Organizationsa
Seeks Optimal Risk
Risk management planning
Anticipates impacts
Balance Cost, Risk, & Usability
Adapts to shifting demands
Comprehensive Processes
Security as a continuous cycle
Continuous improvement process
Technology and Behaviors
Obstacles and Opposition
Leads into the Future
Clearly defines success
Plans for a sustainable future
Roles and accountability
Continuously adapting
21
An effective strategy enables operational flexibility while driving cost efficiency and risk manageability
• The goal is to be sustainably secure
• How we operate largely defines our capacity to handle the dynamic nature of cyberattacks
• Adaptation to the evolving threats is therefore a key success trait
• Establishing a comprehensive capability process is the best way to optimize resources for maximum protection against loss
How Can You Be Prepared?
Physical & CyberSecurity Capability
Process
Important Considerations…
24
Smarter vs More
Collaboration across security functions improving effectiveness
Better IT choices & enablement
Properly balancing the risk, cost, and usability constraints
Expectations Drive Change
Society’s expectations shift with pain, impact, and inconvenience
Trust will be valued, demanded
Security, privacy, and controls will align with greater impacts
Controls Must Adapt
Innovation intersecting emerging attacks to keep pace with attackers
Static defenses are easy to defeat
Intelligence, analysis, and actions must feedback to improve systems
Future Technology must be Designed with Security
Smart Security innovation must deliver more capable solutions to keep pace with threats
Ubiquitous Security must protect data wherever it exists or is used, for all parties and devices across the compute landscape
Trusted Technology and security providers must be trustworthy, in the creation and operation of their products
Strong Products and services must be hardened to resist compromise and make security transparent to users
Open Platforms and security standards must be open to promote collaboration and accelerate adoption
Security must be part of the design
for future technology. Adding security after, is no longer sufficient or
sustainable
25
• 1.5-2 million unfilled positions in 2017
• Job postings rose 91% (2010-2014)
• Leaders and engineers in highest demand
• Professional Services, Finance, Defense and Manufacturing are leading sectors
• Finance, Healthcare, and Retail are growing fastest
• ‘Hybrid’ jobs are increasing, contributing to demand
CyberSeek.org – free interactive resource sponsored by NIST, CompTIA, and NICE.
Workforce challenges
Opportunities and Risks
27
1. Understand the exposure and risks of connected technology
2. Staffing qualified personnel to manage the risks
3. Follow cyber best practices
4. Lead. Before the threats gain a significant advantage
ConclusionsCyber and Physical security are converging based upon aligned goals of security, safety, and privacy
Cyber will continue to have an ever greater impact on the physical world
New threat vectors will emerge as advanced technology is integrated
The rise of cyber represents risks and opportunities
Leaders with insights to the future have the best opportunity to align resources and be prepared
“We manage security through Leadership and Preparation, otherwise we face Crisis and Desperation”
…Are you prepared?
