CYBER STATE                           Threats, Opportunities and the Future of Cyber Strategy at a National Level         ...
Iftach Ian Amit                  VP Consulting at Security-Art                  16 years in the Security Industry         ...
Agenda                  Review of the current state of Cyber Threats at a national level                  Linking criminal...
Cyber Threats              Locality               Global              Regional                 LocalThursday, December 8, 11
Cyber Threats              Locality     Threat Communities               Global          Criminals              Regional  ...
Cyber Threats              Locality     Threat Communities   Approach Vectors               Global          Criminals     ...
Cyber Threats              Locality     Threat Communities   Approach Vectors               Global          Criminals     ...
Cyber Threats              Locality     Threat Communities   Approach Vectors      Assets               Global          Cr...
Cyber Threats              Locality     Threat Communities   Approach Vectors      Assets               Global          Cr...
Quick Summary:                     Crime and War are                           NOT FAIR                           Deal wit...
CyberCrimeThursday, December 8, 11
A-Symmetrical conflict                  Crime enterprises are operating like global businesses                  Legislatio...
HacktivistsThursday, December 8, 11
Links (crime-hacktivists)?Thursday, December 8, 11
Links (crime-hacktivists)?Thursday, December 8, 11
Links (crime-hacktivists)?Thursday, December 8, 11
Cyber Terrorists                  Much more disperse                       Local                       Regional           ...
Thursday, December 8, 11
Thursday, December 8, 11
Thursday, December 8, 11
Thursday, December 8, 11
Links (crime-hacktivists-                                    terror)Thursday, December 8, 11
Links (crime-hacktivists-                                    terror)Thursday, December 8, 11
Russian                                    Crime                                                     Government           ...
Russian                                    Crime                                                       Government         ...
Russian                                    Crime                                                       Government         ...
Russian                                    Crime                                                       Government         ...
Russian                                    Crime                                                       Government         ...
National Readiness?                  More focus on eGovernance                  Financial systems are still exposed       ...
eGovernance                  Developing outreach is great, efficient and transparent                  Remember to THREAT M...
eGovernance                  Developing outreach is great, efficient and transparent                  Remember to THREAT M...
eGovernance                  Developing outreach is great, efficient and transparent                  Remember to THREAT M...
eGovernance                  Developing outreach is great, efficient and transparent                  Remember to THREAT M...
Public-Private Partnerships                  You don’t own the Internet                  A lot of critical infrastructure ...
Global Partnerships                  Model after the CERT community                  Global intelligence on threat communi...
Strategic Approach                  Start from the basics                       No - advanced offensive capabilities come ...
Strategic Approach                  Offensive capability building                       Coupled with the defensive require...
Questions?                                 Thank you!                                 Iftach Ian Amit                     ...
Upcoming SlideShare
Loading in …5
×

Cyber state

956 views
849 views

Published on

A presentation on the state of cyber security, current threats and opportunities at the national level.
An overview of current readiness analysis for countries, along-with a recommended strategic approach to developing capabilities and partnerships locally, regionally, and globally.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
956
On SlideShare
0
From Embeds
0
Number of Embeds
15
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Cyber state

  1. 1. CYBER STATE Threats, Opportunities and the Future of Cyber Strategy at a National Level Presented for: the Organization of American States Caribbean Telecommunications Union 9th Ministerial Strategic Seminar (Cyber Security)Thursday, December 8, 11
  2. 2. Iftach Ian Amit VP Consulting at Security-Art 16 years in the Security Industry Cyber Defense at the Israeli Air-Force Founding member - the Penetration Testing Execution Standard SME for NATO’s Cyber Commons Strategy 2011 (CCD-COE)Thursday, December 8, 11
  3. 3. Agenda Review of the current state of Cyber Threats at a national level Linking criminal efforts to state interests National readiness - where are we? Creating Cyber Capabilities - the right way eGovernance Partnerships Public-PrivateThursday, December 8, 11
  4. 4. Cyber Threats Locality Global Regional LocalThursday, December 8, 11
  5. 5. Cyber Threats Locality Threat Communities Global Criminals Regional Hacktivists Local TerroristsThursday, December 8, 11
  6. 6. Cyber Threats Locality Threat Communities Approach Vectors Global Criminals Public Internet Regional Hacktivists Communication Infrastructure Local Terrorists Private NetworksThursday, December 8, 11
  7. 7. Cyber Threats Locality Threat Communities Approach Vectors Global Criminals Public Internet Regional Hacktivists Communication Infrastructure Local Terrorists Private NetworksThursday, December 8, 11
  8. 8. Cyber Threats Locality Threat Communities Approach Vectors Assets Global Criminals Public Internet $ Public Regional Hacktivists Communication Opinion Infrastructure Private Critical Local Terrorists Networks InfrastructureThursday, December 8, 11
  9. 9. Cyber Threats Locality Threat Communities Approach Vectors Assets Global Criminals Public Internet $ Public Regional Hacktivists Communication Opinion Infrastructure Private Critical Local Terrorists Networks InfrastructureThursday, December 8, 11
  10. 10. Quick Summary: Crime and War are NOT FAIR Deal with it!Thursday, December 8, 11
  11. 11. CyberCrimeThursday, December 8, 11
  12. 12. A-Symmetrical conflict Crime enterprises are operating like global businesses Legislation is behind ==> more freedom to run fraud Law enforcement success is only at the low-end (small fish) Defensive mechanisms focus on post-infectionThursday, December 8, 11
  13. 13. HacktivistsThursday, December 8, 11
  14. 14. Links (crime-hacktivists)?Thursday, December 8, 11
  15. 15. Links (crime-hacktivists)?Thursday, December 8, 11
  16. 16. Links (crime-hacktivists)?Thursday, December 8, 11
  17. 17. Cyber Terrorists Much more disperse Local Regional International Focus on recruiting Both physical actions, as well as Cyber actionsThursday, December 8, 11
  18. 18. Thursday, December 8, 11
  19. 19. Thursday, December 8, 11
  20. 20. Thursday, December 8, 11
  21. 21. Thursday, December 8, 11
  22. 22. Links (crime-hacktivists- terror)Thursday, December 8, 11
  23. 23. Links (crime-hacktivists- terror)Thursday, December 8, 11
  24. 24. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh 13Thursday, December 8, 11
  25. 25. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by 13Thursday, December 8, 11
  26. 26. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by Customer 13Thursday, December 8, 11
  27. 27. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by Customer Network provider 13Thursday, December 8, 11
  28. 28. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by Customer Network provider 13Thursday, December 8, 11
  29. 29. National Readiness? More focus on eGovernance Financial systems are still exposed Critical Infrastructure is behind a “feel good” solution Capability building is lacking a strategic goal! Lack of Intelligence and correlation of dataThursday, December 8, 11
  30. 30. eGovernance Developing outreach is great, efficient and transparent Remember to THREAT MODEL when providing services Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)Thursday, December 8, 11
  31. 31. eGovernance Developing outreach is great, efficient and transparent Remember to THREAT MODEL when providing services Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)Thursday, December 8, 11
  32. 32. eGovernance Developing outreach is great, efficient and transparent Remember to THREAT MODEL when providing services Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)Thursday, December 8, 11
  33. 33. eGovernance Developing outreach is great, efficient and transparent Remember to THREAT MODEL when providing services Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)Thursday, December 8, 11
  34. 34. Public-Private Partnerships You don’t own the Internet A lot of critical infrastructure and communication is privately owned or privately operated. Symbiotic relationships are a MUST! (See US CyberStorm III) Advantage (state): Access to more raw information, early warning Advantage (private sector): More accessibility, broadening threat community detection and intelligence (readiness)Thursday, December 8, 11
  35. 35. Global Partnerships Model after the CERT community Global intelligence on threat communities Early warning Sample sharing Proactive defense and incident handling Helps to bypass legal/political issuesThursday, December 8, 11
  36. 36. Strategic Approach Start from the basics No - advanced offensive capabilities come LAST! Build an intelligence and correlation infrastructure Early warning, feeds from multiple sources (open and closed) Remember social media! Defense is not a reactive practice. Push forward, place yourself in “enemy” territoryThursday, December 8, 11
  37. 37. Strategic Approach Offensive capability building Coupled with the defensive requirements Focused on what is needed - not what everyone else is using... Working alone == FAIL. Establish partnerships, work on international legislation on crime/war treaties NATO article 5 for the cyber commons?Thursday, December 8, 11
  38. 38. Questions? Thank you! Iftach Ian Amit VP Consulting, Security-Art iamit@iamit.org www.iamit.org/blogThursday, December 8, 11

×