Cyber state
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Cyber state

on

  • 1,038 views

A presentation on the state of cyber security, current threats and opportunities at the national level....

A presentation on the state of cyber security, current threats and opportunities at the national level.
An overview of current readiness analysis for countries, along-with a recommended strategic approach to developing capabilities and partnerships locally, regionally, and globally.

Statistics

Views

Total Views
1,038
Views on SlideShare
1,029
Embed Views
9

Actions

Likes
0
Downloads
12
Comments
0

4 Embeds 9

https://www.linkedin.com 4
http://www.linkedin.com 3
http://paper.li 1
http://a0.twimg.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Cyber state Presentation Transcript

  • 1. CYBER STATE Threats, Opportunities and the Future of Cyber Strategy at a National Level Presented for: the Organization of American States Caribbean Telecommunications Union 9th Ministerial Strategic Seminar (Cyber Security)Thursday, December 8, 11
  • 2. Iftach Ian Amit VP Consulting at Security-Art 16 years in the Security Industry Cyber Defense at the Israeli Air-Force Founding member - the Penetration Testing Execution Standard SME for NATO’s Cyber Commons Strategy 2011 (CCD-COE)Thursday, December 8, 11
  • 3. Agenda Review of the current state of Cyber Threats at a national level Linking criminal efforts to state interests National readiness - where are we? Creating Cyber Capabilities - the right way eGovernance Partnerships Public-PrivateThursday, December 8, 11
  • 4. Cyber Threats Locality Global Regional LocalThursday, December 8, 11
  • 5. Cyber Threats Locality Threat Communities Global Criminals Regional Hacktivists Local TerroristsThursday, December 8, 11
  • 6. Cyber Threats Locality Threat Communities Approach Vectors Global Criminals Public Internet Regional Hacktivists Communication Infrastructure Local Terrorists Private NetworksThursday, December 8, 11
  • 7. Cyber Threats Locality Threat Communities Approach Vectors Global Criminals Public Internet Regional Hacktivists Communication Infrastructure Local Terrorists Private NetworksThursday, December 8, 11
  • 8. Cyber Threats Locality Threat Communities Approach Vectors Assets Global Criminals Public Internet $ Public Regional Hacktivists Communication Opinion Infrastructure Private Critical Local Terrorists Networks InfrastructureThursday, December 8, 11
  • 9. Cyber Threats Locality Threat Communities Approach Vectors Assets Global Criminals Public Internet $ Public Regional Hacktivists Communication Opinion Infrastructure Private Critical Local Terrorists Networks InfrastructureThursday, December 8, 11
  • 10. Quick Summary: Crime and War are NOT FAIR Deal with it!Thursday, December 8, 11
  • 11. CyberCrimeThursday, December 8, 11
  • 12. A-Symmetrical conflict Crime enterprises are operating like global businesses Legislation is behind ==> more freedom to run fraud Law enforcement success is only at the low-end (small fish) Defensive mechanisms focus on post-infectionThursday, December 8, 11
  • 13. HacktivistsThursday, December 8, 11
  • 14. Links (crime-hacktivists)?Thursday, December 8, 11
  • 15. Links (crime-hacktivists)?Thursday, December 8, 11
  • 16. Links (crime-hacktivists)?Thursday, December 8, 11
  • 17. Cyber Terrorists Much more disperse Local Regional International Focus on recruiting Both physical actions, as well as Cyber actionsThursday, December 8, 11
  • 18. Thursday, December 8, 11
  • 19. Thursday, December 8, 11
  • 20. Thursday, December 8, 11
  • 21. Thursday, December 8, 11
  • 22. Links (crime-hacktivists- terror)Thursday, December 8, 11
  • 23. Links (crime-hacktivists- terror)Thursday, December 8, 11
  • 24. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh 13Thursday, December 8, 11
  • 25. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by 13Thursday, December 8, 11
  • 26. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by Customer 13Thursday, December 8, 11
  • 27. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by Customer Network provider 13Thursday, December 8, 11
  • 28. Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by Customer Network provider 13Thursday, December 8, 11
  • 29. National Readiness? More focus on eGovernance Financial systems are still exposed Critical Infrastructure is behind a “feel good” solution Capability building is lacking a strategic goal! Lack of Intelligence and correlation of dataThursday, December 8, 11
  • 30. eGovernance Developing outreach is great, efficient and transparent Remember to THREAT MODEL when providing services Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)Thursday, December 8, 11
  • 31. eGovernance Developing outreach is great, efficient and transparent Remember to THREAT MODEL when providing services Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)Thursday, December 8, 11
  • 32. eGovernance Developing outreach is great, efficient and transparent Remember to THREAT MODEL when providing services Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)Thursday, December 8, 11
  • 33. eGovernance Developing outreach is great, efficient and transparent Remember to THREAT MODEL when providing services Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)Thursday, December 8, 11
  • 34. Public-Private Partnerships You don’t own the Internet A lot of critical infrastructure and communication is privately owned or privately operated. Symbiotic relationships are a MUST! (See US CyberStorm III) Advantage (state): Access to more raw information, early warning Advantage (private sector): More accessibility, broadening threat community detection and intelligence (readiness)Thursday, December 8, 11
  • 35. Global Partnerships Model after the CERT community Global intelligence on threat communities Early warning Sample sharing Proactive defense and incident handling Helps to bypass legal/political issuesThursday, December 8, 11
  • 36. Strategic Approach Start from the basics No - advanced offensive capabilities come LAST! Build an intelligence and correlation infrastructure Early warning, feeds from multiple sources (open and closed) Remember social media! Defense is not a reactive practice. Push forward, place yourself in “enemy” territoryThursday, December 8, 11
  • 37. Strategic Approach Offensive capability building Coupled with the defensive requirements Focused on what is needed - not what everyone else is using... Working alone == FAIL. Establish partnerships, work on international legislation on crime/war treaties NATO article 5 for the cyber commons?Thursday, December 8, 11
  • 38. Questions? Thank you! Iftach Ian Amit VP Consulting, Security-Art iamit@iamit.org www.iamit.org/blogThursday, December 8, 11