SlideShare a Scribd company logo
1 of 59
Download to read offline
-- Smart Sustainable SecuritySmart Sustainable Security --
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
1
“Integrating Cyber & Physical Operations”“Integrating Cyber & Physical Operations”
Dr David E. ProbertDr David E. Probert
VAZAVAZA InternationalInternational
Dr David E. ProbertDr David E. Probert
VAZAVAZA InternationalInternational
…or the Challenging Complexity of…or the Challenging Complexity of
Securing Armenian Cyberspace!...Securing Armenian Cyberspace!...
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
22
Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia
11 –– Background PerspectivesBackground Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies
4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
33
4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
7 – Integration: Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
Background Aims & PerspectivesBackground Aims & Perspectives
•• Smart Security Trends: 2002Smart Security Trends: 2002 –– 20122012
– Smart Security & Cybersecurity have really only become mainstream markets during the
last 10 years with the evolution of Web2.0. Back in the 1990s there were some niche
solutions for Web1.0 with Firewalls & Anti-Virus Tools, but now cybercrime has become a
global threat that all countries & enterprises must ensure protection!
•• Presentation Context:Presentation Context:
– The author has been actively involved with Cybersecurity since the early 1990s, including
projects across Europe, Middle East , Armenia, Georgia & the Americas, So this
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
4
projects across Europe, Middle East , Armenia, Georgia & the Americas, So this
presentation is a personal perspective that focuses upon case studies & “smart security”.“smart security”.
•• The Future 2012+The Future 2012+
– No system can ever be 100% secure either in physical or cyber space, so I propose the
concept of “Smart Sustainable Security” in which the security investment is made in order
to ensure “sustainable”“sustainable” & “continuous”“continuous” enterprise & government operations
…The “Smart Economy” & “Smart Governance” are both ultimately…The “Smart Economy” & “Smart Governance” are both ultimately
dependant upon the integrated security of operations & services.dependant upon the integrated security of operations & services.
4
Cyber Threat Challenges forCyber Threat Challenges for ArmeniaArmenia
1)1) DDoSDDoS Denial of Service “Denial of Service “BotnetBotnet” Attacks” Attacks
2)2) Phishing Scams such as Advance Fee & Lottery ScamsPhishing Scams such as Advance Fee & Lottery Scams
3)3) SpamSpam eMaileMail with malicious intentwith malicious intent
4)4) SQL Database InjectionSQL Database Injection
5)5) XSS CrossXSS Cross--Scripting Java Script AttacksScripting Java Script Attacks
6)6) Personal Identity Theft (ID Theft)Personal Identity Theft (ID Theft)
7)7) Malware, Spyware, Worms, Viruses & TrojansMalware, Spyware, Worms, Viruses & Trojans
8)8) EmbeddedEmbedded SleepingSleeping Software “Zombie Bots”Software “Zombie Bots”
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
5
8)8) EmbeddedEmbedded SleepingSleeping Software “Zombie Bots”Software “Zombie Bots”
9)9) Buffer Overflow AttacksBuffer Overflow Attacks
10)10)Firewall Port ScannersFirewall Port Scanners
11)11)Social Networking “Malware Apps”Social Networking “Malware Apps”
12) WiWi--Fi, Bluetooth & Mobile Network IntrusionFi, Bluetooth & Mobile Network Intrusion
13) KeyloggersKeyloggers –– Hardware and Software VariantsHardware and Software Variants
……New Cyber Threats will emerge as ICT solutions grow smarter!……New Cyber Threats will emerge as ICT solutions grow smarter!
5
Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia
1 – Background Perspectives 22 –– GlobalGlobal Cybersecurity ChallengeCybersecurity Challenge 3 – Cybersecurity Case Studies
4 – Transition to 21st C Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
66
4 – Transition to 21 C Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
7 – Integration: Cyber and Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
““Visualisation of Cyberspace”:Visualisation of Cyberspace”: Global IP “WHOIS” AddressesGlobal IP “WHOIS” Addresses
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
77
…From 20…From 20ththC Physical World To 21C Physical World To 21ststC Cyberspace! ...C Cyberspace! ...
Active Internet Domains:Active Internet Domains: “American IP Registry”“American IP Registry”
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
88
“Outer Galaxies of Cyberspace”“Outer Galaxies of Cyberspace” –– Other IP RegistriesOther IP Registries
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
99
- (1) –
Legal Measures
-- Worldwide Smart Security in Cyberspace!Worldwide Smart Security in Cyberspace! --
- (3) –
Organisational
Structures
- (4) – Capacity Building
- (2) –
Technical
&
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
10
Legal Measures
10
Structures
- (5) – Regional and International Collaboration
&
Procedural
Measures
United Nations/International Telecommunications Union: “United Nations/International Telecommunications Union: “Global Cybersecurity Agenda”Global Cybersecurity Agenda”
Malicious Cybercrime Activity in Global IP CyberspaceMalicious Cybercrime Activity in Global IP Cyberspace
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
1111
Link: www.team-cymru.org
Key: Hilbert Space-Filling
Curve Process
Cyber Attack using GlobalCyber Attack using Global BotnetsBotnets
Friday 20th February, 2009 (c) Dr David E. Probert - www.vaza.com 12Diagram from Wired Magazine
Worldwide “Worldwide “BotBot” Infections:” Infections: 2Q 20102Q 2010
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
1313
Source:Source: MicrosoftMicrosoft –– Security Intelligence ReportSecurity Intelligence Report -- 20102010
ITU: InITU: In--Depth Cybersecurity WorkshopDepth Cybersecurity Workshop –– JamaicaJamaica -- Sept 2010Sept 2010
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
1414
Cybercrimes against Critical Economic SectorsCybercrimes against Critical Economic Sectors
•• Government:Government:
– Theft of secret intelligence, manipulation of documents, and illegal access to
confidential citizen databases & national records
•• Banking/Finance:Banking/Finance:
– Denial of Service attacks against clearing bank network, phishing attacks against
bank account & credit cards, money laundering
•• TelecommsTelecomms/Mobile:/Mobile:
– Interception of wired & wireless communications, and penetration of secure
government & military communications networks
•• Transport/Tourism:Transport/Tourism:
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
15
•• Transport/Tourism:Transport/Tourism:
– Cyber Terrorism against airports, air-traffic control, coach/train transport hubs,
& malicious penetration of on-line travel networks
•• Energy/Water:Energy/Water:
– Manipulation and disruption of the national energy grid & utilities through
interference of the process control network (SCADA)
…Cybersecurity is a Critical National Issue that now requires a Global Response!…Cybersecurity is a Critical National Issue that now requires a Global Response!
15
Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia
1 – Background Perspectives 2 – Global Cybersecurity Challenge 33 –– CybersecurityCybersecurity Case StudiesCase Studies
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
1616
4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
7 – Integrating Cyber & Physical Security 8 –Towards Smart ”Neural Society” 9 – Next Steps for Securing 21stC Armenia
National & Regional Cybersecurity Case StudiesNational & Regional Cybersecurity Case Studies
•• UK Government:UK Government: Cybersecurity Strategy for the UK – Safety, Security & Resilience in Cyberspace
(UK Office of Cybersecurity – June 2009)
•• US Government:US Government: Cyberspace Policy Review – Assuring a Trusted and Resilient Information and
Communications Infrastructure – May 2009
•• Canada:Canada: Canadian Cyber Incident Response Centre (CCIRC) – Integrated within the Strategic
Government Operations Centre (GOC)
•• Australia:Australia: Australian Cybersecurity Policy and Co-ordination Committee (CSPC – Nov 2009), within
the Attorney-General’s Government Dept
•• Malaysia:Malaysia: “Cybersecurity Malaysia” – Mosti : Ministry of Science, Technology & Innovation, and
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
17
•• Malaysia:Malaysia: “Cybersecurity Malaysia” – Mosti : Ministry of Science, Technology & Innovation, and
includes the MyCERT & Training Centre
•• Singapore:Singapore: Cybersecurity Awareness Alliance & the IDA Security Masterplan (Sept 2009) -Singapore
Infocomm Techology Security Authority - SITSA
•• South Korea:South Korea: Korea Internet and Security Agency (KISA – July 2009)
•• Latin America :Latin America : CITEL/OAS has developed regional cybersecurity strategy with dedicated events
•• European Union:European Union: ENISA – European Network and Information Security Agency (Sept2005) tackles
all aspects of cybersecurity & cybercrime for the countries of the European Union and beyond
17
UK Office of CybersecurityUK Office of Cybersecurity –– OCS & CSOCOCS & CSOC
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
1818
US Government :US Government : Office ofOffice of CyberSecurityCyberSecurity (CS&C)(CS&C)
• Following the June 2009, US Government Policy Review, the Department of Homeland
Security (DHS) has responsibility for hosting the “Office of Cybersecurity & Communications”“Office of Cybersecurity & Communications”
(CS&C)(CS&C).. Within this large organisation is the “National Cyber Security Division”National Cyber Security Division” (NCSD):(NCSD):
–– National Cyberspace Response SystemNational Cyberspace Response System
• National Cyber Alert System
• US-CERT Operations
• National Cyber Response Co-ordination Group
• Cyber Cop Portal (for investigation and prosecution of cyber attacks)
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
19
–– Federal Network SecurityFederal Network Security
• Ensuring the maximum security of executive civilian departments and agencies
–– CyberCyber--Risk Management ProgramsRisk Management Programs
• Cyber Exercises: Cyber Storm
• National Outreach Awareness
• Software Assurance Program
….The US Government DHS also has a National Cyber Security….The US Government DHS also has a National Cyber Security CenterCenter (NCSC) which(NCSC) which
is tasked with the protection of the US Government’s Communications Networksis tasked with the protection of the US Government’s Communications Networks
19
Evolving Cybersecurity for US Defence:Evolving Cybersecurity for US Defence:
“The Pentagon’s“The Pentagon’s CyberstrategyCyberstrategy””
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
2020
Canadian Government :Canadian Government : CCIRCCCIRC
• The Canadian Cyber Incident Response Centre (CCIRC) monitors the cyber threat
environment around the clock and is responsible for coordinating the national response to
any cyber security incident. Its focus is the protection of national critical infrastructure
against cyber incidents. The Centre is a part of the Government Operations Centre and a
key component of the government's all-hazards approach to national security and
emergency preparedness.
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
21
• CCIRC works with national and international counterparts to collect, analyze and
disseminate data on cyber threats. The Centre provides analytical releases, as well as a
variety of information products and services specifically for IT professionals and managers
of critical infrastructure and other related industries.
21
Australian Government :Australian Government : CSPCCSPC
• The Cyber Security Policy and Coordination (CSPC) CommitteeCyber Security Policy and Coordination (CSPC) Committee is the
Australian Government committee that coordinates the development of
cyber security policy for the Australian Government. The CSPC Committee:
– Provides whole of government strategic leadership on cyber security
– Determines priorities for the Australian Government
– Coordinates the response to cyber security events
– Coordinates Australian Government cyber security policy internationally.
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
2222
Malaysian Government:Malaysian Government: MOSTiMOSTi
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
2323
Singapore Government :Singapore Government : SITSASITSA
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
2424
South Korea Government:South Korea Government: KISAKISA
KISA = “Korean Internet & Security Agency”
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
2525
European Network and Information Security Agency:European Network and Information Security Agency: ENISAENISA
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
2626
National Cybersecurity Agencies:National Cybersecurity Agencies: Common RolesCommon Roles
CommonCommon roles and responsibilitiesroles and responsibilities for allfor all these national cyber agencies:these national cyber agencies:
Cyber Alerts:Cyber Alerts: Management of the National Response to Cyber Alerts, and Attacks
Education:Education: Co-ordination of National Awareness and Skills Training Programmes
Laws:Laws: Leadership role in the development and approval of new cyber legislation
Cybercrime:Cybercrime: Facilitation for building a National Cybercrime of e-Crime Unit
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
2727
Cybercrime:Cybercrime: Facilitation for building a National Cybercrime of e-Crime Unit
Standards:Standards: Setting the national cybersecurity standards and auditing compliance
International:International: Leadership in the promotion of international partnerships for
Research:Research: Support for research & development into cybersecurity technologies
CriticalCritical Sectors:Sectors: Co-ordination of National Programmes for Critical Infrastructure
....Next we..Next we consider the benefits from integrated physical and cybersecurity!consider the benefits from integrated physical and cybersecurity!
Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia
1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
2828
44 –– TransitionTransition to 21to 21ststC Sustainable SecurityC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
Cyber War StrategiesCyber War Strategies fromfrom Classic Historical Works!Classic Historical Works!
RecommendedRecommended
“Bedtime“Bedtime
Reading”Reading”
forfor
CybersecurityCybersecurity
Specialists!Specialists!
RecommendedRecommended
“Bedtime“Bedtime
Reading”Reading”
forfor
CybersecurityCybersecurity
Specialists!Specialists!
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
2929
…Classic Works on “War” are just as relevant today for Cybersecurity as pre…Classic Works on “War” are just as relevant today for Cybersecurity as pre--2020thth CC…Classic Works on “War” are just as relevant today for Cybersecurity as pre…Classic Works on “War” are just as relevant today for Cybersecurity as pre--2020thth CC
Specialists!Specialists!Specialists!Specialists!
“21“21stst Century Smart Cyber World”Century Smart Cyber World”
•• Open World:Open World: During the last 15 years we’ve evolved from the primitive Internet to the
complex world of Web2.0 mobile & wireless applications
•• Criminals and HackersCriminals and Hackers seek every opportunity to creatively penetrate wired, wireless,
mobile devices, and social networking applications
•• The war against cybercriminalsThe war against cybercriminals requires us to continuously create new cybersecurity
solutions for every conceivable cyber attack
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
30
•• Standards, Architectures and Operational Security PoliciesStandards, Architectures and Operational Security Policies all ensure that the “business
case for cybercriminals” is much less attractive
•• The DMZ Security FirewallsThe DMZ Security Firewalls of the 1990s are now only a partial solution to the protection
of critical information infrastructure on the distributed mobile internet
…….In this presentation we explore the 21…….In this presentation we explore the 21stst World of Smart Security SolutionsWorld of Smart Security Solutions
including their integration with traditional physical security & surveillanceincluding their integration with traditional physical security & surveillance
30
Transition from 20Transition from 20ththC Industrial to 21C Industrial to 21ststC Smart SecurityC Smart Security
•• Cybersecurity 2012Cybersecurity 2012--2022:2022:
– Every country in the world will need to transition from the traditional
20thC culture & policy of massive physical defence to the connected
“neural” 21stC world of in-depth intelligent & integrated cyber defence
•• National Boundaries:National Boundaries:
– Traditional physical defence and geographical boundaries are still
strategic national assets , but they need to be augmented through
integrated cyber defence organisations & assets
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
31
•• Critical National Information Infrastructure:Critical National Information Infrastructure:
– 21stC national economies function electronically, & yet they are poorly
defended in cyberspace, and often open to criminal & political attacks
•• MultiMulti--Dimensional Cyber Defence:Dimensional Cyber Defence:
–– ArmeniaArmenia will need to audit its critical infrastructure – government, banks,
telecommunications, energy, & transport – and upgrade to international
cybersecurity standards based upon “Best Practice” (ISO/IEC – 27xxx).
31
Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia
1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
3232
4 – Transition to 21stC Sustainable Security 55 –– SmartSmart Security: Technology & ProcessSecurity: Technology & Process 6 – Securing Critical National Infrastructure
7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
Smart Security:Smart Security: Technology & OperationsTechnology & Operations
•• “Smart Security”“Smart Security” spans the protection of both physical buildings, staff and cyber
facilities, networks & information assets.
–– Technologies:Technologies: Advanced ICT Security technologies include Biometrics, RFID
Encryption, PKI Authentication, ID Management, DDoS Protection, Malware Detection
–– Operations:Operations: Physical Buildings, Staff and all information & ICT assets need to be
secured through solutions such as RFID tagging, Interactive HD CCTV, movement
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
33
secured through solutions such as RFID tagging, Interactive HD CCTV, movement
detection and other automatic means for asset monitoring & surveillance
–– Critical National Infrastructure Protection (CNIP):Critical National Infrastructure Protection (CNIP): Most national smart security
programmes now focus upon securing critical infrastructure such as banking &
finance, airports & transporation, power stations, military & defence facilities, ICT,
Mobile & telecommunications services & Government Ministries & Parliament.
…In the next sections we’ll explore both CNIP and the Integration of Cyber &…In the next sections we’ll explore both CNIP and the Integration of Cyber &
Physical Security Operations which is the real essence of “Smart Security”Physical Security Operations which is the real essence of “Smart Security”
Smart Technology Example:Smart Technology Example: Biometrics and RFIDBiometrics and RFID
•• BiometricsBiometrics techniques may include:
– Finger and Palm Prints
– Retinal and Iris Scans
– 3D Vein ID
– Voice Scans & Recognition
– DNA Database – usually for Criminal Records
– 3D Facial Recognition
•• RFIDRFID = Radio Frequency ID with applications that include:
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
34
•• RFIDRFID = Radio Frequency ID with applications that include:
– Personal ID Cards for Building, Facility and Secure Room Access
– Tags for Retail Articles as a deterrence to shop lifting
– Powered RFID Tags for Vehicles to open Barriers, Doors, or switch traffic lights
– Plans to used RFID Tags for Perishable Products such as vegetables and flowers
– Asset Tags to manage the movement of ICT Assets such as Laptops, PDA & Storage
...Biometrics & RFID solutions are powerful tools against cybercrime!...Biometrics & RFID solutions are powerful tools against cybercrime!
34
Smart Security Solutions &Smart Security Solutions & ISO StandardsISO Standards
• Securing information and assets in the virtual world of cyberspace
requires the discipline of rigorous operational security solutions and
policies in the real-world according to accepted ISO 27xxx Standards:ISO 27xxx Standards:
– Integrated Command and Control Operations (including fail-over control rooms)
– Business Continuity & Disaster Recovery (for cybercrimes, terrorism & natural disasters)
– Implementation of National, and Enterprise Computer Incident Response Teams (CERTs)
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
35
– Integrated Digital Forensics, eCrime Unit & Cyber Legislation against Cybercrimes
– Traditional Physical Security Defences & Deterrents (including security guards & fences!)
….Many criminal and terrorist attacks are achieved through penetrating….Many criminal and terrorist attacks are achieved through penetrating
some combination of physical and cybersecurity systems. Breaking intosome combination of physical and cybersecurity systems. Breaking into
a physical building may allow a criminal to gain secure ICT zones, anda physical building may allow a criminal to gain secure ICT zones, and
thence to onthence to on--line user accounts, documents & databases…line user accounts, documents & databases…
35
Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia
1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies
4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 66 –– Securing Critical National InfrastructureSecuring Critical National Infrastructure
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
3636
4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 66 –– Securing Critical National InfrastructureSecuring Critical National Infrastructure
7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
Critical Sectors and Infrastructure in CyberspaceCritical Sectors and Infrastructure in Cyberspace
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
3737
Sector Case Study:Sector Case Study: Banks & FinanceBanks & Finance
•• Banks & FinancialBanks & Financial Institutions are prime targets for cybercriminals.
•• AccessAccess to Accounts is usually indirect through phishing scams, infected
websites with malicious scripts, and personal ID Theft.
•• OnOn--Line bank transfersLine bank transfers are also commonly used for international money
laundering of funds secured from illegal activities
•• Instant Money Transfer ServicesInstant Money Transfer Services are preferred for crimes such as the classic
“Advanced Fee Scam” as well as Lottery and Auction Scams
• An increasing problem is CyberCyber--ExtortionExtortion instigated through phishing
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
38
•• National & Commercial BanNational & Commercial Banksks have also been targets of DDOS cyberattacks
from politically motivated and terrorist organisations
•• Penetration Scans:Penetration Scans: Banks are pivotal to national economies and will receive
penetration scans and attempted hacks on a regular basis.
•• OnOn--Line BankingLine Banking networks including ATMs, Business and Personal Banking are
at the “sharp end” of financial security and require great efforts towards end-
user authentication & transaction network security
38
Sector Case Study:Sector Case Study: GovernmentsGovernments
•• Cyber Agencies:Cyber Agencies: Governments such as UK, USA, Malaysia, South Korea and
Australia have all implemented cybersecurity agencies & programmes
•• eGovernmenteGovernment ServicesServices are critically dependant upon strong cybersecurity with
authentication for the protection of applications, and citizen data
•• Compliance Audit:Compliance Audit: All Government Ministries & Agencies should receive in-
depth ICT security audits, as well as full annual compliance reviews
1) National Defence Forces
2) Parliamentary Resources
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
39
2) Parliamentary Resources
3) Land Registry & Planning System
4) Citizen IDs and Passports
5) Laws, Legislations, and Policies
6) Civilian Police, Prisons & National e-Crimes Unit (NCU)
7) National CERT – Computer Emergency Response Team
8) Inter-Government Communications Network
9) eServices for Regional & International Partnerships
10)Establishment of cybersecurity standards & compliance
11)Government Security Training and Certification
39
Cybersecurity Benefits:Cybersecurity Benefits: GovernmentGovernment
• Improved cybersecurity & physical security provides significant short & medium
term benefits to the Government & Critical National Service Sectors including:
–– eGovernmenteGovernment:: Fully secure & cost effective delivery of on-line services to both citizens
and businesses, such as taxes & customs, social welfare, civil & land registries,
passports & driving licences
–– eDefenceeDefence:: Early warning, alerts and defences against cyberattacks through national
CERT (Computer Emergency Response Centre)
–– Cybercrime:Cybercrime: Investigate, Digital Forensics and Prosecution of cybercrimes such ID &
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
40
–– Cybercrime:Cybercrime: Investigate, Digital Forensics and Prosecution of cybercrimes such ID &
Financial Theft, “Computer Misuse, Laundering, On-Line Drug Trafficking &
Pornographic Materials
–– CyberterrorismCyberterrorism:: Ability to assess, predict and prevent potential major cyber terrorist
attacks, and to minimise damage during events
–– Power & Water Utilities:Power & Water Utilities: Prevent malicious damage to control systems
–– Telecommunications:Telecommunications: Top security of government communications with alternative
routings, encryption & protection against cyberattacks
40
Critical Service Sector InfrastructureCritical Service Sector Infrastructure
•• National Strategies:National Strategies: Many countries & regions now consider the threat of
cyber attacks to be high enough to build national cybersecurity strategies.
•• UK Strategy:UK Strategy: As with physical security & defence, these should be annually
updated. For example the UK published its 1st Cybersecurity Strategy (June 2009),
and now an updated UK National Security Strategy (Oct 2010).
•• Every Critical Service SectorEvery Critical Service Sector should be considered in-depth:
– Government (National & Regional)
– Telecommunications/Mobile/ISPs
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
41
– Telecommunications/Mobile/ISPs
– Banking/Financial Services
– Transportation/Airports
– Military/National Defence
– Energy Power Grid & Utilities
– Healthcare & Emergency Services
– Police & Law Enforcement Agencies
...The National Cybersecurity Organisation will include ALL these stakeholders...The National Cybersecurity Organisation will include ALL these stakeholders
& the CERTs will respond to incidents & communicate across ALL sectors& the CERTs will respond to incidents & communicate across ALL sectors
41
Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia
1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
4242
4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
77 –– IntegratingIntegrating Cyber & Physical SecurityCyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
-- Smart Sustainable Security in the Wild!Smart Sustainable Security in the Wild! --
The Sociable Weaver Bird
“World’s largest Bird Nests”
*** Southern Africa ***
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
43Friday 20th February, 2009
•Secure Living Community
•Self-Organising Architecture
•Fully scalable for long term growth
•Supports 250+ Weaver Birds
•Real-Time Disaster Alert System
•Sustainable in Semi-Desert Steppe
•Robust against “Enemy Risks”
such as Eagles, Vultures & Snakes
...all the features of a 21stC-“Cyber Defence Centre”–including Disaster Recovery & Business Continuity!
Cyber:Cyber: Integrated Command & ControlIntegrated Command & Control
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
44
•• Security Operations Command Centre for Global Security Solutions EnterpriseSecurity Operations Command Centre for Global Security Solutions Enterprise•• Security Operations Command Centre for Global Security Solutions EnterpriseSecurity Operations Command Centre for Global Security Solutions Enterprise
44
“Cyber to Physical Attacks”“Cyber to Physical Attacks”
• The illegal penetration of ICT systems may allow criminals to secure
information or “make deals” that facilities their real-world activities:
–– “Sleeping Cyber Bots”“Sleeping Cyber Bots” – These can be secretly implanted by skilled hackers to secure
on-line systems, and programmed to explore the directories & databases, and & then
to transmit certain information – Account & Credit Card Details, Plans, Projects, Deals
–– Destructive “Cyber Bots”Destructive “Cyber Bots” – If cyber-bots are implanted by terrorist agents within the
operational controls of power plants, airports, ports or telecomms facilities then
considerable physical damage may result. A simple “ delete *.*“ delete *.* ” command for the root
directories would instantly wipe out allall files unless the facility has real-time fail-over!
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
45
considerable physical damage may result. A simple “ delete *.*“ delete *.* ” command for the root
directories would instantly wipe out allall files unless the facility has real-time fail-over!
–– Distributed Denial of Service AttacksDistributed Denial of Service Attacks – These not only block access to system, but in
the case of a Banking ATM Network, means that the national ATM network is off-line.
–– National Cyber AttacksNational Cyber Attacks – Many international organisations such as NATO & US DOD
forecast that future regional conflicts will begin with massive cyberattacks to disable
their targets’ physical critical communications & information infrastructure. Clearly it is
important for countries to upgrade their national cybersecurity to minimise such risks
45
Physical:Physical: Integrated CCTV SurveillanceIntegrated CCTV Surveillance
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
4646
•• CCTV Command and Control Operations Centre for Large UK CityCCTV Command and Control Operations Centre for Large UK City•• CCTV Command and Control Operations Centre for Large UK CityCCTV Command and Control Operations Centre for Large UK City
“Physical to Cyber Attacks”“Physical to Cyber Attacks”
• Most “physical to cyber attacks” involve staff, contractors or visitors
performing criminal activities in the “misuse of computer assets”:
–– Theft & Modification of ICT Assets:Theft & Modification of ICT Assets: It is now almost a daily occurrence for critical
information & databases to be either deliberately stolen or simply lost on PCs or Chips
–– Fake Maintenance Staff or Contractors:Fake Maintenance Staff or Contractors: A relatively easy way for criminals to access
secure facilities, particularly in remote regions or developing countries is to fake their
personnel IDs and CVs as being legitimate ICT maintenance staff or contractors
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
47
personnel IDs and CVs as being legitimate ICT maintenance staff or contractors
–– Compromised Operations Staff:Compromised Operations Staff: Sometime operational ICT staff may be tempted by
criminal bribes, or possibly blackmailed into providing passwords, IDs & Access Codes.
–– Facility Guests and Visitors:Facility Guests and Visitors: It is standard procedure for guests & visitors to be
accompanied at all times in secure premises. In the absence of such procedures,
criminals, masquerading as guests or visitors, may install key logger hardware devices or
possibly extract information, plans and databases to USB memory chips, or steal DVDs!
47
Physical:Physical: Computer Automated IndustrialComputer Automated Industrial
Control & Safety SystemsControl & Safety Systems (SCADA)(SCADA)
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
4848
Case Study:Case Study: StuxNetStuxNet WormWorm -- Industrial SCADA SystemsIndustrial SCADA Systems
StuxnetStuxnet WormWorm : 1st Discovered June 2010
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
4949
SCADASCADA = Supervisory Control & Data Acquisition
- Mainly for Power Stations & Industrial Plants -
-- Towards Smart Sustainable SecurityTowards Smart Sustainable Security --
Integrating Physical & Cybersecurity OperationsIntegrating Physical & Cybersecurity Operations
•• Integration:Integration: Physical and Cybersecurity operations should be linked “step-by-step” at
the command and control level in the main government or enterprise operations centre.
•• Physical SecurityPhysical Security for critical service sectors such as governments, airports, banks,
telecommunications, education, energy, healthcare and national defence should be
included within the strategy and policies for Cybersecurity and vice versa.
•• Upgrades:Upgrades: In order to maximise security, Government and Businesses need to upgrade
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
50
•• Upgrades:Upgrades: In order to maximise security, Government and Businesses need to upgrade
and integrate resources & plans for both physical & cybersecurity during the next years.
•• Audit and ComplianceAudit and Compliance :: Investments in establishing and upgrading cybersecurity
defences means that all physical security and associated operational staff should also be
reviewed for compliance with government policies, & audited to international standards
•• Smart Roadmap:Smart Roadmap: I’d recommend developing a focused smart security action plan and
roadmap (Physical & Cyber) for each critical sector across Government & Major Enterprises
50
Smart Sustainable Security:Smart Sustainable Security: Armenia’s Coat of ArmsArmenia’s Coat of Arms
Cyber WorldCyber WorldCyber WorldCyber WorldCyber WorldCyber WorldCyber WorldCyber World == EagleEagleEagleEagleEagleEagleEagleEagle
((((((((ArtaxiadArtaxiadArtaxiadArtaxiadArtaxiadArtaxiadArtaxiadArtaxiad &&&&&&&& ArsacidArsacidArsacidArsacidArsacidArsacidArsacidArsacid))))))))
Physical WorldPhysical WorldPhysical WorldPhysical WorldPhysical WorldPhysical WorldPhysical WorldPhysical World == LionLionLionLionLionLionLionLion
((((((((BagratuniBagratuniBagratuniBagratuniBagratuniBagratuniBagratuniBagratuni &&&&&&&& RubenidRubenidRubenidRubenidRubenidRubenidRubenidRubenid))))))))
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
51
Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:
Feather Pen (Feather Pen (Culture & IntelligenceCulture & Intelligence), Broken Chain (), Broken Chain (Freedom & IndependenceFreedom & Independence),),
Wheat Flower (Wheat Flower (IndustryIndustry), Sword (), Sword (Power & StrengthPower & Strength), Tri), Tri--Coloured Ribbon (Coloured Ribbon (Armenian FlagArmenian Flag),),
Smart SecuritySmart SecuritySmart SecuritySmart SecuritySmart SecuritySmart SecuritySmart SecuritySmart Security == Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!
Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia
1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies
4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
5252
4 – Transition to 21 C Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
7 – Integrating Cyber & Physical Security 88 –– TowardsTowards SmartSmart “Neural Society”“Neural Society” 9 – Next Steps for Securing 21stC Armenia
The Future:The Future: Towards Smart “Neural Society”Towards Smart “Neural Society”
•• RealReal--Time Security Operations:Time Security Operations:
– Secure and monitor every cyber asset and critical physical asset through IP
Networking, RFID Tagging & communication of status to operations centre
•• Augmented & Immersive Reality:Augmented & Immersive Reality:
– Multimedia virtual world overlays on data from the real physical world, through head-
up displays & other forms of embedded sensors & displays
•• BioNeuralBioNeural Metaphors:Metaphors:
– Further developments of self-organising and autonomous systems for monitoring and
responding to cyber alerts & potential attacks in real-time
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
53
responding to cyber alerts & potential attacks in real-time
•• 3D Adaptive Simulation & Modelling:3D Adaptive Simulation & Modelling:
– Adaptive 3D computer modelling of physical buildings, campuses & cities, as well as
dynamic models of extended enterprises networks. The aim is to visualise, model &
respond to security alerts with greater speed & precision
•• Smart Security Architectures:Smart Security Architectures:
– Effective integrated security requires management through hybrid hierarchical and
“peer-to-peer” organisational architectures. Living organic systems also exploit hybrid
architectures for optimal command & control as in the “Mammalian Nervous System”Mammalian Nervous System”
53
Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia
1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies
4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
5454
4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure
7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 99 –– Next Steps for Securing 21stCNext Steps for Securing 21stC ArmeniaArmenia
Smart Security:Smart Security: “Next Steps for 21“Next Steps for 21ststC Armenia”C Armenia”
1)1) National Cybersecurity Agency:National Cybersecurity Agency: Establishment of a National Armenian CERT & Government
Cybersecurity Agency within the organisation of Armenian Government Ministries & Agencies
2)2) CIIP:CIIP: Critical Information Infrastructure Protection (CIIP) for ALLALL Critical Economic Sectors
3)3) System Upgrades:System Upgrades: Phased Technical Infrastructure ICT Upgrades using “ Smart Solutions” including
Hardware, Software, Secure Network Links, Virtualised Servers & Cloud Storage
4)4) BackBack--Up:Up: Disaster Recovery, Business Continuity, Crisis Management and Back-Up Systems
5)5) Physical :Physical : Physical Security Applications – CCTV, Alarms, Control Centre, RFID Asset Tracking
6)6) Awareness Campaign:Awareness Campaign: Government Campaign for National Cybersecurity Awareness
7)7) Training:Training: National Cybersecurity Skills & Professional Training Programme with Industry & Colleges
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
55
7)7) Training:Training: National Cybersecurity Skills & Professional Training Programme with Industry & Colleges
8)8) Encryption:Encryption: National User & Systems PKI Authentication, ID & eSignature Programme
9)9) Laws:Laws: Programme for Drafting and Enforcing new Cyber Laws. Policies & Regulations
…….It is important to develop an in…….It is important to develop an in--depth economic “costdepth economic “cost--benefit” analysis andbenefit” analysis and
Business Case in order to understand the “Return on Investment”Business Case in order to understand the “Return on Investment”
55
““Smart Sustainable Security”Smart Sustainable Security” for 21for 21ststC Armenia!C Armenia!““Smart Sustainable Security”Smart Sustainable Security” for 21for 21ststC Armenia!C Armenia!
2121ststC Armenia : “Smart Economy”C Armenia : “Smart Economy”
DigiTecDigiTec Business ForumBusiness Forum –– Yerevan, ArmeniaYerevan, Armenia
2121ststC Armenia : “Smart Economy”C Armenia : “Smart Economy”
DigiTecDigiTec Business ForumBusiness Forum –– Yerevan, ArmeniaYerevan, Armenia
ThankThank--You!...You!...ThankThank--You!...You!...
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
56
ThankThank--You!...You!...ThankThank--You!...You!...
56
Presentation Slides:Presentation Slides:
www.Valentina.net/DigiTec2012/www.Valentina.net/DigiTec2012/
Presentation Slides:Presentation Slides:
www.Valentina.net/DigiTec2012/www.Valentina.net/DigiTec2012/
Presentation Slides:Presentation Slides:
www.Valentina.net/DigiTec2012/www.Valentina.net/DigiTec2012/
Presentation Slides:Presentation Slides:
www.Valentina.net/DigiTec2012/www.Valentina.net/DigiTec2012/
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
57
Thank you for your time!Thank you for your time!Thank you for your time!Thank you for your time!
Professional ProfileProfessional Profile -- Dr David E. ProbertDr David E. Probert
Computer Integrated Telephony (CIT)Computer Integrated Telephony (CIT) – Established and led British Telecom’s £25M EIGER Project during the mid-1980s’ to integrate computers with
telephone switches (PABX’s). This resulted in the successful development and launch of CIT software applications for telesales & telemarketing
Blueprint for Business CommunitiesBlueprint for Business Communities – Visionary Programme for Digital Equipment Corporation during late-1980’s that included the creation of the
“knowledge lens” and “community networks”. The Blueprint provided the strategic framework for Digital’s Value-Added Networks Business
European Internet Business Group (EIBGEuropean Internet Business Group (EIBG)) – Established and led Digital Equipment Corporation’s European Internet Group for 5 years. Projects included
support for the national Internet infrastructure for countries across EMEA as well as major enterprise, government & educational Intranet deployments.
Dr David Probert was a sponsoring member of the European Board for Academic & Research Networking (EARN/TERENA) for 7 years (1991 1998)
Supersonic Car (Supersonic Car (ThrustSSCThrustSSC)) – Worked with Richard Noble OBE, and the Mach One Club to set up and manage the 1st Multi-Media and e-Commerce Web-
Site for the World’s 1st Supersonic Car – ThrustSSC – for the World Speed Record.
Secure Wireless NetworkingSecure Wireless Networking – Business Director & VP for Madge Networks to establish a portfolio of innovative fully secure wireless Wi-Fi IEEE802.11
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
58
Secure Wireless NetworkingSecure Wireless Networking – Business Director & VP for Madge Networks to establish a portfolio of innovative fully secure wireless Wi-Fi IEEE802.11
networking products with technology partners from both UK and Taiwan.
Networked Enterprise SecurityNetworked Enterprise Security - Appointed as the New Products Director (CTO) to the Management Team of the Blick Group plc with overall
responsibility for 55 professional engineers & a diverse portfolio of hi-tech security products.
Republic of GeorgiaRepublic of Georgia – Senior Security Adviser – Appointed by the European Union to investigate and then to make recommendations on all aspects of IT
security, physical security and BCP/DR relating to the Georgian Parliament.
UN/ITUUN/ITU – Senior Adviser – Development of Cybersecurity Infrastructure, Standards, Policies, & Organisations in countries within both Europe & Americas
Dr David E. Probert is a Fellow of the Royal Statistical Society. He has a 1Dr David E. Probert is a Fellow of the Royal Statistical Society. He has a 1stst Class Honours Degree in Mathematics (BristolClass Honours Degree in Mathematics (Bristol
University) & PhD from Cambridge University in SelfUniversity) & PhD from Cambridge University in Self--Organising Systems (Evolution of Stochastic Automata) , and hisOrganising Systems (Evolution of Stochastic Automata) , and his
full professional biography is featured in the Marquis Directory of Who’s Who in the World: 2007full professional biography is featured in the Marquis Directory of Who’s Who in the World: 2007--2012 Editions2012 Editions.
2121ststC Armenia : “Smart Security”C Armenia : “Smart Security”
DigiTecDigiTec Business ForumBusiness Forum –– Yerevan, ArmeniaYerevan, Armenia
BACK-UP SLIDESBACK-UP SLIDES
Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia
DigiTec Business Forum: 15th- 16th June 2012
© Dr David E. Probert : www.VAZA.com ©
59
BACK-UP SLIDESBACK-UP SLIDES
59

More Related Content

What's hot

Conference on Digital Forensics & Cyber Security 2016
Conference on Digital Forensics & Cyber Security 2016Conference on Digital Forensics & Cyber Security 2016
Conference on Digital Forensics & Cyber Security 2016Kayisa Herman Dube
 
Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)Rhys A. Mossom
 
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!Dr David Probert
 
Effective CyberSecurity for the 2020s - Intelligent Analytics & Modelling
Effective CyberSecurity for the 2020s - Intelligent Analytics & Modelling Effective CyberSecurity for the 2020s - Intelligent Analytics & Modelling
Effective CyberSecurity for the 2020s - Intelligent Analytics & Modelling Dr David Probert
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCommunity Protection Forum
 
CyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in CyberspaceCyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in CyberspaceDr David Probert
 
Cybersecurity for Critical National Infrastructure
Cybersecurity for Critical National InfrastructureCybersecurity for Critical National Infrastructure
Cybersecurity for Critical National InfrastructureDr David Probert
 
CyberSecurity Vision: 2017-2027 & Beyond!
CyberSecurity Vision: 2017-2027 & Beyond!CyberSecurity Vision: 2017-2027 & Beyond!
CyberSecurity Vision: 2017-2027 & Beyond!Dr David Probert
 
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!Dr David Probert
 
21stC CyberSecurity Defence: Next 7 Years - 2018 to 2025!
21stC CyberSecurity Defence: Next 7 Years - 2018 to 2025!21stC CyberSecurity Defence: Next 7 Years - 2018 to 2025!
21stC CyberSecurity Defence: Next 7 Years - 2018 to 2025!Dr David Probert
 
Energising Cybersecurity with Biometrics & Digital Forensics
Energising Cybersecurity with Biometrics & Digital ForensicsEnergising Cybersecurity with Biometrics & Digital Forensics
Energising Cybersecurity with Biometrics & Digital ForensicsDr David Probert
 
Upgrading Industrial CyberSecurity & Security Critical National Infrastructure
Upgrading Industrial CyberSecurity & Security Critical National InfrastructureUpgrading Industrial CyberSecurity & Security Critical National Infrastructure
Upgrading Industrial CyberSecurity & Security Critical National InfrastructureDr David Probert
 
Cybersecurity in Sudan: Challenges & Opportunities
Cybersecurity in Sudan: Challenges & OpportunitiesCybersecurity in Sudan: Challenges & Opportunities
Cybersecurity in Sudan: Challenges & OpportunitiesMohamed Amine Belarbi
 
Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Dr David Probert
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
Artificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for CybersecurityArtificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for CybersecurityDr David Probert
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 

What's hot (20)

Conference on Digital Forensics & Cyber Security 2016
Conference on Digital Forensics & Cyber Security 2016Conference on Digital Forensics & Cyber Security 2016
Conference on Digital Forensics & Cyber Security 2016
 
BCM for National Critical Resources
BCM for National Critical ResourcesBCM for National Critical Resources
BCM for National Critical Resources
 
Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)
 
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
 
Effective CyberSecurity for the 2020s - Intelligent Analytics & Modelling
Effective CyberSecurity for the 2020s - Intelligent Analytics & Modelling Effective CyberSecurity for the 2020s - Intelligent Analytics & Modelling
Effective CyberSecurity for the 2020s - Intelligent Analytics & Modelling
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challenges
 
CyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in CyberspaceCyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in Cyberspace
 
Cybersecurity for Critical National Infrastructure
Cybersecurity for Critical National InfrastructureCybersecurity for Critical National Infrastructure
Cybersecurity for Critical National Infrastructure
 
CyberSecurity Vision: 2017-2027 & Beyond!
CyberSecurity Vision: 2017-2027 & Beyond!CyberSecurity Vision: 2017-2027 & Beyond!
CyberSecurity Vision: 2017-2027 & Beyond!
 
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!
 
21stC CyberSecurity Defence: Next 7 Years - 2018 to 2025!
21stC CyberSecurity Defence: Next 7 Years - 2018 to 2025!21stC CyberSecurity Defence: Next 7 Years - 2018 to 2025!
21stC CyberSecurity Defence: Next 7 Years - 2018 to 2025!
 
Energising Cybersecurity with Biometrics & Digital Forensics
Energising Cybersecurity with Biometrics & Digital ForensicsEnergising Cybersecurity with Biometrics & Digital Forensics
Energising Cybersecurity with Biometrics & Digital Forensics
 
Take Down
Take DownTake Down
Take Down
 
Upgrading Industrial CyberSecurity & Security Critical National Infrastructure
Upgrading Industrial CyberSecurity & Security Critical National InfrastructureUpgrading Industrial CyberSecurity & Security Critical National Infrastructure
Upgrading Industrial CyberSecurity & Security Critical National Infrastructure
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cybersecurity in Sudan: Challenges & Opportunities
Cybersecurity in Sudan: Challenges & OpportunitiesCybersecurity in Sudan: Challenges & Opportunities
Cybersecurity in Sudan: Challenges & Opportunities
 
Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
 
Artificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for CybersecurityArtificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for Cybersecurity
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
 

Viewers also liked

Essential Expertise for Water, Energy and Air
Essential Expertise for Water, Energy and AirEssential Expertise for Water, Energy and Air
Essential Expertise for Water, Energy and AirAlliance To Save Energy
 
The Quiet Giant: Energy Efficiency Ready to Roar!
The Quiet Giant:  Energy Efficiency Ready to Roar!The Quiet Giant:  Energy Efficiency Ready to Roar!
The Quiet Giant: Energy Efficiency Ready to Roar!Alliance To Save Energy
 
Richard Bennett, UTC: Deploying Energy Efficiency - The Business Perspective
Richard Bennett, UTC: Deploying Energy Efficiency - The Business PerspectiveRichard Bennett, UTC: Deploying Energy Efficiency - The Business Perspective
Richard Bennett, UTC: Deploying Energy Efficiency - The Business PerspectiveAlliance To Save Energy
 
Integrating Energy Efficiency & Renewable Electricity
Integrating Energy Efficiency & Renewable ElectricityIntegrating Energy Efficiency & Renewable Electricity
Integrating Energy Efficiency & Renewable ElectricityAlliance To Save Energy
 

Viewers also liked (7)

Sun public relations
Sun public relationsSun public relations
Sun public relations
 
Brad penney aga presentation 10.06.10
Brad penney aga presentation 10.06.10Brad penney aga presentation 10.06.10
Brad penney aga presentation 10.06.10
 
Essential Expertise for Water, Energy and Air
Essential Expertise for Water, Energy and AirEssential Expertise for Water, Energy and Air
Essential Expertise for Water, Energy and Air
 
The Quiet Giant: Energy Efficiency Ready to Roar!
The Quiet Giant:  Energy Efficiency Ready to Roar!The Quiet Giant:  Energy Efficiency Ready to Roar!
The Quiet Giant: Energy Efficiency Ready to Roar!
 
Green Campus: For-credit Internships
Green Campus: For-credit InternshipsGreen Campus: For-credit Internships
Green Campus: For-credit Internships
 
Richard Bennett, UTC: Deploying Energy Efficiency - The Business Perspective
Richard Bennett, UTC: Deploying Energy Efficiency - The Business PerspectiveRichard Bennett, UTC: Deploying Energy Efficiency - The Business Perspective
Richard Bennett, UTC: Deploying Energy Efficiency - The Business Perspective
 
Integrating Energy Efficiency & Renewable Electricity
Integrating Energy Efficiency & Renewable ElectricityIntegrating Energy Efficiency & Renewable Electricity
Integrating Energy Efficiency & Renewable Electricity
 

Similar to Smart Sustainable Security - Master Class - Yerevan, Armenia - 2012

"Smart Government" - Stimulating Economic Growth and Innovation
"Smart Government" - Stimulating Economic Growth and Innovation"Smart Government" - Stimulating Economic Growth and Innovation
"Smart Government" - Stimulating Economic Growth and InnovationDr David Probert
 
Cybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureCybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureDr David Probert
 
Smart Business Architectures for Intelligent Economic Development
Smart Business Architectures for Intelligent Economic DevelopmentSmart Business Architectures for Intelligent Economic Development
Smart Business Architectures for Intelligent Economic DevelopmentDr David Probert
 
Integrated Physical and Cybersecurity for Governments and Business
Integrated Physical and Cybersecurity for Governments and BusinessIntegrated Physical and Cybersecurity for Governments and Business
Integrated Physical and Cybersecurity for Governments and BusinessDr David Probert
 
Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Dr David Probert
 
21stC Trends in CyberSecurity in the Finance & Banking Sectors Security!
21stC Trends in CyberSecurity in the Finance & Banking Sectors  Security!21stC Trends in CyberSecurity in the Finance & Banking Sectors  Security!
21stC Trends in CyberSecurity in the Finance & Banking Sectors Security!Dr David Probert
 
Smart Solutions and Business Architectures - Master Class Lecture
Smart Solutions and Business Architectures - Master Class LectureSmart Solutions and Business Architectures - Master Class Lecture
Smart Solutions and Business Architectures - Master Class LectureDr David Probert
 
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !Dr David Probert
 
Managing Mobile Money security challenges
Managing Mobile Money security challenges Managing Mobile Money security challenges
Managing Mobile Money security challenges BSP Media Group
 
Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14 Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14 Mobile Edge Event
 
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & PrivacyDr David Probert
 
OmniSpotlight 05-2014
OmniSpotlight 05-2014OmniSpotlight 05-2014
OmniSpotlight 05-2014Anita Lösch
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...Shah Sheikh
 
Introduction of computer security
Introduction of computer securityIntroduction of computer security
Introduction of computer securitySoundaryaB2
 
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...Dr David Probert
 

Similar to Smart Sustainable Security - Master Class - Yerevan, Armenia - 2012 (20)

"Smart Government" - Stimulating Economic Growth and Innovation
"Smart Government" - Stimulating Economic Growth and Innovation"Smart Government" - Stimulating Economic Growth and Innovation
"Smart Government" - Stimulating Economic Growth and Innovation
 
Cybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureCybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information Infrastructure
 
Smart Business Architectures for Intelligent Economic Development
Smart Business Architectures for Intelligent Economic DevelopmentSmart Business Architectures for Intelligent Economic Development
Smart Business Architectures for Intelligent Economic Development
 
Integrated Physical and Cybersecurity for Governments and Business
Integrated Physical and Cybersecurity for Governments and BusinessIntegrated Physical and Cybersecurity for Governments and Business
Integrated Physical and Cybersecurity for Governments and Business
 
Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!
 
21stC Trends in CyberSecurity in the Finance & Banking Sectors Security!
21stC Trends in CyberSecurity in the Finance & Banking Sectors  Security!21stC Trends in CyberSecurity in the Finance & Banking Sectors  Security!
21stC Trends in CyberSecurity in the Finance & Banking Sectors Security!
 
Smart Solutions and Business Architectures - Master Class Lecture
Smart Solutions and Business Architectures - Master Class LectureSmart Solutions and Business Architectures - Master Class Lecture
Smart Solutions and Business Architectures - Master Class Lecture
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018
 
Mbs w21
Mbs w21Mbs w21
Mbs w21
 
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
 
Managing Mobile Money security challenges
Managing Mobile Money security challenges Managing Mobile Money security challenges
Managing Mobile Money security challenges
 
chile-2015 (2)
chile-2015 (2)chile-2015 (2)
chile-2015 (2)
 
Mobile (in)security ?
Mobile (in)security ?Mobile (in)security ?
Mobile (in)security ?
 
Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14 Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14
 
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
 
OmniSpotlight 05-2014
OmniSpotlight 05-2014OmniSpotlight 05-2014
OmniSpotlight 05-2014
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
Introduction of computer security
Introduction of computer securityIntroduction of computer security
Introduction of computer security
 
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...
 

More from Dr David Probert

AI Meets 21stC Security: Trends & Scenarios!
AI Meets 21stC Security: Trends & Scenarios!AI Meets 21stC Security: Trends & Scenarios!
AI Meets 21stC Security: Trends & Scenarios!Dr David Probert
 
AI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPoliticsAI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPoliticsDr David Probert
 
From Hughesovka to Donetsk (Translated to Russian)
From Hughesovka to Donetsk (Translated to Russian)From Hughesovka to Donetsk (Translated to Russian)
From Hughesovka to Donetsk (Translated to Russian)Dr David Probert
 
19thC Hughesovka to 21stC Donetsk
19thC Hughesovka to 21stC Donetsk19thC Hughesovka to 21stC Donetsk
19thC Hughesovka to 21stC DonetskDr David Probert
 
Cyber-Pandemic: Current Reality & Future Trends
Cyber-Pandemic: Current Reality & Future TrendsCyber-Pandemic: Current Reality & Future Trends
Cyber-Pandemic: Current Reality & Future TrendsDr David Probert
 
KolaNet 1992-1999 and Beyond! Arctic Environmental Monitoring Networks!
KolaNet 1992-1999 and Beyond! Arctic Environmental Monitoring Networks!KolaNet 1992-1999 and Beyond! Arctic Environmental Monitoring Networks!
KolaNet 1992-1999 and Beyond! Arctic Environmental Monitoring Networks!Dr David Probert
 
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!Dr David Probert
 
21stC Cybersecurity Trends: 2018-2025 & Beyond!...
21stC Cybersecurity Trends: 2018-2025 & Beyond!... 21stC Cybersecurity Trends: 2018-2025 & Beyond!...
21stC Cybersecurity Trends: 2018-2025 & Beyond!... Dr David Probert
 
Cyber Threats & Defence! - "Intelligent CyberSecurity"!
Cyber Threats & Defence! - "Intelligent CyberSecurity"!Cyber Threats & Defence! - "Intelligent CyberSecurity"!
Cyber Threats & Defence! - "Intelligent CyberSecurity"!Dr David Probert
 
YOUR Defence for the TOP 10 Cyber Threats!
YOUR Defence for the TOP 10 Cyber Threats!YOUR Defence for the TOP 10 Cyber Threats!
YOUR Defence for the TOP 10 Cyber Threats!Dr David Probert
 
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...Dr David Probert
 
Project KolaNet - Rethinking IT Support for the Environment
Project KolaNet - Rethinking IT Support for the EnvironmentProject KolaNet - Rethinking IT Support for the Environment
Project KolaNet - Rethinking IT Support for the EnvironmentDr David Probert
 
Embedding Artificial Intelligence in the Enterprise
Embedding Artificial Intelligence in the EnterpriseEmbedding Artificial Intelligence in the Enterprise
Embedding Artificial Intelligence in the EnterpriseDr David Probert
 

More from Dr David Probert (13)

AI Meets 21stC Security: Trends & Scenarios!
AI Meets 21stC Security: Trends & Scenarios!AI Meets 21stC Security: Trends & Scenarios!
AI Meets 21stC Security: Trends & Scenarios!
 
AI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPoliticsAI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPolitics
 
From Hughesovka to Donetsk (Translated to Russian)
From Hughesovka to Donetsk (Translated to Russian)From Hughesovka to Donetsk (Translated to Russian)
From Hughesovka to Donetsk (Translated to Russian)
 
19thC Hughesovka to 21stC Donetsk
19thC Hughesovka to 21stC Donetsk19thC Hughesovka to 21stC Donetsk
19thC Hughesovka to 21stC Donetsk
 
Cyber-Pandemic: Current Reality & Future Trends
Cyber-Pandemic: Current Reality & Future TrendsCyber-Pandemic: Current Reality & Future Trends
Cyber-Pandemic: Current Reality & Future Trends
 
KolaNet 1992-1999 and Beyond! Arctic Environmental Monitoring Networks!
KolaNet 1992-1999 and Beyond! Arctic Environmental Monitoring Networks!KolaNet 1992-1999 and Beyond! Arctic Environmental Monitoring Networks!
KolaNet 1992-1999 and Beyond! Arctic Environmental Monitoring Networks!
 
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
 
21stC Cybersecurity Trends: 2018-2025 & Beyond!...
21stC Cybersecurity Trends: 2018-2025 & Beyond!... 21stC Cybersecurity Trends: 2018-2025 & Beyond!...
21stC Cybersecurity Trends: 2018-2025 & Beyond!...
 
Cyber Threats & Defence! - "Intelligent CyberSecurity"!
Cyber Threats & Defence! - "Intelligent CyberSecurity"!Cyber Threats & Defence! - "Intelligent CyberSecurity"!
Cyber Threats & Defence! - "Intelligent CyberSecurity"!
 
YOUR Defence for the TOP 10 Cyber Threats!
YOUR Defence for the TOP 10 Cyber Threats!YOUR Defence for the TOP 10 Cyber Threats!
YOUR Defence for the TOP 10 Cyber Threats!
 
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
 
Project KolaNet - Rethinking IT Support for the Environment
Project KolaNet - Rethinking IT Support for the EnvironmentProject KolaNet - Rethinking IT Support for the Environment
Project KolaNet - Rethinking IT Support for the Environment
 
Embedding Artificial Intelligence in the Enterprise
Embedding Artificial Intelligence in the EnterpriseEmbedding Artificial Intelligence in the Enterprise
Embedding Artificial Intelligence in the Enterprise
 

Recently uploaded

Mastering Kafka Producer Configs: A Guide to Optimizing Performance
Mastering Kafka Producer Configs: A Guide to Optimizing PerformanceMastering Kafka Producer Configs: A Guide to Optimizing Performance
Mastering Kafka Producer Configs: A Guide to Optimizing PerformanceHostedbyConfluent
 
Fish Plays Pokemon | Kafka Summit London
Fish Plays Pokemon | Kafka Summit LondonFish Plays Pokemon | Kafka Summit London
Fish Plays Pokemon | Kafka Summit LondonHostedbyConfluent
 
Web Development Solutions 2024 A Beginner's Comprehensive Handbook.pdf
Web Development Solutions 2024 A Beginner's Comprehensive Handbook.pdfWeb Development Solutions 2024 A Beginner's Comprehensive Handbook.pdf
Web Development Solutions 2024 A Beginner's Comprehensive Handbook.pdfSeasia Infotech
 
Technology Governance & Migration In The AI Era
Technology Governance & Migration In The AI EraTechnology Governance & Migration In The AI Era
Technology Governance & Migration In The AI Era2toLead Limited
 
Brick-by-Brick: Exploring the Elements of Apache Kafka®
Brick-by-Brick: Exploring the Elements of Apache Kafka®Brick-by-Brick: Exploring the Elements of Apache Kafka®
Brick-by-Brick: Exploring the Elements of Apache Kafka®HostedbyConfluent
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Building a Self-Service Stream Processing Portal: How And Why
Building a Self-Service Stream Processing Portal: How And WhyBuilding a Self-Service Stream Processing Portal: How And Why
Building a Self-Service Stream Processing Portal: How And WhyHostedbyConfluent
 
Dynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationDynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationBuild Intuit
 
Bitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactiveBitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactivestartupro
 
CERN IoT Kafka Pipelines | Kafka Summit London
CERN IoT Kafka Pipelines | Kafka Summit LondonCERN IoT Kafka Pipelines | Kafka Summit London
CERN IoT Kafka Pipelines | Kafka Summit LondonHostedbyConfluent
 
Build Copilots on Streaming Data with Generative AI, Kafka Streams and Flink SQL
Build Copilots on Streaming Data with Generative AI, Kafka Streams and Flink SQLBuild Copilots on Streaming Data with Generative AI, Kafka Streams and Flink SQL
Build Copilots on Streaming Data with Generative AI, Kafka Streams and Flink SQLHostedbyConfluent
 
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...HostedbyConfluent
 
Book industry state of the nation 2024 - Tech Forum 2024
Book industry state of the nation 2024 - Tech Forum 2024Book industry state of the nation 2024 - Tech Forum 2024
Book industry state of the nation 2024 - Tech Forum 2024BookNet Canada
 
Data Contracts Management: Schema Registry and Beyond
Data Contracts Management: Schema Registry and BeyondData Contracts Management: Schema Registry and Beyond
Data Contracts Management: Schema Registry and BeyondHostedbyConfluent
 
Modifying Your SQL Streaming Queries on the Fly: The Impossible Trinity
Modifying Your SQL Streaming Queries on the Fly: The Impossible TrinityModifying Your SQL Streaming Queries on the Fly: The Impossible Trinity
Modifying Your SQL Streaming Queries on the Fly: The Impossible TrinityHostedbyConfluent
 
Bridge to the Future: Migrating to KRaft
Bridge to the Future: Migrating to KRaftBridge to the Future: Migrating to KRaft
Bridge to the Future: Migrating to KRaftHostedbyConfluent
 
Tecnogravura, Cylinder Engraving for Rotogravure
Tecnogravura, Cylinder Engraving for RotogravureTecnogravura, Cylinder Engraving for Rotogravure
Tecnogravura, Cylinder Engraving for RotogravureAntonio de Llamas
 
The Critical Role of Spatial Data in Today's Data Ecosystem
The Critical Role of Spatial Data in Today's Data EcosystemThe Critical Role of Spatial Data in Today's Data Ecosystem
The Critical Role of Spatial Data in Today's Data EcosystemSafe Software
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfROWELL MARQUINA
 
How Do You Query a Stream? | Kafka Summit London
How Do You Query a Stream? | Kafka Summit LondonHow Do You Query a Stream? | Kafka Summit London
How Do You Query a Stream? | Kafka Summit LondonHostedbyConfluent
 

Recently uploaded (20)

Mastering Kafka Producer Configs: A Guide to Optimizing Performance
Mastering Kafka Producer Configs: A Guide to Optimizing PerformanceMastering Kafka Producer Configs: A Guide to Optimizing Performance
Mastering Kafka Producer Configs: A Guide to Optimizing Performance
 
Fish Plays Pokemon | Kafka Summit London
Fish Plays Pokemon | Kafka Summit LondonFish Plays Pokemon | Kafka Summit London
Fish Plays Pokemon | Kafka Summit London
 
Web Development Solutions 2024 A Beginner's Comprehensive Handbook.pdf
Web Development Solutions 2024 A Beginner's Comprehensive Handbook.pdfWeb Development Solutions 2024 A Beginner's Comprehensive Handbook.pdf
Web Development Solutions 2024 A Beginner's Comprehensive Handbook.pdf
 
Technology Governance & Migration In The AI Era
Technology Governance & Migration In The AI EraTechnology Governance & Migration In The AI Era
Technology Governance & Migration In The AI Era
 
Brick-by-Brick: Exploring the Elements of Apache Kafka®
Brick-by-Brick: Exploring the Elements of Apache Kafka®Brick-by-Brick: Exploring the Elements of Apache Kafka®
Brick-by-Brick: Exploring the Elements of Apache Kafka®
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Building a Self-Service Stream Processing Portal: How And Why
Building a Self-Service Stream Processing Portal: How And WhyBuilding a Self-Service Stream Processing Portal: How And Why
Building a Self-Service Stream Processing Portal: How And Why
 
Dynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationDynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientation
 
Bitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactiveBitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactive
 
CERN IoT Kafka Pipelines | Kafka Summit London
CERN IoT Kafka Pipelines | Kafka Summit LondonCERN IoT Kafka Pipelines | Kafka Summit London
CERN IoT Kafka Pipelines | Kafka Summit London
 
Build Copilots on Streaming Data with Generative AI, Kafka Streams and Flink SQL
Build Copilots on Streaming Data with Generative AI, Kafka Streams and Flink SQLBuild Copilots on Streaming Data with Generative AI, Kafka Streams and Flink SQL
Build Copilots on Streaming Data with Generative AI, Kafka Streams and Flink SQL
 
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
 
Book industry state of the nation 2024 - Tech Forum 2024
Book industry state of the nation 2024 - Tech Forum 2024Book industry state of the nation 2024 - Tech Forum 2024
Book industry state of the nation 2024 - Tech Forum 2024
 
Data Contracts Management: Schema Registry and Beyond
Data Contracts Management: Schema Registry and BeyondData Contracts Management: Schema Registry and Beyond
Data Contracts Management: Schema Registry and Beyond
 
Modifying Your SQL Streaming Queries on the Fly: The Impossible Trinity
Modifying Your SQL Streaming Queries on the Fly: The Impossible TrinityModifying Your SQL Streaming Queries on the Fly: The Impossible Trinity
Modifying Your SQL Streaming Queries on the Fly: The Impossible Trinity
 
Bridge to the Future: Migrating to KRaft
Bridge to the Future: Migrating to KRaftBridge to the Future: Migrating to KRaft
Bridge to the Future: Migrating to KRaft
 
Tecnogravura, Cylinder Engraving for Rotogravure
Tecnogravura, Cylinder Engraving for RotogravureTecnogravura, Cylinder Engraving for Rotogravure
Tecnogravura, Cylinder Engraving for Rotogravure
 
The Critical Role of Spatial Data in Today's Data Ecosystem
The Critical Role of Spatial Data in Today's Data EcosystemThe Critical Role of Spatial Data in Today's Data Ecosystem
The Critical Role of Spatial Data in Today's Data Ecosystem
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdf
 
How Do You Query a Stream? | Kafka Summit London
How Do You Query a Stream? | Kafka Summit LondonHow Do You Query a Stream? | Kafka Summit London
How Do You Query a Stream? | Kafka Summit London
 

Smart Sustainable Security - Master Class - Yerevan, Armenia - 2012

  • 1. -- Smart Sustainable SecuritySmart Sustainable Security -- Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 1 “Integrating Cyber & Physical Operations”“Integrating Cyber & Physical Operations” Dr David E. ProbertDr David E. Probert VAZAVAZA InternationalInternational Dr David E. ProbertDr David E. Probert VAZAVAZA InternationalInternational
  • 2. …or the Challenging Complexity of…or the Challenging Complexity of Securing Armenian Cyberspace!...Securing Armenian Cyberspace!... Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 22
  • 3. Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia 11 –– Background PerspectivesBackground Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies 4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 33 4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure 7 – Integration: Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
  • 4. Background Aims & PerspectivesBackground Aims & Perspectives •• Smart Security Trends: 2002Smart Security Trends: 2002 –– 20122012 – Smart Security & Cybersecurity have really only become mainstream markets during the last 10 years with the evolution of Web2.0. Back in the 1990s there were some niche solutions for Web1.0 with Firewalls & Anti-Virus Tools, but now cybercrime has become a global threat that all countries & enterprises must ensure protection! •• Presentation Context:Presentation Context: – The author has been actively involved with Cybersecurity since the early 1990s, including projects across Europe, Middle East , Armenia, Georgia & the Americas, So this Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 4 projects across Europe, Middle East , Armenia, Georgia & the Americas, So this presentation is a personal perspective that focuses upon case studies & “smart security”.“smart security”. •• The Future 2012+The Future 2012+ – No system can ever be 100% secure either in physical or cyber space, so I propose the concept of “Smart Sustainable Security” in which the security investment is made in order to ensure “sustainable”“sustainable” & “continuous”“continuous” enterprise & government operations …The “Smart Economy” & “Smart Governance” are both ultimately…The “Smart Economy” & “Smart Governance” are both ultimately dependant upon the integrated security of operations & services.dependant upon the integrated security of operations & services. 4
  • 5. Cyber Threat Challenges forCyber Threat Challenges for ArmeniaArmenia 1)1) DDoSDDoS Denial of Service “Denial of Service “BotnetBotnet” Attacks” Attacks 2)2) Phishing Scams such as Advance Fee & Lottery ScamsPhishing Scams such as Advance Fee & Lottery Scams 3)3) SpamSpam eMaileMail with malicious intentwith malicious intent 4)4) SQL Database InjectionSQL Database Injection 5)5) XSS CrossXSS Cross--Scripting Java Script AttacksScripting Java Script Attacks 6)6) Personal Identity Theft (ID Theft)Personal Identity Theft (ID Theft) 7)7) Malware, Spyware, Worms, Viruses & TrojansMalware, Spyware, Worms, Viruses & Trojans 8)8) EmbeddedEmbedded SleepingSleeping Software “Zombie Bots”Software “Zombie Bots” Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 5 8)8) EmbeddedEmbedded SleepingSleeping Software “Zombie Bots”Software “Zombie Bots” 9)9) Buffer Overflow AttacksBuffer Overflow Attacks 10)10)Firewall Port ScannersFirewall Port Scanners 11)11)Social Networking “Malware Apps”Social Networking “Malware Apps” 12) WiWi--Fi, Bluetooth & Mobile Network IntrusionFi, Bluetooth & Mobile Network Intrusion 13) KeyloggersKeyloggers –– Hardware and Software VariantsHardware and Software Variants ……New Cyber Threats will emerge as ICT solutions grow smarter!……New Cyber Threats will emerge as ICT solutions grow smarter! 5
  • 6. Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia 1 – Background Perspectives 22 –– GlobalGlobal Cybersecurity ChallengeCybersecurity Challenge 3 – Cybersecurity Case Studies 4 – Transition to 21st C Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 66 4 – Transition to 21 C Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure 7 – Integration: Cyber and Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
  • 7. ““Visualisation of Cyberspace”:Visualisation of Cyberspace”: Global IP “WHOIS” AddressesGlobal IP “WHOIS” Addresses Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 77 …From 20…From 20ththC Physical World To 21C Physical World To 21ststC Cyberspace! ...C Cyberspace! ...
  • 8. Active Internet Domains:Active Internet Domains: “American IP Registry”“American IP Registry” Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 88
  • 9. “Outer Galaxies of Cyberspace”“Outer Galaxies of Cyberspace” –– Other IP RegistriesOther IP Registries Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 99
  • 10. - (1) – Legal Measures -- Worldwide Smart Security in Cyberspace!Worldwide Smart Security in Cyberspace! -- - (3) – Organisational Structures - (4) – Capacity Building - (2) – Technical & Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 10 Legal Measures 10 Structures - (5) – Regional and International Collaboration & Procedural Measures United Nations/International Telecommunications Union: “United Nations/International Telecommunications Union: “Global Cybersecurity Agenda”Global Cybersecurity Agenda”
  • 11. Malicious Cybercrime Activity in Global IP CyberspaceMalicious Cybercrime Activity in Global IP Cyberspace Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 1111 Link: www.team-cymru.org Key: Hilbert Space-Filling Curve Process
  • 12. Cyber Attack using GlobalCyber Attack using Global BotnetsBotnets Friday 20th February, 2009 (c) Dr David E. Probert - www.vaza.com 12Diagram from Wired Magazine
  • 13. Worldwide “Worldwide “BotBot” Infections:” Infections: 2Q 20102Q 2010 Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 1313 Source:Source: MicrosoftMicrosoft –– Security Intelligence ReportSecurity Intelligence Report -- 20102010
  • 14. ITU: InITU: In--Depth Cybersecurity WorkshopDepth Cybersecurity Workshop –– JamaicaJamaica -- Sept 2010Sept 2010 Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 1414
  • 15. Cybercrimes against Critical Economic SectorsCybercrimes against Critical Economic Sectors •• Government:Government: – Theft of secret intelligence, manipulation of documents, and illegal access to confidential citizen databases & national records •• Banking/Finance:Banking/Finance: – Denial of Service attacks against clearing bank network, phishing attacks against bank account & credit cards, money laundering •• TelecommsTelecomms/Mobile:/Mobile: – Interception of wired & wireless communications, and penetration of secure government & military communications networks •• Transport/Tourism:Transport/Tourism: Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 15 •• Transport/Tourism:Transport/Tourism: – Cyber Terrorism against airports, air-traffic control, coach/train transport hubs, & malicious penetration of on-line travel networks •• Energy/Water:Energy/Water: – Manipulation and disruption of the national energy grid & utilities through interference of the process control network (SCADA) …Cybersecurity is a Critical National Issue that now requires a Global Response!…Cybersecurity is a Critical National Issue that now requires a Global Response! 15
  • 16. Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia 1 – Background Perspectives 2 – Global Cybersecurity Challenge 33 –– CybersecurityCybersecurity Case StudiesCase Studies Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 1616 4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure 7 – Integrating Cyber & Physical Security 8 –Towards Smart ”Neural Society” 9 – Next Steps for Securing 21stC Armenia
  • 17. National & Regional Cybersecurity Case StudiesNational & Regional Cybersecurity Case Studies •• UK Government:UK Government: Cybersecurity Strategy for the UK – Safety, Security & Resilience in Cyberspace (UK Office of Cybersecurity – June 2009) •• US Government:US Government: Cyberspace Policy Review – Assuring a Trusted and Resilient Information and Communications Infrastructure – May 2009 •• Canada:Canada: Canadian Cyber Incident Response Centre (CCIRC) – Integrated within the Strategic Government Operations Centre (GOC) •• Australia:Australia: Australian Cybersecurity Policy and Co-ordination Committee (CSPC – Nov 2009), within the Attorney-General’s Government Dept •• Malaysia:Malaysia: “Cybersecurity Malaysia” – Mosti : Ministry of Science, Technology & Innovation, and Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 17 •• Malaysia:Malaysia: “Cybersecurity Malaysia” – Mosti : Ministry of Science, Technology & Innovation, and includes the MyCERT & Training Centre •• Singapore:Singapore: Cybersecurity Awareness Alliance & the IDA Security Masterplan (Sept 2009) -Singapore Infocomm Techology Security Authority - SITSA •• South Korea:South Korea: Korea Internet and Security Agency (KISA – July 2009) •• Latin America :Latin America : CITEL/OAS has developed regional cybersecurity strategy with dedicated events •• European Union:European Union: ENISA – European Network and Information Security Agency (Sept2005) tackles all aspects of cybersecurity & cybercrime for the countries of the European Union and beyond 17
  • 18. UK Office of CybersecurityUK Office of Cybersecurity –– OCS & CSOCOCS & CSOC Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 1818
  • 19. US Government :US Government : Office ofOffice of CyberSecurityCyberSecurity (CS&C)(CS&C) • Following the June 2009, US Government Policy Review, the Department of Homeland Security (DHS) has responsibility for hosting the “Office of Cybersecurity & Communications”“Office of Cybersecurity & Communications” (CS&C)(CS&C).. Within this large organisation is the “National Cyber Security Division”National Cyber Security Division” (NCSD):(NCSD): –– National Cyberspace Response SystemNational Cyberspace Response System • National Cyber Alert System • US-CERT Operations • National Cyber Response Co-ordination Group • Cyber Cop Portal (for investigation and prosecution of cyber attacks) Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 19 –– Federal Network SecurityFederal Network Security • Ensuring the maximum security of executive civilian departments and agencies –– CyberCyber--Risk Management ProgramsRisk Management Programs • Cyber Exercises: Cyber Storm • National Outreach Awareness • Software Assurance Program ….The US Government DHS also has a National Cyber Security….The US Government DHS also has a National Cyber Security CenterCenter (NCSC) which(NCSC) which is tasked with the protection of the US Government’s Communications Networksis tasked with the protection of the US Government’s Communications Networks 19
  • 20. Evolving Cybersecurity for US Defence:Evolving Cybersecurity for US Defence: “The Pentagon’s“The Pentagon’s CyberstrategyCyberstrategy”” Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 2020
  • 21. Canadian Government :Canadian Government : CCIRCCCIRC • The Canadian Cyber Incident Response Centre (CCIRC) monitors the cyber threat environment around the clock and is responsible for coordinating the national response to any cyber security incident. Its focus is the protection of national critical infrastructure against cyber incidents. The Centre is a part of the Government Operations Centre and a key component of the government's all-hazards approach to national security and emergency preparedness. Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 21 • CCIRC works with national and international counterparts to collect, analyze and disseminate data on cyber threats. The Centre provides analytical releases, as well as a variety of information products and services specifically for IT professionals and managers of critical infrastructure and other related industries. 21
  • 22. Australian Government :Australian Government : CSPCCSPC • The Cyber Security Policy and Coordination (CSPC) CommitteeCyber Security Policy and Coordination (CSPC) Committee is the Australian Government committee that coordinates the development of cyber security policy for the Australian Government. The CSPC Committee: – Provides whole of government strategic leadership on cyber security – Determines priorities for the Australian Government – Coordinates the response to cyber security events – Coordinates Australian Government cyber security policy internationally. Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 2222
  • 23. Malaysian Government:Malaysian Government: MOSTiMOSTi Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 2323
  • 24. Singapore Government :Singapore Government : SITSASITSA Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 2424
  • 25. South Korea Government:South Korea Government: KISAKISA KISA = “Korean Internet & Security Agency” Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 2525
  • 26. European Network and Information Security Agency:European Network and Information Security Agency: ENISAENISA Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 2626
  • 27. National Cybersecurity Agencies:National Cybersecurity Agencies: Common RolesCommon Roles CommonCommon roles and responsibilitiesroles and responsibilities for allfor all these national cyber agencies:these national cyber agencies: Cyber Alerts:Cyber Alerts: Management of the National Response to Cyber Alerts, and Attacks Education:Education: Co-ordination of National Awareness and Skills Training Programmes Laws:Laws: Leadership role in the development and approval of new cyber legislation Cybercrime:Cybercrime: Facilitation for building a National Cybercrime of e-Crime Unit Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 2727 Cybercrime:Cybercrime: Facilitation for building a National Cybercrime of e-Crime Unit Standards:Standards: Setting the national cybersecurity standards and auditing compliance International:International: Leadership in the promotion of international partnerships for Research:Research: Support for research & development into cybersecurity technologies CriticalCritical Sectors:Sectors: Co-ordination of National Programmes for Critical Infrastructure ....Next we..Next we consider the benefits from integrated physical and cybersecurity!consider the benefits from integrated physical and cybersecurity!
  • 28. Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia 1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 2828 44 –– TransitionTransition to 21to 21ststC Sustainable SecurityC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure 7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
  • 29. Cyber War StrategiesCyber War Strategies fromfrom Classic Historical Works!Classic Historical Works! RecommendedRecommended “Bedtime“Bedtime Reading”Reading” forfor CybersecurityCybersecurity Specialists!Specialists! RecommendedRecommended “Bedtime“Bedtime Reading”Reading” forfor CybersecurityCybersecurity Specialists!Specialists! Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 2929 …Classic Works on “War” are just as relevant today for Cybersecurity as pre…Classic Works on “War” are just as relevant today for Cybersecurity as pre--2020thth CC…Classic Works on “War” are just as relevant today for Cybersecurity as pre…Classic Works on “War” are just as relevant today for Cybersecurity as pre--2020thth CC Specialists!Specialists!Specialists!Specialists!
  • 30. “21“21stst Century Smart Cyber World”Century Smart Cyber World” •• Open World:Open World: During the last 15 years we’ve evolved from the primitive Internet to the complex world of Web2.0 mobile & wireless applications •• Criminals and HackersCriminals and Hackers seek every opportunity to creatively penetrate wired, wireless, mobile devices, and social networking applications •• The war against cybercriminalsThe war against cybercriminals requires us to continuously create new cybersecurity solutions for every conceivable cyber attack Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 30 •• Standards, Architectures and Operational Security PoliciesStandards, Architectures and Operational Security Policies all ensure that the “business case for cybercriminals” is much less attractive •• The DMZ Security FirewallsThe DMZ Security Firewalls of the 1990s are now only a partial solution to the protection of critical information infrastructure on the distributed mobile internet …….In this presentation we explore the 21…….In this presentation we explore the 21stst World of Smart Security SolutionsWorld of Smart Security Solutions including their integration with traditional physical security & surveillanceincluding their integration with traditional physical security & surveillance 30
  • 31. Transition from 20Transition from 20ththC Industrial to 21C Industrial to 21ststC Smart SecurityC Smart Security •• Cybersecurity 2012Cybersecurity 2012--2022:2022: – Every country in the world will need to transition from the traditional 20thC culture & policy of massive physical defence to the connected “neural” 21stC world of in-depth intelligent & integrated cyber defence •• National Boundaries:National Boundaries: – Traditional physical defence and geographical boundaries are still strategic national assets , but they need to be augmented through integrated cyber defence organisations & assets Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 31 •• Critical National Information Infrastructure:Critical National Information Infrastructure: – 21stC national economies function electronically, & yet they are poorly defended in cyberspace, and often open to criminal & political attacks •• MultiMulti--Dimensional Cyber Defence:Dimensional Cyber Defence: –– ArmeniaArmenia will need to audit its critical infrastructure – government, banks, telecommunications, energy, & transport – and upgrade to international cybersecurity standards based upon “Best Practice” (ISO/IEC – 27xxx). 31
  • 32. Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia 1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 3232 4 – Transition to 21stC Sustainable Security 55 –– SmartSmart Security: Technology & ProcessSecurity: Technology & Process 6 – Securing Critical National Infrastructure 7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
  • 33. Smart Security:Smart Security: Technology & OperationsTechnology & Operations •• “Smart Security”“Smart Security” spans the protection of both physical buildings, staff and cyber facilities, networks & information assets. –– Technologies:Technologies: Advanced ICT Security technologies include Biometrics, RFID Encryption, PKI Authentication, ID Management, DDoS Protection, Malware Detection –– Operations:Operations: Physical Buildings, Staff and all information & ICT assets need to be secured through solutions such as RFID tagging, Interactive HD CCTV, movement Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 33 secured through solutions such as RFID tagging, Interactive HD CCTV, movement detection and other automatic means for asset monitoring & surveillance –– Critical National Infrastructure Protection (CNIP):Critical National Infrastructure Protection (CNIP): Most national smart security programmes now focus upon securing critical infrastructure such as banking & finance, airports & transporation, power stations, military & defence facilities, ICT, Mobile & telecommunications services & Government Ministries & Parliament. …In the next sections we’ll explore both CNIP and the Integration of Cyber &…In the next sections we’ll explore both CNIP and the Integration of Cyber & Physical Security Operations which is the real essence of “Smart Security”Physical Security Operations which is the real essence of “Smart Security”
  • 34. Smart Technology Example:Smart Technology Example: Biometrics and RFIDBiometrics and RFID •• BiometricsBiometrics techniques may include: – Finger and Palm Prints – Retinal and Iris Scans – 3D Vein ID – Voice Scans & Recognition – DNA Database – usually for Criminal Records – 3D Facial Recognition •• RFIDRFID = Radio Frequency ID with applications that include: Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 34 •• RFIDRFID = Radio Frequency ID with applications that include: – Personal ID Cards for Building, Facility and Secure Room Access – Tags for Retail Articles as a deterrence to shop lifting – Powered RFID Tags for Vehicles to open Barriers, Doors, or switch traffic lights – Plans to used RFID Tags for Perishable Products such as vegetables and flowers – Asset Tags to manage the movement of ICT Assets such as Laptops, PDA & Storage ...Biometrics & RFID solutions are powerful tools against cybercrime!...Biometrics & RFID solutions are powerful tools against cybercrime! 34
  • 35. Smart Security Solutions &Smart Security Solutions & ISO StandardsISO Standards • Securing information and assets in the virtual world of cyberspace requires the discipline of rigorous operational security solutions and policies in the real-world according to accepted ISO 27xxx Standards:ISO 27xxx Standards: – Integrated Command and Control Operations (including fail-over control rooms) – Business Continuity & Disaster Recovery (for cybercrimes, terrorism & natural disasters) – Implementation of National, and Enterprise Computer Incident Response Teams (CERTs) Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 35 – Integrated Digital Forensics, eCrime Unit & Cyber Legislation against Cybercrimes – Traditional Physical Security Defences & Deterrents (including security guards & fences!) ….Many criminal and terrorist attacks are achieved through penetrating….Many criminal and terrorist attacks are achieved through penetrating some combination of physical and cybersecurity systems. Breaking intosome combination of physical and cybersecurity systems. Breaking into a physical building may allow a criminal to gain secure ICT zones, anda physical building may allow a criminal to gain secure ICT zones, and thence to onthence to on--line user accounts, documents & databases…line user accounts, documents & databases… 35
  • 36. Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia 1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies 4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 66 –– Securing Critical National InfrastructureSecuring Critical National Infrastructure Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 3636 4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 66 –– Securing Critical National InfrastructureSecuring Critical National Infrastructure 7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
  • 37. Critical Sectors and Infrastructure in CyberspaceCritical Sectors and Infrastructure in Cyberspace Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 3737
  • 38. Sector Case Study:Sector Case Study: Banks & FinanceBanks & Finance •• Banks & FinancialBanks & Financial Institutions are prime targets for cybercriminals. •• AccessAccess to Accounts is usually indirect through phishing scams, infected websites with malicious scripts, and personal ID Theft. •• OnOn--Line bank transfersLine bank transfers are also commonly used for international money laundering of funds secured from illegal activities •• Instant Money Transfer ServicesInstant Money Transfer Services are preferred for crimes such as the classic “Advanced Fee Scam” as well as Lottery and Auction Scams • An increasing problem is CyberCyber--ExtortionExtortion instigated through phishing Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 38 •• National & Commercial BanNational & Commercial Banksks have also been targets of DDOS cyberattacks from politically motivated and terrorist organisations •• Penetration Scans:Penetration Scans: Banks are pivotal to national economies and will receive penetration scans and attempted hacks on a regular basis. •• OnOn--Line BankingLine Banking networks including ATMs, Business and Personal Banking are at the “sharp end” of financial security and require great efforts towards end- user authentication & transaction network security 38
  • 39. Sector Case Study:Sector Case Study: GovernmentsGovernments •• Cyber Agencies:Cyber Agencies: Governments such as UK, USA, Malaysia, South Korea and Australia have all implemented cybersecurity agencies & programmes •• eGovernmenteGovernment ServicesServices are critically dependant upon strong cybersecurity with authentication for the protection of applications, and citizen data •• Compliance Audit:Compliance Audit: All Government Ministries & Agencies should receive in- depth ICT security audits, as well as full annual compliance reviews 1) National Defence Forces 2) Parliamentary Resources Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 39 2) Parliamentary Resources 3) Land Registry & Planning System 4) Citizen IDs and Passports 5) Laws, Legislations, and Policies 6) Civilian Police, Prisons & National e-Crimes Unit (NCU) 7) National CERT – Computer Emergency Response Team 8) Inter-Government Communications Network 9) eServices for Regional & International Partnerships 10)Establishment of cybersecurity standards & compliance 11)Government Security Training and Certification 39
  • 40. Cybersecurity Benefits:Cybersecurity Benefits: GovernmentGovernment • Improved cybersecurity & physical security provides significant short & medium term benefits to the Government & Critical National Service Sectors including: –– eGovernmenteGovernment:: Fully secure & cost effective delivery of on-line services to both citizens and businesses, such as taxes & customs, social welfare, civil & land registries, passports & driving licences –– eDefenceeDefence:: Early warning, alerts and defences against cyberattacks through national CERT (Computer Emergency Response Centre) –– Cybercrime:Cybercrime: Investigate, Digital Forensics and Prosecution of cybercrimes such ID & Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 40 –– Cybercrime:Cybercrime: Investigate, Digital Forensics and Prosecution of cybercrimes such ID & Financial Theft, “Computer Misuse, Laundering, On-Line Drug Trafficking & Pornographic Materials –– CyberterrorismCyberterrorism:: Ability to assess, predict and prevent potential major cyber terrorist attacks, and to minimise damage during events –– Power & Water Utilities:Power & Water Utilities: Prevent malicious damage to control systems –– Telecommunications:Telecommunications: Top security of government communications with alternative routings, encryption & protection against cyberattacks 40
  • 41. Critical Service Sector InfrastructureCritical Service Sector Infrastructure •• National Strategies:National Strategies: Many countries & regions now consider the threat of cyber attacks to be high enough to build national cybersecurity strategies. •• UK Strategy:UK Strategy: As with physical security & defence, these should be annually updated. For example the UK published its 1st Cybersecurity Strategy (June 2009), and now an updated UK National Security Strategy (Oct 2010). •• Every Critical Service SectorEvery Critical Service Sector should be considered in-depth: – Government (National & Regional) – Telecommunications/Mobile/ISPs Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 41 – Telecommunications/Mobile/ISPs – Banking/Financial Services – Transportation/Airports – Military/National Defence – Energy Power Grid & Utilities – Healthcare & Emergency Services – Police & Law Enforcement Agencies ...The National Cybersecurity Organisation will include ALL these stakeholders...The National Cybersecurity Organisation will include ALL these stakeholders & the CERTs will respond to incidents & communicate across ALL sectors& the CERTs will respond to incidents & communicate across ALL sectors 41
  • 42. Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia 1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 4242 4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure 77 –– IntegratingIntegrating Cyber & Physical SecurityCyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Securing 21stC Armenia
  • 43. -- Smart Sustainable Security in the Wild!Smart Sustainable Security in the Wild! -- The Sociable Weaver Bird “World’s largest Bird Nests” *** Southern Africa *** Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 43Friday 20th February, 2009 •Secure Living Community •Self-Organising Architecture •Fully scalable for long term growth •Supports 250+ Weaver Birds •Real-Time Disaster Alert System •Sustainable in Semi-Desert Steppe •Robust against “Enemy Risks” such as Eagles, Vultures & Snakes ...all the features of a 21stC-“Cyber Defence Centre”–including Disaster Recovery & Business Continuity!
  • 44. Cyber:Cyber: Integrated Command & ControlIntegrated Command & Control Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 44 •• Security Operations Command Centre for Global Security Solutions EnterpriseSecurity Operations Command Centre for Global Security Solutions Enterprise•• Security Operations Command Centre for Global Security Solutions EnterpriseSecurity Operations Command Centre for Global Security Solutions Enterprise 44
  • 45. “Cyber to Physical Attacks”“Cyber to Physical Attacks” • The illegal penetration of ICT systems may allow criminals to secure information or “make deals” that facilities their real-world activities: –– “Sleeping Cyber Bots”“Sleeping Cyber Bots” – These can be secretly implanted by skilled hackers to secure on-line systems, and programmed to explore the directories & databases, and & then to transmit certain information – Account & Credit Card Details, Plans, Projects, Deals –– Destructive “Cyber Bots”Destructive “Cyber Bots” – If cyber-bots are implanted by terrorist agents within the operational controls of power plants, airports, ports or telecomms facilities then considerable physical damage may result. A simple “ delete *.*“ delete *.* ” command for the root directories would instantly wipe out allall files unless the facility has real-time fail-over! Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 45 considerable physical damage may result. A simple “ delete *.*“ delete *.* ” command for the root directories would instantly wipe out allall files unless the facility has real-time fail-over! –– Distributed Denial of Service AttacksDistributed Denial of Service Attacks – These not only block access to system, but in the case of a Banking ATM Network, means that the national ATM network is off-line. –– National Cyber AttacksNational Cyber Attacks – Many international organisations such as NATO & US DOD forecast that future regional conflicts will begin with massive cyberattacks to disable their targets’ physical critical communications & information infrastructure. Clearly it is important for countries to upgrade their national cybersecurity to minimise such risks 45
  • 46. Physical:Physical: Integrated CCTV SurveillanceIntegrated CCTV Surveillance Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 4646 •• CCTV Command and Control Operations Centre for Large UK CityCCTV Command and Control Operations Centre for Large UK City•• CCTV Command and Control Operations Centre for Large UK CityCCTV Command and Control Operations Centre for Large UK City
  • 47. “Physical to Cyber Attacks”“Physical to Cyber Attacks” • Most “physical to cyber attacks” involve staff, contractors or visitors performing criminal activities in the “misuse of computer assets”: –– Theft & Modification of ICT Assets:Theft & Modification of ICT Assets: It is now almost a daily occurrence for critical information & databases to be either deliberately stolen or simply lost on PCs or Chips –– Fake Maintenance Staff or Contractors:Fake Maintenance Staff or Contractors: A relatively easy way for criminals to access secure facilities, particularly in remote regions or developing countries is to fake their personnel IDs and CVs as being legitimate ICT maintenance staff or contractors Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 47 personnel IDs and CVs as being legitimate ICT maintenance staff or contractors –– Compromised Operations Staff:Compromised Operations Staff: Sometime operational ICT staff may be tempted by criminal bribes, or possibly blackmailed into providing passwords, IDs & Access Codes. –– Facility Guests and Visitors:Facility Guests and Visitors: It is standard procedure for guests & visitors to be accompanied at all times in secure premises. In the absence of such procedures, criminals, masquerading as guests or visitors, may install key logger hardware devices or possibly extract information, plans and databases to USB memory chips, or steal DVDs! 47
  • 48. Physical:Physical: Computer Automated IndustrialComputer Automated Industrial Control & Safety SystemsControl & Safety Systems (SCADA)(SCADA) Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 4848
  • 49. Case Study:Case Study: StuxNetStuxNet WormWorm -- Industrial SCADA SystemsIndustrial SCADA Systems StuxnetStuxnet WormWorm : 1st Discovered June 2010 Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 4949 SCADASCADA = Supervisory Control & Data Acquisition - Mainly for Power Stations & Industrial Plants -
  • 50. -- Towards Smart Sustainable SecurityTowards Smart Sustainable Security -- Integrating Physical & Cybersecurity OperationsIntegrating Physical & Cybersecurity Operations •• Integration:Integration: Physical and Cybersecurity operations should be linked “step-by-step” at the command and control level in the main government or enterprise operations centre. •• Physical SecurityPhysical Security for critical service sectors such as governments, airports, banks, telecommunications, education, energy, healthcare and national defence should be included within the strategy and policies for Cybersecurity and vice versa. •• Upgrades:Upgrades: In order to maximise security, Government and Businesses need to upgrade Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 50 •• Upgrades:Upgrades: In order to maximise security, Government and Businesses need to upgrade and integrate resources & plans for both physical & cybersecurity during the next years. •• Audit and ComplianceAudit and Compliance :: Investments in establishing and upgrading cybersecurity defences means that all physical security and associated operational staff should also be reviewed for compliance with government policies, & audited to international standards •• Smart Roadmap:Smart Roadmap: I’d recommend developing a focused smart security action plan and roadmap (Physical & Cyber) for each critical sector across Government & Major Enterprises 50
  • 51. Smart Sustainable Security:Smart Sustainable Security: Armenia’s Coat of ArmsArmenia’s Coat of Arms Cyber WorldCyber WorldCyber WorldCyber WorldCyber WorldCyber WorldCyber WorldCyber World == EagleEagleEagleEagleEagleEagleEagleEagle ((((((((ArtaxiadArtaxiadArtaxiadArtaxiadArtaxiadArtaxiadArtaxiadArtaxiad &&&&&&&& ArsacidArsacidArsacidArsacidArsacidArsacidArsacidArsacid)))))))) Physical WorldPhysical WorldPhysical WorldPhysical WorldPhysical WorldPhysical WorldPhysical WorldPhysical World == LionLionLionLionLionLionLionLion ((((((((BagratuniBagratuniBagratuniBagratuniBagratuniBagratuniBagratuniBagratuni &&&&&&&& RubenidRubenidRubenidRubenidRubenidRubenidRubenidRubenid)))))))) Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 51 Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols:Five Vital Symbols: Feather Pen (Feather Pen (Culture & IntelligenceCulture & Intelligence), Broken Chain (), Broken Chain (Freedom & IndependenceFreedom & Independence),), Wheat Flower (Wheat Flower (IndustryIndustry), Sword (), Sword (Power & StrengthPower & Strength), Tri), Tri--Coloured Ribbon (Coloured Ribbon (Armenian FlagArmenian Flag),), Smart SecuritySmart SecuritySmart SecuritySmart SecuritySmart SecuritySmart SecuritySmart SecuritySmart Security == Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!Eagle AND Lion Jointly Protecting Armenia!
  • 52. Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia 1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies 4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 5252 4 – Transition to 21 C Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure 7 – Integrating Cyber & Physical Security 88 –– TowardsTowards SmartSmart “Neural Society”“Neural Society” 9 – Next Steps for Securing 21stC Armenia
  • 53. The Future:The Future: Towards Smart “Neural Society”Towards Smart “Neural Society” •• RealReal--Time Security Operations:Time Security Operations: – Secure and monitor every cyber asset and critical physical asset through IP Networking, RFID Tagging & communication of status to operations centre •• Augmented & Immersive Reality:Augmented & Immersive Reality: – Multimedia virtual world overlays on data from the real physical world, through head- up displays & other forms of embedded sensors & displays •• BioNeuralBioNeural Metaphors:Metaphors: – Further developments of self-organising and autonomous systems for monitoring and responding to cyber alerts & potential attacks in real-time Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 53 responding to cyber alerts & potential attacks in real-time •• 3D Adaptive Simulation & Modelling:3D Adaptive Simulation & Modelling: – Adaptive 3D computer modelling of physical buildings, campuses & cities, as well as dynamic models of extended enterprises networks. The aim is to visualise, model & respond to security alerts with greater speed & precision •• Smart Security Architectures:Smart Security Architectures: – Effective integrated security requires management through hybrid hierarchical and “peer-to-peer” organisational architectures. Living organic systems also exploit hybrid architectures for optimal command & control as in the “Mammalian Nervous System”Mammalian Nervous System” 53
  • 54. Smart Sustainable Security for 21Smart Sustainable Security for 21ststC ArmeniaC Armenia 1 – Background Perspectives 2 – Global Cybersecurity Challenge 3 – Cybersecurity Case Studies 4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 5454 4 – Transition to 21stC Sustainable Security 5 – Smart Security: Technology & Process 6 – Securing Critical National Infrastructure 7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 99 –– Next Steps for Securing 21stCNext Steps for Securing 21stC ArmeniaArmenia
  • 55. Smart Security:Smart Security: “Next Steps for 21“Next Steps for 21ststC Armenia”C Armenia” 1)1) National Cybersecurity Agency:National Cybersecurity Agency: Establishment of a National Armenian CERT & Government Cybersecurity Agency within the organisation of Armenian Government Ministries & Agencies 2)2) CIIP:CIIP: Critical Information Infrastructure Protection (CIIP) for ALLALL Critical Economic Sectors 3)3) System Upgrades:System Upgrades: Phased Technical Infrastructure ICT Upgrades using “ Smart Solutions” including Hardware, Software, Secure Network Links, Virtualised Servers & Cloud Storage 4)4) BackBack--Up:Up: Disaster Recovery, Business Continuity, Crisis Management and Back-Up Systems 5)5) Physical :Physical : Physical Security Applications – CCTV, Alarms, Control Centre, RFID Asset Tracking 6)6) Awareness Campaign:Awareness Campaign: Government Campaign for National Cybersecurity Awareness 7)7) Training:Training: National Cybersecurity Skills & Professional Training Programme with Industry & Colleges Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 55 7)7) Training:Training: National Cybersecurity Skills & Professional Training Programme with Industry & Colleges 8)8) Encryption:Encryption: National User & Systems PKI Authentication, ID & eSignature Programme 9)9) Laws:Laws: Programme for Drafting and Enforcing new Cyber Laws. Policies & Regulations …….It is important to develop an in…….It is important to develop an in--depth economic “costdepth economic “cost--benefit” analysis andbenefit” analysis and Business Case in order to understand the “Return on Investment”Business Case in order to understand the “Return on Investment” 55 ““Smart Sustainable Security”Smart Sustainable Security” for 21for 21ststC Armenia!C Armenia!““Smart Sustainable Security”Smart Sustainable Security” for 21for 21ststC Armenia!C Armenia!
  • 56. 2121ststC Armenia : “Smart Economy”C Armenia : “Smart Economy” DigiTecDigiTec Business ForumBusiness Forum –– Yerevan, ArmeniaYerevan, Armenia 2121ststC Armenia : “Smart Economy”C Armenia : “Smart Economy” DigiTecDigiTec Business ForumBusiness Forum –– Yerevan, ArmeniaYerevan, Armenia ThankThank--You!...You!...ThankThank--You!...You!... Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 56 ThankThank--You!...You!...ThankThank--You!...You!... 56 Presentation Slides:Presentation Slides: www.Valentina.net/DigiTec2012/www.Valentina.net/DigiTec2012/ Presentation Slides:Presentation Slides: www.Valentina.net/DigiTec2012/www.Valentina.net/DigiTec2012/
  • 57. Presentation Slides:Presentation Slides: www.Valentina.net/DigiTec2012/www.Valentina.net/DigiTec2012/ Presentation Slides:Presentation Slides: www.Valentina.net/DigiTec2012/www.Valentina.net/DigiTec2012/ Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 57 Thank you for your time!Thank you for your time!Thank you for your time!Thank you for your time!
  • 58. Professional ProfileProfessional Profile -- Dr David E. ProbertDr David E. Probert Computer Integrated Telephony (CIT)Computer Integrated Telephony (CIT) – Established and led British Telecom’s £25M EIGER Project during the mid-1980s’ to integrate computers with telephone switches (PABX’s). This resulted in the successful development and launch of CIT software applications for telesales & telemarketing Blueprint for Business CommunitiesBlueprint for Business Communities – Visionary Programme for Digital Equipment Corporation during late-1980’s that included the creation of the “knowledge lens” and “community networks”. The Blueprint provided the strategic framework for Digital’s Value-Added Networks Business European Internet Business Group (EIBGEuropean Internet Business Group (EIBG)) – Established and led Digital Equipment Corporation’s European Internet Group for 5 years. Projects included support for the national Internet infrastructure for countries across EMEA as well as major enterprise, government & educational Intranet deployments. Dr David Probert was a sponsoring member of the European Board for Academic & Research Networking (EARN/TERENA) for 7 years (1991 1998) Supersonic Car (Supersonic Car (ThrustSSCThrustSSC)) – Worked with Richard Noble OBE, and the Mach One Club to set up and manage the 1st Multi-Media and e-Commerce Web- Site for the World’s 1st Supersonic Car – ThrustSSC – for the World Speed Record. Secure Wireless NetworkingSecure Wireless Networking – Business Director & VP for Madge Networks to establish a portfolio of innovative fully secure wireless Wi-Fi IEEE802.11 Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 58 Secure Wireless NetworkingSecure Wireless Networking – Business Director & VP for Madge Networks to establish a portfolio of innovative fully secure wireless Wi-Fi IEEE802.11 networking products with technology partners from both UK and Taiwan. Networked Enterprise SecurityNetworked Enterprise Security - Appointed as the New Products Director (CTO) to the Management Team of the Blick Group plc with overall responsibility for 55 professional engineers & a diverse portfolio of hi-tech security products. Republic of GeorgiaRepublic of Georgia – Senior Security Adviser – Appointed by the European Union to investigate and then to make recommendations on all aspects of IT security, physical security and BCP/DR relating to the Georgian Parliament. UN/ITUUN/ITU – Senior Adviser – Development of Cybersecurity Infrastructure, Standards, Policies, & Organisations in countries within both Europe & Americas Dr David E. Probert is a Fellow of the Royal Statistical Society. He has a 1Dr David E. Probert is a Fellow of the Royal Statistical Society. He has a 1stst Class Honours Degree in Mathematics (BristolClass Honours Degree in Mathematics (Bristol University) & PhD from Cambridge University in SelfUniversity) & PhD from Cambridge University in Self--Organising Systems (Evolution of Stochastic Automata) , and hisOrganising Systems (Evolution of Stochastic Automata) , and his full professional biography is featured in the Marquis Directory of Who’s Who in the World: 2007full professional biography is featured in the Marquis Directory of Who’s Who in the World: 2007--2012 Editions2012 Editions.
  • 59. 2121ststC Armenia : “Smart Security”C Armenia : “Smart Security” DigiTecDigiTec Business ForumBusiness Forum –– Yerevan, ArmeniaYerevan, Armenia BACK-UP SLIDESBACK-UP SLIDES Smart Sustainable Security for 21stC ArmeniaSmart Sustainable Security for 21stC Armenia DigiTec Business Forum: 15th- 16th June 2012 © Dr David E. Probert : www.VAZA.com © 59 BACK-UP SLIDESBACK-UP SLIDES 59