Finding needles in needle stacks - or Future aspects of cyber security


Published on

The big challenge facing cyber security professionals is to think like the enemy, anticipate their next move, and enact measures to combat the exponentially growing number of attacks. Passively monitoring defences in the hope of detecting probes and breaches is insufficient as it is likely that threats are already on the inside in human, machine, or some malware form. And these may be continually active, sporadic, dormant, sleeping, dumb, smart, intelligent, broad or highly focused, and located anywhere in an organisation, machine, device or network. Fortunately, Cloud Technologies and new working practices mitigate agains all this, but only if we leverage new technologies and nurture new behaviours and operating strategies.

We are no longer looking for a ‘needle in a haystack’ but bent needles, or even needles prone to bending, in a ‘needle stack’. Layered defences such as multiple firewalls, virus protection, malware scanners, people screening and sporadic checks are insufficient. We have to be more sophisticated and consider the activity traits and sociology of people, machines, networks and malware. Perhaps most importantly this has to be achieved without degrading the performance of systems, networks, individuals and organisations.

To achieve effective cyber security solutions we have to migrate to a more organic, globally cooperative, and fully networked model that sees a new detection, reaction and solution sharing regime between companies and countries. And as the technology (good and bad) continues to accelerate and spread the end point will most likely be the realisation of a ‘living cyber immune system’ devoid of human intervention.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Finding needles in needle stacks - or Future aspects of cyber security

  1. 1. Finding Needles in Needle Stacks or Future aspects of Cyber Security Peter Cochrane COCHRANE a s s o c i a t e s Thursday, 21 November 13
  2. 2. le s p n im t i o s o lu n o re r s a a re g u l e h in T s r o Cyber Security - Attacks are growing and are increasingly sophisticated - We need to up our game & become more anticipatory Thursday, 21 November 13
  3. 3. Finding the Bent Needles or Needles about to bend The good majority The evil minority The potentially evil Thursday, 21 November 13
  4. 4. Cyber INSecurity What we know for sure - There is always a threat - The threat never sleeps - The threat evolves rapidly People are by far the biggest risk factor The perceived threat ⧣ the actual threat The biggest threat is always on the inside Security people are never their own customer The best defenders have been the best attackers Cracking systems is far more fun than defending them The biggest threat is in the direction you are not looking Resources are generally deployed inversely proportional to actual risk Thursday, 21 November 13
  5. 5. Breaking into most companies and institutions really isn’t all that difficult! Thursday, 21 November 13
  6. 6. big are ges t Th e th rea ts ins ide Equipment Networks Chips Code Ports People Lax: th e W Fi re all Thursday, 21 November 13 Rogue: People Visitors Security Operations
  7. 7. No single solution can deal with all forms of attack.... Thursday, 21 November 13
  8. 8. Fire Walls and malware protection are certainly not enough... Thursday, 21 November 13
  9. 9. Cyber Attacks Major Country Nodes Reproduced Courtesy of Akamai 2013 Thursday, 21 November 13
  10. 10. Cyber Attacks M a j o r Tra f fi c Po r t s Reproduced Courtesy of Akamai 2013 Thursday, 21 November 13
  11. 11. P r i m a r y C y b e r T a r g e t s Q4 2012 Government 1.0% Auctions 2.07% Classifieds 0.3% Retail 5.12% Social Nets 6.0% Financial 34.4% Other 6.78% ISP 9.5% Gaming 14.7% Payment Services 32.1% Thursday, 21 November 13
  12. 12. CyberCrime >> CYBER-SECURITY Not clear which side is spending more on software $Bn >200Bn The cost of cyber crime 200 150 Cyber Defence expenditure 100 50 100Bn 17Bn 0 2004 2005 21Bn 2006 2007 2008 2009 2009 2011 2012 Data Courtesy of Detica 2011 Thursday, 21 November 13
  13. 13. Cyber Security Improvements for free ? What will we benefit from if we don nothing ? Thursday, 21 November 13
  14. 14. Increasingly transient people & machine behaviour A multi-device, multi-screen, mobile world, of rapidly renewed and replaced devices, new and updated apps With built-in security features automatically updated Connecting on the move via wifi, 3G, 4G, LTE, BlueTooth Any Net Any where BYOD = Fewer corporate constrains and greater variabilities BMOB = Be My Own Boss - shorter assignment periods Thursday, 21 November 13
  15. 15. Many networks to attack not just one 3,4,5G, LTE, WiFi WiFi WiMax BlueTooth ++ Thursday, 21 November 13
  16. 16. Many OS types to attack not just one Thursday, 21 November 13
  17. 17. Many applications to attack not just one Thursday, 21 November 13
  18. 18. Huge device variance Interface Boards Chips Config Firmware Thursday, 21 November 13
  19. 19. Huge hardware and circuit variance Circuitry Layout Antennas Analogue Design Facilities Thursday, 21 November 13
  20. 20. Far more variable human and device connection behaviours O rid nG On & Off Grid Off Thursday, 21 November 13 Grid
  21. 21. A fast spreading realisation that this really isn’t good enough! Thursday, 21 November 13
  22. 22. No One security technique is sufficient Thursday, 21 November 13 The concatenation of multiple low cost methods rapidly delivers a very high level of protection Habits Personal Locations Networks Biometrics Knowledge ++++++++
  23. 23. SOMETHINGS What you: are were know drove work on wear own use eat do + Thursday, 21 November 13 Unique to you alone Why you: Who you: work with live with manage mentor dislike +++ How you: talk type stand appear write walk ++ like dislike prefer thought imagined migrated assumed helped failed won ++
  24. 24. But what about the cloud ? Thursday, 21 November 13
  25. 25. FUTURE NETWORKING The Internet will not Scale ç or economically functionally But Clouds/Cloud working will ! <5Bn People on (and off) line 2013 Thursday, 21 November 13 2025 9Bn People and >> 50Bn Things on line
  26. 26. Thursday, 21 November 13
  27. 27. RECENT HEADLINE Data courtesy of Cisco. Thursday, 21 November 13
  28. 28. Mobile networks but a minor player ! Thursday, 21 November 13
  29. 29. Cyber Security ç Clouds change everything More degrees of freedom to exploit that make it all inherently more secure than anything we have seen before Thursday, 21 November 13
  30. 30. Axiom.. 1,000,000s of Clouds and not 1 Thursday, 21 November 13
  31. 31. And they come in many forms - Corporate Government Private Personal Long term Sporadic Thursday, 21 November 13 - Visible Invisible Dynamic Fixed Mobile Wireless Wired - Open Closed Secure Insecure Regular Unknown Unquantified Experimental
  32. 32. Cyber Security ç Hidden by multi-hop depth Corporate/Private /Government Cloud Invisible Cloud Invisible Cloud Invisible Cloud Invisible Cloud Public /Open Cloud Corporate/Private /Government Cloud Diverse routing and increasingly hidden and disguised data storage in depth Thursday, 21 November 13
  33. 33. Cyber Security ç In Cloud Gating/Encryption Every Cloud demands a key and all routings are hidden - data parsed/coded Thursday, 21 November 13
  34. 34. The Biggest Risk Service providers do not guarantee your data! Thursday, 21 November 13
  35. 35. we need SCAlable network Solutions Thursday, 21 November 13
  36. 36. This isn’t tenable... Thursday, 21 November 13
  37. 37. This is... Thursday, 21 November 13
  38. 38. Smart car... Smart gas... Smart net... Thursday, 21 November 13
  39. 39. Clouds connect dynamically, driven by need, location, work, groups and associations... Thursday, 21 November 13
  40. 40. THE Security Problem Even deeper protection required Thursday, 21 November 13
  42. 42. On Server On Device In Network In Individual Apps In Hardware Thursday, 21 November 13
  43. 43. Honey pot, and malware traps, distributed across the cloud spectrum Thursday, 21 November 13
  44. 44. Data decimation and distribution with individual encryption Thursday, 21 November 13
  45. 45. ing ss re ing d p d A ic rl m u a n Thursday, 21 November 13 y D p ho
  46. 46. Have an alias, be invisible, don’t be what you appear, be there but absent... Ghost Cloud Ghost Device Thursday, 21 November 13
  47. 47. Distributed Attacks demand a Distributed Defence Dynamic Attackers necessitate Dynamic Defenders We c a n a c t a l o n e or we can unite and act together Thursday, 21 November 13
  48. 48. MORE CYBER-BENEFITS Going for free in the default future Thursday, 21 November 13
  49. 49. Fewer full time people and less predictable corporate/ network/ device/ behavior Thursday, 21 November 13
  50. 50. People job and location Half Life getting shorter Thursday, 21 November 13
  51. 51. Mean Time to Destruction unknown! Data Half Life getting shorter and shorter Thursday, 21 November 13
  52. 52. The Ace in the Hole Global Cooperation Device, App, Network Thursday, 21 November 13
  53. 53. Finding Those Needles The sociology and habits of Applications Networks Machines Software Malware People Bugs ++ Thursday, 21 November 13
  54. 54. Things cooperate inter and extra community to defeat attacks We all own multiple clouds Thursday, 21 November 13 THE END GAME AI systems monitor activities and identify trends to then anticipate and fend off all attacks Auto-immune response systems emerge as part of the overall evolving behaviours
  55. 55. “Speed is the essence of war. Take advantage of the enemy's u n p re p a re d n e s s ; t r ave l b y unexpected routes and strike him where he has taken no precautions” The Art of War by Sun Tzu, 600 BC Thursday, 21 November 13
  56. 56. Thank You COCHRANE a s s o c i a t e s Thursday, 21 November 13