SlideShare a Scribd company logo

The Future of Computer Security and Cybercrime

C
Craig Heath

Slides from London Futurists meetup, 09 Jan 2016

Technology
1 of 13
Download to read offline
Franklin Heath Ltd London Futurists: The Future of Computer Security and “Cybercrime” Craig Heath @heathcr 09 January 2016
© Franklin Heath Ltd c b CC BY 3.0 lawyerlawyer ✗ mathematicianmathematician ✗ computer scientist ✓ security engineer ✓ futurist ? Craig Heath 09 January 2016 2
© Franklin Heath Ltd c b CC BY 3.0 “Cyber” 09 January 2016 3 Image Credit: “DarkAngelDTB” from DeviantArt Image Credit: Colin Foran (DeviantArt: “nathantwist”)
© Franklin Heath Ltd c b CC BY 3.0 How to Predict the Future (vaguely scientifically) 09 January 2016 4  Considering trends + thought experiments  Where I’m looking for trends:  my experience  First job in software 1977  computer security specialist since 1988  history of information security  Kerckhoffs 1883  Bletchley Park 1939-45  How far away is the horizon?
© Franklin Heath Ltd c b CC BY 3.0 Computer Security vs. Cybercrime 09 January 2016 5  Computers used to commit “traditional” crimes  Roswell Steffen 1973 (embezzlement > $1.5M)  Unauthorised use of computers  Stephen Gold, Robert Schiffreen 1985  Kevin Mitnick 1987  Breaching computer security has itself become defined as a new type of crime  UK Computer Misuse Act 1990  US Digital Millennium Copyright Act 2000
© Franklin Heath Ltd c b CC BY 3.0 Trends: What Has Stayed the Same? 09 January 2016 6  Information theory & computer science  Kerckhoffs 1883  Turing 1936  Shannon 1948  Saltzer & Schroeder 1975  Passwords  easy to understand and implement  Social engineering attacks  c.f. “rubber-hose cryptanalysis”
© Franklin Heath Ltd c b CC BY 3.0 Trends: What Has Changed? 09 January 2016 7  Number of devices, connectivity and bandwidth  (10 9 ) billions, always-on with multiple Mbps  “Classic” crimes have moved online  e.g. confidence tricks -> phishing  “Beta culture”  continual enhancement and patching  Magnification of capabilities and consequences  a fix can be rolled out to millions of users  a single attacker can harm millions of users  The “attribution problem”  nation state or a kid in a cyber café?
© Franklin Heath Ltd c b CC BY 3.0 Is Computer Security Getting Better or Worse? 09 January 2016 8  I don’t know any computer security professional who would argue it’s getting significantly better  I don’t know anyone who has stopped using the Internet because it’s getting significantly worse  Hypothesis: did we reach a sort of equilibrium in the 1990s that is acceptable to society, now maintained by governments and market forces?
© Franklin Heath Ltd c b CC BY 3.0 What Influences Might Tip the Balance? – 1. Downside 09 January 2016 9  Increasing complexity of computer systems  if you don’t understand it, you can’t fix it  Increasing value available to attackers  transaction limits increase  ever more data goes online  Increasing ability to affect the real world  “Cyber Physical Systems”  Better policing of non-computer crimes  bad guys usually follow the path of least resistance
© Franklin Heath Ltd c b CC BY 3.0 What Influences Might Tip the Balance? – 2. Upside 09 January 2016 10  Market forces  consumer awareness  but see “The Market for Lemons” (Akerlof 1970)  risk of reputational damage  cost of breaches  and/or conditions of business insurance  Legal forces  regulation (c.f. building regulations)  licensing (c.f. chartered civil engineers)  fines or compensation awards for affected consumers
© Franklin Heath Ltd c b CC BY 3.0 How Serious is Reputational Damage for a Company? 09 January 2016 11  The “Ratner Effect”  Ratner Group value:  1991 £680M  1992 £49M  ...  2016 £7454M Image Credit: “EG Focus” from Flickr
© Franklin Heath Ltd c b CC BY 3.0 Why I Don’t Believe Breach Cost Estimates 09 January 2016 12  2011 Detica report:  “cost of cyber crime to the UK ... £27bn per annum”  approx. £540 per year for each adult in the UK  Detailed response from Ross Anderson et al.:  “Measuring the Cost of Cybercrime”, 2012  doesn’t venture a bottom line figure, but...  My experience:  Costs of loss of IP are routinely vastly overstated  Fraud losses are a normal cost of banks’ business
© Franklin Heath Ltd c b CC BY 3.0 Crystal Ball: Will the Equilibrium Hold? 09 January 2016 13  If security defenders just keep doing the same things, attackers will overtake us  Penetration testing and code inspection isn’t going to take us much further  Fundamentals need to be, and can be, improved  better product development process  better platforms  better tools  better developers

Recommended

People Power in Your Pocket
People Power in Your PocketPeople Power in Your Pocket
People Power in Your PocketCraig Heath
 
Mobile Security Sticks and Carrots
Mobile Security Sticks and CarrotsMobile Security Sticks and Carrots
Mobile Security Sticks and CarrotsCraig Heath
 
Security Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and EnigmaSecurity Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and EnigmaCraig Heath
 
Use Access Control Systems?
Use Access Control Systems?Use Access Control Systems?
Use Access Control Systems?electricgatelocksstudy77
 
The New NotCompatible
The New NotCompatibleThe New NotCompatible
The New NotCompatibleLookout
 
Smartphone Security Article
Smartphone Security ArticleSmartphone Security Article
Smartphone Security ArticleChristopher Papazian
 
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via Slideshare
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via SlideshareThe Impact of IoT on Enterprise Wi-Fi by AirTight Networks via Slideshare
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via SlideshareAirTight Networks
 
Feds: You have a BYOD program whether you like it or not
Feds: You have a BYOD program whether you like it or notFeds: You have a BYOD program whether you like it or not
Feds: You have a BYOD program whether you like it or notLookout
 

Recommended

People Power in Your Pocket
People Power in Your PocketPeople Power in Your Pocket
People Power in Your PocketCraig Heath
 
Mobile Security Sticks and Carrots
Mobile Security Sticks and CarrotsMobile Security Sticks and Carrots
Mobile Security Sticks and CarrotsCraig Heath
 
Security Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and EnigmaSecurity Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and EnigmaCraig Heath
 
Use Access Control Systems?
Use Access Control Systems?Use Access Control Systems?
Use Access Control Systems?electricgatelocksstudy77
 
The New NotCompatible
The New NotCompatibleThe New NotCompatible
The New NotCompatibleLookout
 
Smartphone Security Article
Smartphone Security ArticleSmartphone Security Article
Smartphone Security ArticleChristopher Papazian
 
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via Slideshare
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via SlideshareThe Impact of IoT on Enterprise Wi-Fi by AirTight Networks via Slideshare
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via SlideshareAirTight Networks
 
Feds: You have a BYOD program whether you like it or not
Feds: You have a BYOD program whether you like it or notFeds: You have a BYOD program whether you like it or not
Feds: You have a BYOD program whether you like it or notLookout
 
The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018CheapSSLsecurity
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017Accelerate Tech
 
How to communicate effectively in a cyber attack
How to communicate effectively in a cyber attackHow to communicate effectively in a cyber attack
How to communicate effectively in a cyber attackBen Overlander
 
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...Black Duck by Synopsys
 
Cctv research
Cctv researchCctv research
Cctv researcha2columne12
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity PredictionsLookout
 
HSB15 - 0xDUDE
HSB15 - 0xDUDEHSB15 - 0xDUDE
HSB15 - 0xDUDESplend
 
Relentless Mobile Threats to Avoid
Relentless Mobile Threats to AvoidRelentless Mobile Threats to Avoid
Relentless Mobile Threats to AvoidLookout
 
5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile SecurityLookout
 
A10 presentation overcoming the industrys insecurity complex
A10 presentation overcoming the industrys insecurity complexA10 presentation overcoming the industrys insecurity complex
A10 presentation overcoming the industrys insecurity complexDr. Wilfred Lin (Ph.D.)
 
Cloud computing 30 april_2011
Cloud computing 30 april_2011Cloud computing 30 april_2011
Cloud computing 30 april_2011spiirit
 
Palo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity PredictionsPalo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity PredictionsPaloAltoNetworks
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017CheapSSLsecurity
 
IoT 2018: What's Hot, What's Not & What's Next
IoT 2018: What's Hot, What's Not & What's NextIoT 2018: What's Hot, What's Not & What's Next
IoT 2018: What's Hot, What's Not & What's NextCharles Reed Anderson
 
Security workshop at CONNECT 2020 by Calongne, Rose, Hamons
Security workshop at CONNECT 2020 by Calongne, Rose, HamonsSecurity workshop at CONNECT 2020 by Calongne, Rose, Hamons
Security workshop at CONNECT 2020 by Calongne, Rose, HamonsCynthia Calongne
 
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughScared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughXeneta
 
How Meraki and Fiber Optics Saved the Show
How Meraki and Fiber Optics Saved the ShowHow Meraki and Fiber Optics Saved the Show
How Meraki and Fiber Optics Saved the ShowCyrus Hurley
 
Mobile: the up and downside of risk
Mobile: the up and downside of riskMobile: the up and downside of risk
Mobile: the up and downside of riskMichel de Goede
 
Appril legal workshop - 15 april 2015
Appril legal workshop - 15 april 2015Appril legal workshop - 15 april 2015
Appril legal workshop - 15 april 2015Olivier Oosterbaan
 
Tackling today's cyber security challenges - WISER Services & Solutions
Tackling today's cyber security challenges - WISER Services & SolutionsTackling today's cyber security challenges - WISER Services & Solutions
Tackling today's cyber security challenges - WISER Services & SolutionsCYBERWISER .eu
 
Employment contracts: Are they worth the paper they are written on?
Employment contracts: Are they worth the paper they are written on?Employment contracts: Are they worth the paper they are written on?
Employment contracts: Are they worth the paper they are written on?Chartered Institute for the Management of Sport and Physical Activity
 
Employment Contracts & The Importance of Getting them Right
Employment Contracts & The Importance of Getting them RightEmployment Contracts & The Importance of Getting them Right
Employment Contracts & The Importance of Getting them RightElizabeth Aitken
 

More Related Content

What's hot

The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018CheapSSLsecurity
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017Accelerate Tech
 
How to communicate effectively in a cyber attack
How to communicate effectively in a cyber attackHow to communicate effectively in a cyber attack
How to communicate effectively in a cyber attackBen Overlander
 
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...Black Duck by Synopsys
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity PredictionsLookout
 
HSB15 - 0xDUDE
HSB15 - 0xDUDEHSB15 - 0xDUDE
HSB15 - 0xDUDESplend
 
Relentless Mobile Threats to Avoid
Relentless Mobile Threats to AvoidRelentless Mobile Threats to Avoid
Relentless Mobile Threats to AvoidLookout
 
5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile SecurityLookout
 
A10 presentation overcoming the industrys insecurity complex
A10 presentation overcoming the industrys insecurity complexA10 presentation overcoming the industrys insecurity complex
A10 presentation overcoming the industrys insecurity complexDr. Wilfred Lin (Ph.D.)
 
Cloud computing 30 april_2011
Cloud computing 30 april_2011Cloud computing 30 april_2011
Cloud computing 30 april_2011spiirit
 
Palo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity PredictionsPalo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity PredictionsPaloAltoNetworks
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017CheapSSLsecurity
 
IoT 2018: What's Hot, What's Not & What's Next
IoT 2018: What's Hot, What's Not & What's NextIoT 2018: What's Hot, What's Not & What's Next
IoT 2018: What's Hot, What's Not & What's NextCharles Reed Anderson
 
Security workshop at CONNECT 2020 by Calongne, Rose, Hamons
Security workshop at CONNECT 2020 by Calongne, Rose, HamonsSecurity workshop at CONNECT 2020 by Calongne, Rose, Hamons
Security workshop at CONNECT 2020 by Calongne, Rose, HamonsCynthia Calongne
 
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughScared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughXeneta
 
How Meraki and Fiber Optics Saved the Show
How Meraki and Fiber Optics Saved the ShowHow Meraki and Fiber Optics Saved the Show
How Meraki and Fiber Optics Saved the ShowCyrus Hurley
 
Mobile: the up and downside of risk
Mobile: the up and downside of riskMobile: the up and downside of risk
Mobile: the up and downside of riskMichel de Goede
 
Appril legal workshop - 15 april 2015
Appril legal workshop - 15 april 2015Appril legal workshop - 15 april 2015
Appril legal workshop - 15 april 2015Olivier Oosterbaan
 
Tackling today's cyber security challenges - WISER Services & Solutions
Tackling today's cyber security challenges - WISER Services & SolutionsTackling today's cyber security challenges - WISER Services & Solutions
Tackling today's cyber security challenges - WISER Services & SolutionsCYBERWISER .eu
 

What's hot (20)

The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017
 
How to communicate effectively in a cyber attack
How to communicate effectively in a cyber attackHow to communicate effectively in a cyber attack
How to communicate effectively in a cyber attack
 
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to ...
 
Cctv research
Cctv researchCctv research
Cctv research
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity Predictions
 
HSB15 - 0xDUDE
HSB15 - 0xDUDEHSB15 - 0xDUDE
HSB15 - 0xDUDE
 
Relentless Mobile Threats to Avoid
Relentless Mobile Threats to AvoidRelentless Mobile Threats to Avoid
Relentless Mobile Threats to Avoid
 
5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security
 
A10 presentation overcoming the industrys insecurity complex
A10 presentation overcoming the industrys insecurity complexA10 presentation overcoming the industrys insecurity complex
A10 presentation overcoming the industrys insecurity complex
 
Cloud computing 30 april_2011
Cloud computing 30 april_2011Cloud computing 30 april_2011
Cloud computing 30 april_2011
 
Palo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity PredictionsPalo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity Predictions
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017
 
IoT 2018: What's Hot, What's Not & What's Next
IoT 2018: What's Hot, What's Not & What's NextIoT 2018: What's Hot, What's Not & What's Next
IoT 2018: What's Hot, What's Not & What's Next
 
Security workshop at CONNECT 2020 by Calongne, Rose, Hamons
Security workshop at CONNECT 2020 by Calongne, Rose, HamonsSecurity workshop at CONNECT 2020 by Calongne, Rose, Hamons
Security workshop at CONNECT 2020 by Calongne, Rose, Hamons
 
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughScared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
 
How Meraki and Fiber Optics Saved the Show
How Meraki and Fiber Optics Saved the ShowHow Meraki and Fiber Optics Saved the Show
How Meraki and Fiber Optics Saved the Show
 
Mobile: the up and downside of risk
Mobile: the up and downside of riskMobile: the up and downside of risk
Mobile: the up and downside of risk
 
Appril legal workshop - 15 april 2015
Appril legal workshop - 15 april 2015Appril legal workshop - 15 april 2015
Appril legal workshop - 15 april 2015
 
Tackling today's cyber security challenges - WISER Services & Solutions
Tackling today's cyber security challenges - WISER Services & SolutionsTackling today's cyber security challenges - WISER Services & Solutions
Tackling today's cyber security challenges - WISER Services & Solutions
 

Viewers also liked

Employment Contracts & The Importance of Getting them Right
Employment Contracts & The Importance of Getting them RightEmployment Contracts & The Importance of Getting them Right
Employment Contracts & The Importance of Getting them RightElizabeth Aitken
 
Computer In The Future
Computer In The FutureComputer In The Future
Computer In The Futurebabylove0860
 
The Future of Computer Science, and Why Every Other Major Sucks By Comparison
The Future of Computer Science, and Why Every Other Major Sucks By ComparisonThe Future of Computer Science, and Why Every Other Major Sucks By Comparison
The Future of Computer Science, and Why Every Other Major Sucks By Comparisonguest543f875
 
Business And The Law
Business And The LawBusiness And The Law
Business And The LawRobbieA
 
Future of computer science - Key recommendations by executive panel
Future of computer science - Key recommendations by executive panelFuture of computer science - Key recommendations by executive panel
Future of computer science - Key recommendations by executive panelTata Consultancy Services
 
The Future Of Computer Technology
The Future Of Computer TechnologyThe Future Of Computer Technology
The Future Of Computer Technologyaugust1
 
future of a computer litrate
future of a computer litratefuture of a computer litrate
future of a computer litratePooja Tanwar
 
Future Computer
Future ComputerFuture Computer
Future Computerj p
 
Nanocomputers or Future computer Nanotechnology
Nanocomputers or Future computer NanotechnologyNanocomputers or Future computer Nanotechnology
Nanocomputers or Future computer NanotechnologyMAGNIFIER
 
DSD-INT 2015 - The future of computer modeling of coastal wetland - maselhe
DSD-INT 2015 - The future of computer modeling of coastal wetland - maselheDSD-INT 2015 - The future of computer modeling of coastal wetland - maselhe
DSD-INT 2015 - The future of computer modeling of coastal wetland - maselheDeltares
 
The Future of Computers and the Internet - Mens en computer in 2030?
The Future of Computers and the Internet - Mens en computer in 2030?The Future of Computers and the Internet - Mens en computer in 2030?
The Future of Computers and the Internet - Mens en computer in 2030?Beat Signer
 
A Perspective on the Future of Computer Architecture
A Perspective on the Future of Computer ArchitectureA Perspective on the Future of Computer Architecture
A Perspective on the Future of Computer ArchitectureARCCN
 
An Introduction to Nano computers
An Introduction to Nano computersAn Introduction to Nano computers
An Introduction to Nano computersAnoop Keezhillath
 
Computer Misuse Act
Computer Misuse ActComputer Misuse Act
Computer Misuse Actmrmwood
 
How Computers Will Help In The Future
How Computers Will Help In The FutureHow Computers Will Help In The Future
How Computers Will Help In The Futurebrittney
 
The Future Of Computers
The Future Of ComputersThe Future Of Computers
The Future Of Computersskyhighphoto83
 
Next Generation Computer
Next Generation ComputerNext Generation Computer
Next Generation ComputerAnil Kumar
 
Future of Computers
Future of ComputersFuture of Computers
Future of Computersguest19ab3c
 

Viewers also liked (20)

Employment contracts: Are they worth the paper they are written on?
Employment contracts: Are they worth the paper they are written on?Employment contracts: Are they worth the paper they are written on?
Employment contracts: Are they worth the paper they are written on?
 
Employment Contracts & The Importance of Getting them Right
Employment Contracts & The Importance of Getting them RightEmployment Contracts & The Importance of Getting them Right
Employment Contracts & The Importance of Getting them Right
 
Computer In The Future
Computer In The FutureComputer In The Future
Computer In The Future
 
The Future of Computer Science, and Why Every Other Major Sucks By Comparison
The Future of Computer Science, and Why Every Other Major Sucks By ComparisonThe Future of Computer Science, and Why Every Other Major Sucks By Comparison
The Future of Computer Science, and Why Every Other Major Sucks By Comparison
 
Business And The Law
Business And The LawBusiness And The Law
Business And The Law
 
Future of computer science - Key recommendations by executive panel
Future of computer science - Key recommendations by executive panelFuture of computer science - Key recommendations by executive panel
Future of computer science - Key recommendations by executive panel
 
The Future Of Computer Technology
The Future Of Computer TechnologyThe Future Of Computer Technology
The Future Of Computer Technology
 
future of a computer litrate
future of a computer litratefuture of a computer litrate
future of a computer litrate
 
Future Computer
Future ComputerFuture Computer
Future Computer
 
Nanocomputers or Future computer Nanotechnology
Nanocomputers or Future computer NanotechnologyNanocomputers or Future computer Nanotechnology
Nanocomputers or Future computer Nanotechnology
 
DSD-INT 2015 - The future of computer modeling of coastal wetland - maselhe
DSD-INT 2015 - The future of computer modeling of coastal wetland - maselheDSD-INT 2015 - The future of computer modeling of coastal wetland - maselhe
DSD-INT 2015 - The future of computer modeling of coastal wetland - maselhe
 
The Future of Computers and the Internet - Mens en computer in 2030?
The Future of Computers and the Internet - Mens en computer in 2030?The Future of Computers and the Internet - Mens en computer in 2030?
The Future of Computers and the Internet - Mens en computer in 2030?
 
A Perspective on the Future of Computer Architecture
A Perspective on the Future of Computer ArchitectureA Perspective on the Future of Computer Architecture
A Perspective on the Future of Computer Architecture
 
Employment Contracts 101
Employment Contracts 101Employment Contracts 101
Employment Contracts 101
 
An Introduction to Nano computers
An Introduction to Nano computersAn Introduction to Nano computers
An Introduction to Nano computers
 
Computer Misuse Act
Computer Misuse ActComputer Misuse Act
Computer Misuse Act
 
How Computers Will Help In The Future
How Computers Will Help In The FutureHow Computers Will Help In The Future
How Computers Will Help In The Future
 
The Future Of Computers
The Future Of ComputersThe Future Of Computers
The Future Of Computers
 
Next Generation Computer
Next Generation ComputerNext Generation Computer
Next Generation Computer
 
Future of Computers
Future of ComputersFuture of Computers
Future of Computers
 

Similar to The Future of Computer Security and Cybercrime

Mapping media industry challenges (media vision day 2016)
Mapping media industry challenges (media vision day 2016)Mapping media industry challenges (media vision day 2016)
Mapping media industry challenges (media vision day 2016)Olivier Braet
 
CIR Magazine - Cyber Readiness, key to survival
CIR Magazine - Cyber Readiness, key to survivalCIR Magazine - Cyber Readiness, key to survival
CIR Magazine - Cyber Readiness, key to survivalMorgan Jones
 
Cyber Risk in Real Estate Sales - Workshop Presentation
Cyber Risk in Real Estate Sales - Workshop PresentationCyber Risk in Real Estate Sales - Workshop Presentation
Cyber Risk in Real Estate Sales - Workshop PresentationBrad Deflin
 
Paranoia or risk management 2013
Paranoia or risk management 2013Paranoia or risk management 2013
Paranoia or risk management 2013Henrik Kramshøj
 
Open Source Insight: CVE–2017-9805, Equifax Breach & Wacky Open Source Licenses
Open Source Insight: CVE–2017-9805, Equifax Breach & Wacky Open Source LicensesOpen Source Insight: CVE–2017-9805, Equifax Breach & Wacky Open Source Licenses
Open Source Insight: CVE–2017-9805, Equifax Breach & Wacky Open Source LicensesBlack Duck by Synopsys
 
Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Ekonomikas ministrija
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesPaige Rasid
 
Cybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCigniti Technologies Ltd
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationPECB
 
Centurylink 2018 threat report
Centurylink 2018 threat reportCenturylink 2018 threat report
Centurylink 2018 threat reportAndrew Prosser
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...Symantec
 
Quick Explanation of Internet Privacy
Quick Explanation of Internet PrivacyQuick Explanation of Internet Privacy
Quick Explanation of Internet PrivacyTrading Atlas
 
Marketplace Innovation Report | Q2, 2016
Marketplace Innovation Report | Q2, 2016Marketplace Innovation Report | Q2, 2016
Marketplace Innovation Report | Q2, 2016Endava
 
Bill gurleys-above-the-crowd-compilation (1)
Bill gurleys-above-the-crowd-compilation (1)Bill gurleys-above-the-crowd-compilation (1)
Bill gurleys-above-the-crowd-compilation (1)tylerboone
 
Security Trends to Watch in 2010 - A Mid-Year Status Check
Security Trends to Watch in 2010 - A Mid-Year Status Check Security Trends to Watch in 2010 - A Mid-Year Status Check
Security Trends to Watch in 2010 - A Mid-Year Status Check Symantec
 
Collective Ingenuity against Cyber Attacks
Collective Ingenuity against Cyber AttacksCollective Ingenuity against Cyber Attacks
Collective Ingenuity against Cyber AttacksAccenture Operations
 

Similar to The Future of Computer Security and Cybercrime (20)

TME0212-49
TME0212-49TME0212-49
TME0212-49
 
Mapping media industry challenges (media vision day 2016)
Mapping media industry challenges (media vision day 2016)Mapping media industry challenges (media vision day 2016)
Mapping media industry challenges (media vision day 2016)
 
CIR Magazine - Cyber Readiness, key to survival
CIR Magazine - Cyber Readiness, key to survivalCIR Magazine - Cyber Readiness, key to survival
CIR Magazine - Cyber Readiness, key to survival
 
Hacking back in self defense
Hacking back in self defenseHacking back in self defense
Hacking back in self defense
 
Cyber Risk in Real Estate Sales - Workshop Presentation
Cyber Risk in Real Estate Sales - Workshop PresentationCyber Risk in Real Estate Sales - Workshop Presentation
Cyber Risk in Real Estate Sales - Workshop Presentation
 
Paranoia or risk management 2013
Paranoia or risk management 2013Paranoia or risk management 2013
Paranoia or risk management 2013
 
INT 1010 10-3.pdf
INT 1010 10-3.pdfINT 1010 10-3.pdf
INT 1010 10-3.pdf
 
Open Source Insight: CVE–2017-9805, Equifax Breach & Wacky Open Source Licenses
Open Source Insight: CVE–2017-9805, Equifax Breach & Wacky Open Source LicensesOpen Source Insight: CVE–2017-9805, Equifax Breach & Wacky Open Source Licenses
Open Source Insight: CVE–2017-9805, Equifax Breach & Wacky Open Source Licenses
 
Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...
 
Take Down
Take DownTake Down
Take Down
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
 
Cybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out forCybersecurity 2020 the biggest threats to watch out for
Cybersecurity 2020 the biggest threats to watch out for
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the Retaliation
 
Centurylink 2018 threat report
Centurylink 2018 threat reportCenturylink 2018 threat report
Centurylink 2018 threat report
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
 
Quick Explanation of Internet Privacy
Quick Explanation of Internet PrivacyQuick Explanation of Internet Privacy
Quick Explanation of Internet Privacy
 
Marketplace Innovation Report | Q2, 2016
Marketplace Innovation Report | Q2, 2016Marketplace Innovation Report | Q2, 2016
Marketplace Innovation Report | Q2, 2016
 
Bill gurleys-above-the-crowd-compilation (1)
Bill gurleys-above-the-crowd-compilation (1)Bill gurleys-above-the-crowd-compilation (1)
Bill gurleys-above-the-crowd-compilation (1)
 
Security Trends to Watch in 2010 - A Mid-Year Status Check
Security Trends to Watch in 2010 - A Mid-Year Status Check Security Trends to Watch in 2010 - A Mid-Year Status Check
Security Trends to Watch in 2010 - A Mid-Year Status Check
 
Collective Ingenuity against Cyber Attacks
Collective Ingenuity against Cyber AttacksCollective Ingenuity against Cyber Attacks
Collective Ingenuity against Cyber Attacks
 

Recently uploaded

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 

The Future of Computer Security and Cybercrime

  • 1. Franklin Heath Ltd London Futurists: The Future of Computer Security and “Cybercrime” Craig Heath @heathcr 09 January 2016
  • 2. © Franklin Heath Ltd c b CC BY 3.0 lawyerlawyer ✗ mathematicianmathematician ✗ computer scientist ✓ security engineer ✓ futurist ? Craig Heath 09 January 2016 2
  • 3. © Franklin Heath Ltd c b CC BY 3.0 “Cyber” 09 January 2016 3 Image Credit: “DarkAngelDTB” from DeviantArt Image Credit: Colin Foran (DeviantArt: “nathantwist”)
  • 4. © Franklin Heath Ltd c b CC BY 3.0 How to Predict the Future (vaguely scientifically) 09 January 2016 4  Considering trends + thought experiments  Where I’m looking for trends:  my experience  First job in software 1977  computer security specialist since 1988  history of information security  Kerckhoffs 1883  Bletchley Park 1939-45  How far away is the horizon?
  • 5. © Franklin Heath Ltd c b CC BY 3.0 Computer Security vs. Cybercrime 09 January 2016 5  Computers used to commit “traditional” crimes  Roswell Steffen 1973 (embezzlement > $1.5M)  Unauthorised use of computers  Stephen Gold, Robert Schiffreen 1985  Kevin Mitnick 1987  Breaching computer security has itself become defined as a new type of crime  UK Computer Misuse Act 1990  US Digital Millennium Copyright Act 2000
  • 6. © Franklin Heath Ltd c b CC BY 3.0 Trends: What Has Stayed the Same? 09 January 2016 6  Information theory & computer science  Kerckhoffs 1883  Turing 1936  Shannon 1948  Saltzer & Schroeder 1975  Passwords  easy to understand and implement  Social engineering attacks  c.f. “rubber-hose cryptanalysis”
  • 7. © Franklin Heath Ltd c b CC BY 3.0 Trends: What Has Changed? 09 January 2016 7  Number of devices, connectivity and bandwidth  (10 9 ) billions, always-on with multiple Mbps  “Classic” crimes have moved online  e.g. confidence tricks -> phishing  “Beta culture”  continual enhancement and patching  Magnification of capabilities and consequences  a fix can be rolled out to millions of users  a single attacker can harm millions of users  The “attribution problem”  nation state or a kid in a cyber café?
  • 8. © Franklin Heath Ltd c b CC BY 3.0 Is Computer Security Getting Better or Worse? 09 January 2016 8  I don’t know any computer security professional who would argue it’s getting significantly better  I don’t know anyone who has stopped using the Internet because it’s getting significantly worse  Hypothesis: did we reach a sort of equilibrium in the 1990s that is acceptable to society, now maintained by governments and market forces?
  • 9. © Franklin Heath Ltd c b CC BY 3.0 What Influences Might Tip the Balance? – 1. Downside 09 January 2016 9  Increasing complexity of computer systems  if you don’t understand it, you can’t fix it  Increasing value available to attackers  transaction limits increase  ever more data goes online  Increasing ability to affect the real world  “Cyber Physical Systems”  Better policing of non-computer crimes  bad guys usually follow the path of least resistance
  • 10. © Franklin Heath Ltd c b CC BY 3.0 What Influences Might Tip the Balance? – 2. Upside 09 January 2016 10  Market forces  consumer awareness  but see “The Market for Lemons” (Akerlof 1970)  risk of reputational damage  cost of breaches  and/or conditions of business insurance  Legal forces  regulation (c.f. building regulations)  licensing (c.f. chartered civil engineers)  fines or compensation awards for affected consumers
  • 11. © Franklin Heath Ltd c b CC BY 3.0 How Serious is Reputational Damage for a Company? 09 January 2016 11  The “Ratner Effect”  Ratner Group value:  1991 £680M  1992 £49M  ...  2016 £7454M Image Credit: “EG Focus” from Flickr
  • 12. © Franklin Heath Ltd c b CC BY 3.0 Why I Don’t Believe Breach Cost Estimates 09 January 2016 12  2011 Detica report:  “cost of cyber crime to the UK ... £27bn per annum”  approx. £540 per year for each adult in the UK  Detailed response from Ross Anderson et al.:  “Measuring the Cost of Cybercrime”, 2012  doesn’t venture a bottom line figure, but...  My experience:  Costs of loss of IP are routinely vastly overstated  Fraud losses are a normal cost of banks’ business
  • 13. © Franklin Heath Ltd c b CC BY 3.0 Crystal Ball: Will the Equilibrium Hold? 09 January 2016 13  If security defenders just keep doing the same things, attackers will overtake us  Penetration testing and code inspection isn’t going to take us much further  Fundamentals need to be, and can be, improved  better product development process  better platforms  better tools  better developers