This document discusses the future of cybersecurity and the trends driving its evolution. Technology adoption is increasing the attack surface and value of information. In response, threats are becoming more professionalized and defenses are struggling to keep up. However, as impacts increase awareness, demands for better security will drive defenses to evolve towards more optimal and sustainable security practices. Leadership, awareness, best practices, and collaboration will be key to achieving security in the face of growing threats.

1. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
A Bright Future in Cyber security
Olufemi VAUGHAN CISA, ITIL
ICSDL Instructor
July, 2015

2. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
 Technology connects and enriches the lives of
every person on earth
 Security is critical to protect computing
technology from threats which undermine the
health of the industry
DeAfrica

3. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
DeAfrica
 “...If security breaks down, technology breaks down”
Brian Krebs
Noted Cyber security Reporter

4. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Peering into the future of cyber
security
 Understand the value of security in technology and shifting trends
 Better insights to today’s challenges and prepare for tomorrows
dangers
 Identify opportunities and best practices for better security across the
industry
 Define what success looks like:
 How do we prepare?
 How do we achieve sustainable security?
 Can we maintain an optimal balance of risk?

5. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Chain Reactions Drive Cyber
security Evolution…

6. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Technology-Landscape
Environmental changes

7. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Technology-Landscape
Environmental changes

8. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Effects of Technology-
Landscape changes
• A growing target-rich environment of more users,
data, and devices
• Motivation for attacks rise as information and
systems increase in value
• New technology adoption, infrastructures, and
usages creates a larger attack surface

9. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Threat Evolution

10. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Threat Evolution

11. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Effects of the Threat
Evolution
•Attackers capabilities increases with
investments, experience, and professional threat
agents
•Successes boosts confidence, raises the lure for
more attacks and boldness to expand scope
•Defenders struggle with a growing attack
surface, challenging effectiveness models, lack of
talent, and insufficient resources

12. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Impacts and Effects

13. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Impacts and Effects

14. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
4 Levels of Cyber security Impacts

15. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Effects of Impacts
•Users are impacted more and more.
Awarenessincreases and security issues are
recognized as a serious problem
•Organizations feel the pain in losses, negative
press, interruption, leadership, & competitiveness
•Demands for more securely designed products,
trustworthy vendors, better user-behaviors,
advanced security systems, and more regulation
to protect assets, usability, privacy, and
availability

16. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Defenses Respond

17. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Defenses Respond

18. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
The Future of Securing Technology

19. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Good Practices will Emerge…

20. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Analysis Conclusion
 Verge of rapid changes, will get worse before
it gets better
 Threat landscape becomes more
professional, organized, and funded
 Technology ecosystem grows rapidly,
creating new attack surfaces
 Value of security rises in the eyes of the
public, government, and commercial sectors
 Attackers will outpace defenders in the short
term, until fundamental changes take place
 Defenses will evolve to be smarter, with
optimal and sustainable security as the goal

21. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Recommendations:
 Leadership is crucial. Take definitive steps to be ahead of the risk curve. Do
what is great, while it is small…
 Seek an optimal and sustainable level of security
 Stay aware of your threats, assets, controls, and exposures over time
 Get in front of technology adoption and leverage security to enable rather
than impede desired usages
 Treat security as a cycle. Prevention is important, but is never impervious.
Plan across the cycle, including feedback loops for continual improvement
 Leverage defensive advantages, experts, and continuously implement
industry best-known-methods
 Stay positive, keep learning, and collaborate across the community. We are
stronger together than individually

22. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
 3.6B people by 2020. Source:ITU International Telecommunications Union
 6.6B mobile cellular subscriptions in 2013. Source: WorldBank.org
 Growth of devices chart. Source: BI Intelligence
 50B ‘things’ connected by 2020. Source: Cisco
 35% will be M2M connections. Source: Cisco
 More Data growth estimate graphic Source: IDC
 13x increase of mobile data 2012-17 Source: Cisco
 3x data increase by 2018 Source: Cisco
 30GB per person/mo. (2x 2013) Source: Cisco
 18% CAGR of Business traffic Source: Cisco
 $14.4 trillion dollars by 2022Internet of Things value. Source: Cisco
 Theoretical network connections table. Source: Cisco
 4x DC traffic by 2018, 31% CAGR. Source: Cisco
 13,300 trillion connections by 2020. Source: Cisco
 70% of organizations claim they do not have enough IT security staff. Source: PonemonInstitute report: Understaffed and at Risk
 58% of senior staff positions and 36% of staff positions went unfilled in 2013. Source: PonemonInstitute report: Understaffed and at Risk
 15% of vulnerabilities exploited Source: University of Maryland
 Average Day in an Average Enterprise Stopwatch. Source: Check Point Security Report 2014
 New malware at 4 per second. Source: McAfee
 1M+ victims/day (12/second). Source: McAfee
 $3T impact to the tech market: Source: World 2014 World Economic Forum’s Risk and Responsibility in a HyperconnectedWorld
 20%-30% of IT budgets. Sources: McKinsey report (20-30%), Forrester 21%, SANS 11%-25%
 49%, 200M+ total malware samples 240 per minute, 4 per second Source: McAfee Threat Report Q1 2014
 50% Online adults victims of cybercrime or negative situations Source: Symantec
 93% Organizations suffering data loss: Source: UK Government BIS survey 2013
 $71B Worldwide IT security spending in 2014, 7.9% increase Source: Gartner
 97% Organizations compromised by attacker bypassing all defenses. Source: FireEyeand Mandiantreport Cybersecurity’s Maginot Line
 552M Total identities exposed in 2013, 493% increase Source: Symantec
 Data Breach bubble graph. Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Security Industry Data and Sources

23. Distance Education for Africa / Enseignement á Distance Pour L’Afrique WWW.DEAFRICA.COM
Questions?
For more information,
please visit
www.deafrica.org
or email
info@deafrica.org