This document discusses cybersecurity threats in cloud and IoT environments and proposes approaches to address them. It notes that cloud and IoT security is different than traditional approaches due to shared environments, zero-day exploits, and outdated assumptions. Effective countermeasures require an integrated security approach leveraging big data, AI, blockchain, and metrics to provide comprehensive protection across physical, network, and cloud layers. The goal is a total, integrated security solution for modern, interconnected systems.

1. Practical Analytics:
Hands on Approach
Cloud & IoT Cyber
ThreatsJorge Sebastiao, CISSP
CTO, EcoSystem

2. Disclaimer & Copyright
• Please note that this presentation is for informational, knowledge sharing and educational purposes only. Any
comments or statements made herein do not necessarily reflect the views of Huawei. The information is intended
for the recipient's use only and should not be cited, reproduced or distributed to any third party without the prior
consent of the authors. Although great care is taken to ensure accuracy of information neither the author, nor
Huawei can be held responsible for any decision made on the basis of the information cited.
• The content of this presentation is based on information gathered in good faith from both primary and
secondary sources and is believed to be correct at the time of publication. The author can however provide no
guarantee regarding the accuracy of this content and therefore accepts no liability whatsoever for any actions
taken that subsequently prove incorrect.
• The practices listed in the document are provided as is and as guidance and the author and Huawei do not claim
that these comprise the only practices to be followed. The readers are urged to make informed decisions in their
usage.
• The information presented in this presentation is not intended to be, and should not be construed as, an offer to
sell any products or services or a solicitation of an offer to buy any products or services . Any such offer or sale will
be made pursuant to, and the information presented at this meeting is qualified in its entirety by, authorized
offering documents and related disclosure schedules or similar disclosure documentation.
• All logos and brand names belong to their respective owners and we do not claim any relationship or association,
implied or otherwise, with them.
• Use of any materials by virtue of relationships and associations, if any, are mentioned explicitly.
• Author has taken care to attribute all sources for external materials used in this presentation, and any oversight is
regretted. If you, as owner, or as viewer, find any reason to dispute the use of these materials kindly communicate
the same to author.
• Any omissions, in terms of attribution, may be due to an error of author and not intentional.

3. Are we ready for IoT?

4. Everything is connected…

5. SIEM
Broken tools & approach?
Firewall IDS AV
APT
Attack

6. IoT Hacks

7. Hacking SCADA sensors
Industrial Scale Risks

8. Cyberspace Characteristics
Asymmetric
Attribution
Problems
No Borders
Complex Interconnected
Systems

9. Cloud IoT Cyber Security is
Different – CSO Nightmare

10. Shared Control Environment

11. 0 Day Exploits - Guaranteed

12. Outdated Assumptions?

13. Effective Countermeasures

14. Its all about time…

15. Roadmap-Zero Day Protection P = 0

16. IoT IIoT Architecture
Cloud Data Center Device Management Operation
Transportation Manufacturing Oil &
Gas
Smart
Grid
Telco
1 IoT Platform
2 Access Modes
1 Interface

17. Reports
AI & Security
Analytics &
Discovery
Security AnalystsBig Data
Data Scientists
Big Data & AI Fixes 360 Infosec View

18. Types of AI & Security Analytics
Descriptive
Analytics
Predictive
Analytics
Security
Information
Collections
How are we doing
In incidence
Response?
What might happen
in the future?
Early Warning
Best course of
action given
objectives,
requirements &
constraints
Remediation
Analytics

19. AI
Big Data
Analytics
AI & Big Data
Security Defense System
Web and IP
reputation
File and
mail
reputation
Application
identification
Smart policy
proposal
Malicious software
detection system
APT detection
system
DDoS attack
defense system
Reputation Feedback
Security
Device
1101100101
1010101100
01010101010
1011101011
101011001011
1001100101
10101101011
0001101001
1101101101
0101010101
0011101101
0110110110
10110
0111
1000
1011
101
1010
01
1011
001
10110
0011
10100
Network
Traffic

20. End to end Cloud Security…

21. Smart City Example

22. Cloud IoT, Big Data & Smart Safe City

23. Cloud IoT, Big Data & Smart Safe City

24. Smart City Security Architecture
Cloud
Pipe
Terminal
Internet of things terminalsMobile TerminalsOffice Terminals
Pad Laptop Phone
Smart Community
Application
Public safetye-Energye-Businesse-Traffice-Hospitale-Schoole-Government
ELTE Smart meter IPC Vehicle RFID
…
Dumb PC Cloud desktop
XPON/Fiber
Internet Communication Network Internet Of Things DC Network
Education Health Care GovernmentTraffic Energy Public Safety
信息安全
…
Terminal Security
Prevent network attacks
Trusted access
Data leakage prevention
Network Security
Data signature
Network border security
Data transmission security
信息安全
Cloud Security
Security Association
Application security
O&M
Big data threat analysis
PKI/CA
BlockChain

25. Road to Security Metrics
Security Metrics
KPIs, Testing Results
CSA Controls, Compliance, Operational, Financial
Physical
Security
ISMS
ISO27001
IoT
Security
Time Based Security
ISMS
ISO22301
ISMS
ISO20000

26. Blockchain transforming
Cyber Security

27. 5 Key Elements Security
Success?
1. Security Metrics
2. Architecture
3. Big Data & AI
4. Incident Response
5. Ecosystem

28. Final Goal Is
Total Integrated Security
Information
Security
Management
IoT, Device
Security
Management

29. Physical & Infosec
Don’t bring a knife to gun fight

30. Jorge Sebastiao, CISSP
CTO, Ecosystem
Linkedin/in/sebastiao