SlideShare a Scribd company logo

Preventing Predictable Problems (Possibly)

Gareth Niblett
Gareth Niblett

Presentation given during a panel session on Innovation, Complexity, Risk and Trust at the MAPPING Second General Assembly in Prague, Czech Republic, on 1st November 2016.

Technology
1 of 23
Download to read offline
PREVENTING PREDICTABLE PROBLEMS (POSSIBLY) Gareth Niblett
PROBLEMS Problems, Problems
BADTHINGS CAN HAPPEN ACTION • ‘Wise Monkeys’ approach • Vulnerability disclosure • Service failure / denial • Data leak / breach • Data destruction REACTION • Increased costs • Recall / reputation damage • Fine / loss of license • Loss of revenue / value • Job losses / business closure
OPPORTUNITIES Optimism & Options
PLANTO WIN • Solve a problem / innovate • Think ahead • Listen to experts • Prepare for failure • You can’t predict it all
BUILDTO SURVIVE • Assess risks honestly • Scale flexibly & efficiently • Built-in security, not bolt-on • Test resilience plans • Adapt and overcome issues
BE ‘UNWISE’ • Listen to customers, experts, and regulators • Speak (and ask) about concerns and problems • Look proactively for problems, and don't ignore Failure can be ‘fatal’
EASY PICKINGS • Follow standards and test • Use secure protocols • Avoid bad defaults • Make patchable & automatic • Don’t overburden users
INNOVATE SECURELY • Internet ofThings • Identity schemes • Surveillance tech • Augmented / virtual reality • Big data & analytics • Machine Learning / AI • Autonomous vehicles • Drones • Regulation & legislation • Blockchain
TECHNOLOGY TacklingThreats
INTERNET OFTHINGS • Use interoperable standards • Have on-device protection • Enable automatic updates • Manage external trust • Limit data collection & use
IDENTITY SCHEMES • Provide broad user benefits • Make it citizen/user-centric • Decentralised & federated • Trusted throughout lifecycle • Transparent and auditable
SURVEILLANCETECH • Necessary & proportionate • Minimise data & retention • Limit purposes & access • Oversight & accountability • Don’t be ‘evil’, or facilitate it
AUGMENTED REALITY • Tackle online abuse • Be fair with ads & targeting • Ensure data quality • Take care with location data • AR/VR use may be sensitive
BIG DATA & ANALYTICS • Limit scope / purpose • Be responsible and ethical • Understand anonymisation • Try prevent reidentification • Correct bad data & decisions
MACHINE LEARNING / AI • Address ethics properly • Minimise algorithm biases • Accept robots taking jobs • Secure user-derived learning • Avoid Skynet / singularity
AUTONOMOUSVEHICLES • Ensure secure connectivity • Address trolley problem • Get government support • Get insurance co backing • Leverage sensor data wisely
DRONES • Regulate for safety & privacy • Geo-fence for safety & security • Handle GPS spoofing / jamming • Risk-based registration/ license • Monitor misuse and respond
REGULATION & LEGISLATION • Keep it light touch • Limit strict / restrictive rules • Use to open opportunities • Status quos are not sacred • Accept always behind curve
BLOCKCHAIN • Use appropriately • Beware of trade-offs • Features can help, or bite • Regulators & users matter • It’s just another database
THOUGHTS ThinkingTime
SECURITY GIVES PRIVACY • False dichotomy begone • Remember Ben Franklin • Backdoors undermine us all • Design for privacy, by default • Build and operate securely
garethniblett.com @garethniblett Gareth Niblett

Recommended

AGAINST ALL ODDS,PRESS ON
AGAINST ALL ODDS,PRESS ONAGAINST ALL ODDS,PRESS ON
AGAINST ALL ODDS,PRESS ONAmb Steve Mbugua
 
Polyglot Persistence with OSGi - Alexander Grzesik
Polyglot Persistence with OSGi - Alexander GrzesikPolyglot Persistence with OSGi - Alexander Grzesik
Polyglot Persistence with OSGi - Alexander Grzesikmfrancis
 
RPO Software
RPO SoftwareRPO Software
RPO SoftwareRrahul Sethi
 
Bitcoin : Beaucoup plus qu'une monnaie
Bitcoin : Beaucoup plus qu'une monnaieBitcoin : Beaucoup plus qu'une monnaie
Bitcoin : Beaucoup plus qu'une monnaiePhilippe Rodriguez
 
Как перестать бояться и начать любить медийку. Алгоритмический маркетинг.
Как перестать бояться и начать любить медийку. Алгоритмический маркетинг.Как перестать бояться и начать любить медийку. Алгоритмический маркетинг.
Как перестать бояться и начать любить медийку. Алгоритмический маркетинг.Molinos
 
Ethernetの受信処理
Ethernetの受信処理Ethernetの受信処理
Ethernetの受信処理Takuya ASADA
 
IBM research 5 in 5 report for 2017
IBM research 5 in 5 report for 2017IBM research 5 in 5 report for 2017
IBM research 5 in 5 report for 2017Pietro Leo
 
Esquema teams, grupos y planes (microsoft office 365)
Esquema teams, grupos y planes (microsoft office 365)Esquema teams, grupos y planes (microsoft office 365)
Esquema teams, grupos y planes (microsoft office 365)Ramon Costa i Pujol
 

Recommended

AGAINST ALL ODDS,PRESS ON
AGAINST ALL ODDS,PRESS ONAGAINST ALL ODDS,PRESS ON
AGAINST ALL ODDS,PRESS ONAmb Steve Mbugua
 
Polyglot Persistence with OSGi - Alexander Grzesik
Polyglot Persistence with OSGi - Alexander GrzesikPolyglot Persistence with OSGi - Alexander Grzesik
Polyglot Persistence with OSGi - Alexander Grzesikmfrancis
 
RPO Software
RPO SoftwareRPO Software
RPO SoftwareRrahul Sethi
 
Bitcoin : Beaucoup plus qu'une monnaie
Bitcoin : Beaucoup plus qu'une monnaieBitcoin : Beaucoup plus qu'une monnaie
Bitcoin : Beaucoup plus qu'une monnaiePhilippe Rodriguez
 
Как перестать бояться и начать любить медийку. Алгоритмический маркетинг.
Как перестать бояться и начать любить медийку. Алгоритмический маркетинг.Как перестать бояться и начать любить медийку. Алгоритмический маркетинг.
Как перестать бояться и начать любить медийку. Алгоритмический маркетинг.Molinos
 
Ethernetの受信処理
Ethernetの受信処理Ethernetの受信処理
Ethernetの受信処理Takuya ASADA
 
IBM research 5 in 5 report for 2017
IBM research 5 in 5 report for 2017IBM research 5 in 5 report for 2017
IBM research 5 in 5 report for 2017Pietro Leo
 
Esquema teams, grupos y planes (microsoft office 365)
Esquema teams, grupos y planes (microsoft office 365)Esquema teams, grupos y planes (microsoft office 365)
Esquema teams, grupos y planes (microsoft office 365)Ramon Costa i Pujol
 
managingyouraccesscontrolsystems-130223182036-phpapp01
managingyouraccesscontrolsystems-130223182036-phpapp01managingyouraccesscontrolsystems-130223182036-phpapp01
managingyouraccesscontrolsystems-130223182036-phpapp01Walter Sinchak,
 
Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Bianca Mueller, LL.M.
 
BYOD risk management best practices
BYOD risk management best practices BYOD risk management best practices
BYOD risk management best practices Troy C. Fulton
 
DCD Converged Brazil 2016
DCD Converged Brazil 2016 DCD Converged Brazil 2016
DCD Converged Brazil 2016 Scott Carlson
 
Cyber security series vulnerability assessments
Cyber security series vulnerability assessmentsCyber security series vulnerability assessments
Cyber security series vulnerability assessmentsJim Kaplan CIA CFE
 
Transform Banking with Big Data and Automated Machine Learning 9.12.17
Transform Banking with Big Data and Automated Machine Learning 9.12.17Transform Banking with Big Data and Automated Machine Learning 9.12.17
Transform Banking with Big Data and Automated Machine Learning 9.12.17Cloudera, Inc.
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 
IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsAndrew S. Baker (ASB)
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
Privacy by Design or Privacy by Re-engineering
Privacy by Design or Privacy by Re-engineeringPrivacy by Design or Privacy by Re-engineering
Privacy by Design or Privacy by Re-engineeringAndre Cardinaal
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesAugmentedWorldExpo
 
Security 101 for No- techies
Security 101 for No- techiesSecurity 101 for No- techies
Security 101 for No- techiesBrenton Johnson
 
Is Bad Data Killing Your Customer Engagement Strategy?
Is Bad Data Killing Your Customer Engagement Strategy? Is Bad Data Killing Your Customer Engagement Strategy?
Is Bad Data Killing Your Customer Engagement Strategy? Marketo
 
Understanding GDPR: Myths & Reality of Compliance
Understanding GDPR: Myths & Reality of ComplianceUnderstanding GDPR: Myths & Reality of Compliance
Understanding GDPR: Myths & Reality of ComplianceVeridium
 
Secure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessSecure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessStacy Clements
 
Threat modelling & apps testing
Threat modelling & apps testingThreat modelling & apps testing
Threat modelling & apps testingAdrian Munteanu
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Scott Carlson
 
Utilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseUtilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseChristopher Beiring
 
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"WrikeTechClub
 
Privacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artPrivacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artJames Mulhern
 
BCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsBCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsGareth Niblett
 
BCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsBCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsGareth Niblett
 

More Related Content

Similar to Preventing Predictable Problems (Possibly)

managingyouraccesscontrolsystems-130223182036-phpapp01
managingyouraccesscontrolsystems-130223182036-phpapp01managingyouraccesscontrolsystems-130223182036-phpapp01
managingyouraccesscontrolsystems-130223182036-phpapp01Walter Sinchak,
 
Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Bianca Mueller, LL.M.
 
BYOD risk management best practices
BYOD risk management best practices BYOD risk management best practices
BYOD risk management best practices Troy C. Fulton
 
DCD Converged Brazil 2016
DCD Converged Brazil 2016 DCD Converged Brazil 2016
DCD Converged Brazil 2016 Scott Carlson
 
Cyber security series vulnerability assessments
Cyber security series vulnerability assessmentsCyber security series vulnerability assessments
Cyber security series vulnerability assessmentsJim Kaplan CIA CFE
 
Transform Banking with Big Data and Automated Machine Learning 9.12.17
Transform Banking with Big Data and Automated Machine Learning 9.12.17Transform Banking with Big Data and Automated Machine Learning 9.12.17
Transform Banking with Big Data and Automated Machine Learning 9.12.17Cloudera, Inc.
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 
IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsAndrew S. Baker (ASB)
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
Privacy by Design or Privacy by Re-engineering
Privacy by Design or Privacy by Re-engineeringPrivacy by Design or Privacy by Re-engineering
Privacy by Design or Privacy by Re-engineeringAndre Cardinaal
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesAugmentedWorldExpo
 
Security 101 for No- techies
Security 101 for No- techiesSecurity 101 for No- techies
Security 101 for No- techiesBrenton Johnson
 
Is Bad Data Killing Your Customer Engagement Strategy?
Is Bad Data Killing Your Customer Engagement Strategy? Is Bad Data Killing Your Customer Engagement Strategy?
Is Bad Data Killing Your Customer Engagement Strategy? Marketo
 
Understanding GDPR: Myths & Reality of Compliance
Understanding GDPR: Myths & Reality of ComplianceUnderstanding GDPR: Myths & Reality of Compliance
Understanding GDPR: Myths & Reality of ComplianceVeridium
 
Secure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessSecure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessStacy Clements
 
Threat modelling & apps testing
Threat modelling & apps testingThreat modelling & apps testing
Threat modelling & apps testingAdrian Munteanu
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Scott Carlson
 
Utilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseUtilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseChristopher Beiring
 
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"WrikeTechClub
 
Privacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artPrivacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artJames Mulhern
 

Similar to Preventing Predictable Problems (Possibly) (20)

managingyouraccesscontrolsystems-130223182036-phpapp01
managingyouraccesscontrolsystems-130223182036-phpapp01managingyouraccesscontrolsystems-130223182036-phpapp01
managingyouraccesscontrolsystems-130223182036-phpapp01
 
Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data?
 
BYOD risk management best practices
BYOD risk management best practices BYOD risk management best practices
BYOD risk management best practices
 
DCD Converged Brazil 2016
DCD Converged Brazil 2016 DCD Converged Brazil 2016
DCD Converged Brazil 2016
 
Cyber security series vulnerability assessments
Cyber security series vulnerability assessmentsCyber security series vulnerability assessments
Cyber security series vulnerability assessments
 
Transform Banking with Big Data and Automated Machine Learning 9.12.17
Transform Banking with Big Data and Automated Machine Learning 9.12.17Transform Banking with Big Data and Automated Machine Learning 9.12.17
Transform Banking with Big Data and Automated Machine Learning 9.12.17
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security Resilience
 
IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and Tools
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security Concepts
 
Privacy by Design or Privacy by Re-engineering
Privacy by Design or Privacy by Re-engineeringPrivacy by Design or Privacy by Re-engineering
Privacy by Design or Privacy by Re-engineering
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
 
Security 101 for No- techies
Security 101 for No- techiesSecurity 101 for No- techies
Security 101 for No- techies
 
Is Bad Data Killing Your Customer Engagement Strategy?
Is Bad Data Killing Your Customer Engagement Strategy? Is Bad Data Killing Your Customer Engagement Strategy?
Is Bad Data Killing Your Customer Engagement Strategy?
 
Understanding GDPR: Myths & Reality of Compliance
Understanding GDPR: Myths & Reality of ComplianceUnderstanding GDPR: Myths & Reality of Compliance
Understanding GDPR: Myths & Reality of Compliance
 
Secure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessSecure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your Business
 
Threat modelling & apps testing
Threat modelling & apps testingThreat modelling & apps testing
Threat modelling & apps testing
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?
 
Utilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseUtilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident Response
 
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
 
Privacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artPrivacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the art
 

More from Gareth Niblett

BCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsBCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsGareth Niblett
 
BCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsBCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsGareth Niblett
 
BCS ITNow 201603 - Cyber Response
BCS ITNow 201603 - Cyber ResponseBCS ITNow 201603 - Cyber Response
BCS ITNow 201603 - Cyber ResponseGareth Niblett
 
BCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, SecureBCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, SecureGareth Niblett
 
BCS ITNow 201306 - Share Securely
BCS ITNow 201306 - Share SecurelyBCS ITNow 201306 - Share Securely
BCS ITNow 201306 - Share SecurelyGareth Niblett
 
BCS ITNow 201309 - Holistic Security
BCS ITNow 201309 - Holistic SecurityBCS ITNow 201309 - Holistic Security
BCS ITNow 201309 - Holistic SecurityGareth Niblett
 
BCS ITNow 201312 - 2014 Threats
BCS ITNow 201312 - 2014 ThreatsBCS ITNow 201312 - 2014 Threats
BCS ITNow 201312 - 2014 ThreatsGareth Niblett
 
BCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss PreventionBCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss PreventionGareth Niblett
 
BCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessBCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessGareth Niblett
 
BCS ITNow 201409 - What's Going On
BCS ITNow 201409 - What's Going OnBCS ITNow 201409 - What's Going On
BCS ITNow 201409 - What's Going OnGareth Niblett
 
BCS ITNow 201412 - Stay Alert
BCS ITNow 201412 - Stay AlertBCS ITNow 201412 - Stay Alert
BCS ITNow 201412 - Stay AlertGareth Niblett
 
BCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletBCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletGareth Niblett
 
BCS ITNow 201509 - Identity
BCS ITNow 201509 - IdentityBCS ITNow 201509 - Identity
BCS ITNow 201509 - IdentityGareth Niblett
 
BCS ITNow 201512 - Cyber Innovation
BCS ITNow 201512 - Cyber InnovationBCS ITNow 201512 - Cyber Innovation
BCS ITNow 201512 - Cyber InnovationGareth Niblett
 
Why the Private Sector is Key to Cyber Defence
Why the Private Sector is Key to Cyber DefenceWhy the Private Sector is Key to Cyber Defence
Why the Private Sector is Key to Cyber DefenceGareth Niblett
 
RIPA: Perception and Practice
RIPA: Perception and PracticeRIPA: Perception and Practice
RIPA: Perception and PracticeGareth Niblett
 

More from Gareth Niblett (16)

BCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsBCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest Threats
 
BCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsBCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider Threats
 
BCS ITNow 201603 - Cyber Response
BCS ITNow 201603 - Cyber ResponseBCS ITNow 201603 - Cyber Response
BCS ITNow 201603 - Cyber Response
 
BCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, SecureBCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, Secure
 
BCS ITNow 201306 - Share Securely
BCS ITNow 201306 - Share SecurelyBCS ITNow 201306 - Share Securely
BCS ITNow 201306 - Share Securely
 
BCS ITNow 201309 - Holistic Security
BCS ITNow 201309 - Holistic SecurityBCS ITNow 201309 - Holistic Security
BCS ITNow 201309 - Holistic Security
 
BCS ITNow 201312 - 2014 Threats
BCS ITNow 201312 - 2014 ThreatsBCS ITNow 201312 - 2014 Threats
BCS ITNow 201312 - 2014 Threats
 
BCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss PreventionBCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss Prevention
 
BCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessBCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk Business
 
BCS ITNow 201409 - What's Going On
BCS ITNow 201409 - What's Going OnBCS ITNow 201409 - What's Going On
BCS ITNow 201409 - What's Going On
 
BCS ITNow 201412 - Stay Alert
BCS ITNow 201412 - Stay AlertBCS ITNow 201412 - Stay Alert
BCS ITNow 201412 - Stay Alert
 
BCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletBCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver Bullet
 
BCS ITNow 201509 - Identity
BCS ITNow 201509 - IdentityBCS ITNow 201509 - Identity
BCS ITNow 201509 - Identity
 
BCS ITNow 201512 - Cyber Innovation
BCS ITNow 201512 - Cyber InnovationBCS ITNow 201512 - Cyber Innovation
BCS ITNow 201512 - Cyber Innovation
 
Why the Private Sector is Key to Cyber Defence
Why the Private Sector is Key to Cyber DefenceWhy the Private Sector is Key to Cyber Defence
Why the Private Sector is Key to Cyber Defence
 
RIPA: Perception and Practice
RIPA: Perception and PracticeRIPA: Perception and Practice
RIPA: Perception and Practice
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

Recently uploaded (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 

Preventing Predictable Problems (Possibly)

  • 3. BADTHINGS CAN HAPPEN ACTION • ‘Wise Monkeys’ approach • Vulnerability disclosure • Service failure / denial • Data leak / breach • Data destruction REACTION • Increased costs • Recall / reputation damage • Fine / loss of license • Loss of revenue / value • Job losses / business closure
  • 5. PLANTO WIN • Solve a problem / innovate • Think ahead • Listen to experts • Prepare for failure • You can’t predict it all
  • 6. BUILDTO SURVIVE • Assess risks honestly • Scale flexibly & efficiently • Built-in security, not bolt-on • Test resilience plans • Adapt and overcome issues
  • 7. BE ‘UNWISE’ • Listen to customers, experts, and regulators • Speak (and ask) about concerns and problems • Look proactively for problems, and don't ignore Failure can be ‘fatal’
  • 8. EASY PICKINGS • Follow standards and test • Use secure protocols • Avoid bad defaults • Make patchable & automatic • Don’t overburden users
  • 9. INNOVATE SECURELY • Internet ofThings • Identity schemes • Surveillance tech • Augmented / virtual reality • Big data & analytics • Machine Learning / AI • Autonomous vehicles • Drones • Regulation & legislation • Blockchain
  • 11. INTERNET OFTHINGS • Use interoperable standards • Have on-device protection • Enable automatic updates • Manage external trust • Limit data collection & use
  • 12. IDENTITY SCHEMES • Provide broad user benefits • Make it citizen/user-centric • Decentralised & federated • Trusted throughout lifecycle • Transparent and auditable
  • 13. SURVEILLANCETECH • Necessary & proportionate • Minimise data & retention • Limit purposes & access • Oversight & accountability • Don’t be ‘evil’, or facilitate it
  • 14. AUGMENTED REALITY • Tackle online abuse • Be fair with ads & targeting • Ensure data quality • Take care with location data • AR/VR use may be sensitive
  • 15. BIG DATA & ANALYTICS • Limit scope / purpose • Be responsible and ethical • Understand anonymisation • Try prevent reidentification • Correct bad data & decisions
  • 16. MACHINE LEARNING / AI • Address ethics properly • Minimise algorithm biases • Accept robots taking jobs • Secure user-derived learning • Avoid Skynet / singularity
  • 17. AUTONOMOUSVEHICLES • Ensure secure connectivity • Address trolley problem • Get government support • Get insurance co backing • Leverage sensor data wisely
  • 18. DRONES • Regulate for safety & privacy • Geo-fence for safety & security • Handle GPS spoofing / jamming • Risk-based registration/ license • Monitor misuse and respond
  • 19. REGULATION & LEGISLATION • Keep it light touch • Limit strict / restrictive rules • Use to open opportunities • Status quos are not sacred • Accept always behind curve
  • 20. BLOCKCHAIN • Use appropriately • Beware of trade-offs • Features can help, or bite • Regulators & users matter • It’s just another database
  • 22. SECURITY GIVES PRIVACY • False dichotomy begone • Remember Ben Franklin • Backdoors undermine us all • Design for privacy, by default • Build and operate securely