SlideShare a Scribd company logo

Within 10 Years, Autonomous Vehicles Will Change Every CISO’s Job

Priyanka Aash
Priyanka Aash

Sound crazy? It isn’t. A fully autonomous ship will deliver fertilizer in Norway in 2018. Forrester security research leader Laura Koetzle will outline how and when autonomous transport will transform five business domains, and will recommend specific focuses for CISOs in each domain. The five are (1) automotive, (2) logistics, (3) insurance, (4) government and (5) media. Learning Objectives: 1: Understand how and when autonomous transport will transform your industry. 2: Know what that will mean for your company’s business and how to help it succeed. 3: Know which areas your team must focus on in this transformation, and how. (Source: RSA Conference USA 2018)

Technology
1 of 40
Download to read offline
SESSION ID: #RSAC Laura Koetzle WITHIN 10 YEARS, AUTONOMOUS VEHICLES WILL CHANGE EVERY CISO’S JOB MBS-T08 Vice President, Group Director. Forrester Research @lkoetzle
#RSAC How many of you came to this session today because you wanted to see just how crazy this idea was?
#RSAC 3 “I think there is a world market for maybe five computers.” --Thomas Watson, chairman of IBM, 1943
#RSAC
#RSAC
#RSAC
#RSAC How do we define autonomy? 7
#RSAC SAE’s 6 Levels of Automation 8 SAE level Name Execution of Steering and Acceleration/Deceleration Human driver monitors the driving environment 0 No Automation Human driver 1 Driver Assistance Human driver and system 2 Partial Automation System Automated driving system monitors the driving environment 3 Conditional Automation System 4 High Automation System 5 Full Automation System Source: SAE J3016, SAE International
#RSAC Experts disagree about where the road leads. 9
#RSAC Nirvana Dystopia
#RSAC So, which is it? 11
#RSAC Neither. 12
#RSAC Instead: Transformation.
#RSAC Autonomy Connectedness
#RSAC Automotive
#RSAC Information security implications: Automotive 16 Current model: “Vehicle only talks to the manufacturer’s back end. Problem solved.” Over the air (OTA) vehicle system updates are tempting targets for introducing systemic vulnerabilities In-vehicle component architecture is segmented, and third parties can only get CAN-bus data from the OEM
#RSAC Logistics and shipping
#RSAC Information security implications: Logistics and shipping 18 Current autonomous vehicle system design doesn’t assume active sensor interference Current collision algorithms don’t handle steep grades well, creating exploitable vulnerabilities Platooning will win over Level 3 autonomy
#RSAC Insurance and vehicle finance
#RSAC Information security implications: Insurance and vehicle finance 20 Manufacturers, insurers, and public sector argue over ownership, use, and sharing of vehicle data Compromise solutions involve “neutral” servers to mirror OEM data and allow access to authorized third parties. Usage-based insurance (UBI) gives OEMs and insurers joint profit opportunities, but data output can drive controlling or discriminatory behavior
#RSAC Media and entertainment
#RSAC Information security implications: Media and entertainment 22 Your firm needs ethical data usage guidelines on in-vehicle marketing and sponsored rides, too. Just because you can, doesn’t mean you should. Autonomous vehicles drive finer-grained entitlements
#RSAC Public sector
#RSAC Information security implications: Public sector 24 Vehicle to infrastructure (V2I) communication drives spoofing and poisoning attacks on public services (traffic, bridge closure updates, etc) City planners, infrastructure engineers, and transport policymakers need infosec help to play “what if” and incent useful behavior
#RSAC Information security and privacy
#RSAC Information security implications: Information security and privacy 26 Autonomous vehicle security is indeed “just” an IoT security case. But each IoT security case is special. 10 years on, your firm will subsidize employees’ autonomous commutes; you will need to update employee relations and cyber-risk insurance policies to match
#RSAC Three phases of transformation:
#RSAC Three phases of transformation 28 Phase 1 2017 to 2020 Phase 2 2020 to 2025 Phase 3 2025 and beyond  Warehouse automation  Freight vehicle convoying/platooning  Autonomous inland freight vessels and harbor convoys  Vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications  Insurance rates rise  Last mile autonomous drone deliveries  Mobile parcel lockers  All vehicles in Singapore and newly-built cities in China are autonomous  Auto insurance rates fall  Tesla no longer makes cars
#RSAC What does the threat model look like in each of the three phases?
#RSAC Threat model: Phase one (2017-2020) 30 Attacks on OTA updates of autonomous vehicle systems Companies transgress standards of ethical data usage, suffer losses of customer trust and fines (think EU GDPR enforcement) Third-party data sharing arrangements between OEMs, insurers, regulators, and service providers become prime targets
#RSAC Threat model: Phase two (2020-2025) 31 Attempted spoofing, poisoning, or disruption of V2V and V2I communications goes mainstream Sponsored rides and other in-vehicle advertising become targets; fraudsters get paid for spoofed eyeballs and deliberately flawed targeting
#RSAC Threat model: Phase three (2025-beyond) 32 Information security and safety concerns factor into “mandatory retirement” timelines for autonomous vehicles V2V and V2I communications decrease over time (vehicles become more “autonomous” in the true sense of the word) because they’ll always be more vulnerable to hacking
#RSAC Further ripple effects
#RSAC
#RSAC
#RSAC What to do next week 36 Automotive, logistics and shipping, and transport: Find your autonomous vehicle pilot groups, and start asking security questions Pay particular attention to connections between vehicles, infrastructure, and people Insurance and vehicle financial services Yours is mostly a conventional data security & privacy challenge, albeit bigger/faster/more Boost the security of consortium and third-party data accessors; they’re a softer target
#RSAC What to do next week (II) 37 Government Offer your expertise to policy and regulatory working groups Media and entertainment You may end up as the customer face of the autonomous vehicle, which makes you accountable for securing it Understand your information security supply chain for these experiences
#RSAC What to do in the next two years Discuss plans for autonomous commute support: Timelines, mechanisms supported, restrictions on employee usage planned Understand consumer and employee privacy expectations and regulatory requirements 38
#RSAC 39 “We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next 10.” --Bill Gates, 1996
SESSION ID: #RSAC Laura Koetzle THANK YOU MBS-T08 +31.20.305.43.45 lkoetzle@forrester.com @lkoetzle For further reference: Autonomous Vehicles Will Reshape The Global Economy

Recommended

The Good, the Bad and the Ugly of the Ultrasonic Communications Ecosystem
The Good, the Bad and the Ugly of the Ultrasonic Communications EcosystemThe Good, the Bad and the Ugly of the Ultrasonic Communications Ecosystem
The Good, the Bad and the Ugly of the Ultrasonic Communications Ecosystem
Priyanka Aash
 
SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.
Priyanka Aash
 
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-RiskStop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
Priyanka Aash
 
Identity-Based Security and Privacy for the Internet of Things
Identity-Based Security and Privacy for the Internet of ThingsIdentity-Based Security and Privacy for the Internet of Things
Identity-Based Security and Privacy for the Internet of Things
Priyanka Aash
 
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and BitcoinCrypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin
Priyanka Aash
 
Aspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security HeadachesAspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security Headaches
Priyanka Aash
 
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryCLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
Priyanka Aash
 
From IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity DivideFrom IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity Divide
Priyanka Aash
 

Recommended

The Good, the Bad and the Ugly of the Ultrasonic Communications Ecosystem
The Good, the Bad and the Ugly of the Ultrasonic Communications EcosystemThe Good, the Bad and the Ugly of the Ultrasonic Communications Ecosystem
The Good, the Bad and the Ugly of the Ultrasonic Communications Ecosystem
Priyanka Aash
 
SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.
Priyanka Aash
 
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-RiskStop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
Priyanka Aash
 
Identity-Based Security and Privacy for the Internet of Things
Identity-Based Security and Privacy for the Internet of ThingsIdentity-Based Security and Privacy for the Internet of Things
Identity-Based Security and Privacy for the Internet of Things
Priyanka Aash
 
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and BitcoinCrypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin
Priyanka Aash
 
Aspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security HeadachesAspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security Headaches
Priyanka Aash
 
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryCLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
Priyanka Aash
 
From IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity DivideFrom IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity Divide
Priyanka Aash
 
Designing Virtual Network Security Architectures
Designing Virtual Network Security ArchitecturesDesigning Virtual Network Security Architectures
Designing Virtual Network Security Architectures
Priyanka Aash
 
Soc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themSoc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- them
Priyanka Aash
 
Pulling our-socs-up
Pulling our-socs-upPulling our-socs-up
Pulling our-socs-up
Priyanka Aash
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security Architecture
Priyanka Aash
 
Agile Security—Field of Dreams
Agile Security—Field of DreamsAgile Security—Field of Dreams
Agile Security—Field of Dreams
Priyanka Aash
 
Security Program Development for the Hipster Company
Security Program Development for the Hipster CompanySecurity Program Development for the Hipster Company
Security Program Development for the Hipster Company
Priyanka Aash
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
Priyanka Aash
 
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Priyanka Aash
 
Cloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponseCloud Breach – Preparation and Response
Cloud Breach – Preparation and Response
Priyanka Aash
 
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Sylvain Martinez
 
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsZero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
Araf Karsh Hamid
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
Red team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfaceRed team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surface
Priyanka Aash
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco Canada
 
Incident response-in-the-cloud
Incident response-in-the-cloudIncident response-in-the-cloud
Incident response-in-the-cloud
Priyanka Aash
 
Threat intel- -content-curation-organizing-the-path-to-successful-detection
Threat intel- -content-curation-organizing-the-path-to-successful-detectionThreat intel- -content-curation-organizing-the-path-to-successful-detection
Threat intel- -content-curation-organizing-the-path-to-successful-detection
Priyanka Aash
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco Canada
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
Cisco Canada
 
Insights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-centerInsights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-center
Priyanka Aash
 
A Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREA Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SRE
James Wickett
 
Blockchain for the Automotive Industry the 2018 Worldwide Survey Results
Blockchain for the Automotive Industry the 2018 Worldwide Survey ResultsBlockchain for the Automotive Industry the 2018 Worldwide Survey Results
Blockchain for the Automotive Industry the 2018 Worldwide Survey Results
Richard Jones
 
Why Cars Need Free Software
Why Cars Need Free SoftwareWhy Cars Need Free Software
Why Cars Need Free Software
Alison Chaiken
 

More Related Content

What's hot

Designing Virtual Network Security Architectures
Designing Virtual Network Security ArchitecturesDesigning Virtual Network Security Architectures
Designing Virtual Network Security Architectures
Priyanka Aash
 
Soc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themSoc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- them
Priyanka Aash
 
Pulling our-socs-up
Pulling our-socs-upPulling our-socs-up
Pulling our-socs-up
Priyanka Aash
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security Architecture
Priyanka Aash
 
Agile Security—Field of Dreams
Agile Security—Field of DreamsAgile Security—Field of Dreams
Agile Security—Field of Dreams
Priyanka Aash
 
Security Program Development for the Hipster Company
Security Program Development for the Hipster CompanySecurity Program Development for the Hipster Company
Security Program Development for the Hipster Company
Priyanka Aash
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
Priyanka Aash
 
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Priyanka Aash
 
Cloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponseCloud Breach – Preparation and Response
Cloud Breach – Preparation and Response
Priyanka Aash
 
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Sylvain Martinez
 
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsZero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
Araf Karsh Hamid
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
Red team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfaceRed team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surface
Priyanka Aash
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco Canada
 
Incident response-in-the-cloud
Incident response-in-the-cloudIncident response-in-the-cloud
Incident response-in-the-cloud
Priyanka Aash
 
Threat intel- -content-curation-organizing-the-path-to-successful-detection
Threat intel- -content-curation-organizing-the-path-to-successful-detectionThreat intel- -content-curation-organizing-the-path-to-successful-detection
Threat intel- -content-curation-organizing-the-path-to-successful-detection
Priyanka Aash
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco Canada
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
Cisco Canada
 
Insights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-centerInsights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-center
Priyanka Aash
 
A Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREA Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SRE
James Wickett
 

What's hot (20)

Designing Virtual Network Security Architectures
Designing Virtual Network Security ArchitecturesDesigning Virtual Network Security Architectures
Designing Virtual Network Security Architectures
 
Soc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themSoc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- them
 
Pulling our-socs-up
Pulling our-socs-upPulling our-socs-up
Pulling our-socs-up
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security Architecture
 
Agile Security—Field of Dreams
Agile Security—Field of DreamsAgile Security—Field of Dreams
Agile Security—Field of Dreams
 
Security Program Development for the Hipster Company
Security Program Development for the Hipster CompanySecurity Program Development for the Hipster Company
Security Program Development for the Hipster Company
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
 
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
 
Cloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponseCloud Breach – Preparation and Response
Cloud Breach – Preparation and Response
 
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
 
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsZero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
Red team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfaceRed team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surface
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
 
Incident response-in-the-cloud
Incident response-in-the-cloudIncident response-in-the-cloud
Incident response-in-the-cloud
 
Threat intel- -content-curation-organizing-the-path-to-successful-detection
Threat intel- -content-curation-organizing-the-path-to-successful-detectionThreat intel- -content-curation-organizing-the-path-to-successful-detection
Threat intel- -content-curation-organizing-the-path-to-successful-detection
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Insights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-centerInsights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-center
 
A Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREA Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SRE
 

Similar to Within 10 Years, Autonomous Vehicles Will Change Every CISO’s Job

Blockchain for the Automotive Industry the 2018 Worldwide Survey Results
Blockchain for the Automotive Industry the 2018 Worldwide Survey ResultsBlockchain for the Automotive Industry the 2018 Worldwide Survey Results
Blockchain for the Automotive Industry the 2018 Worldwide Survey Results
Richard Jones
 
Why Cars Need Free Software
Why Cars Need Free SoftwareWhy Cars Need Free Software
Why Cars Need Free Software
Alison Chaiken
 
The 10 most advanced automotive tech companies of 2020
The 10 most advanced automotive tech companies of 2020The 10 most advanced automotive tech companies of 2020
The 10 most advanced automotive tech companies of 2020
Mirror Review
 
STIX, TAXII, CISA: Impact of the Cybersecurity Information Sharing Act of 2015
STIX, TAXII, CISA: Impact of the Cybersecurity Information Sharing Act of 2015STIX, TAXII, CISA: Impact of the Cybersecurity Information Sharing Act of 2015
STIX, TAXII, CISA: Impact of the Cybersecurity Information Sharing Act of 2015
Priyanka Aash
 
From Driver Distraction to Driver Augmentation: Open Source in Cars
From Driver Distraction to Driver Augmentation: Open Source in CarsFrom Driver Distraction to Driver Augmentation: Open Source in Cars
From Driver Distraction to Driver Augmentation: Open Source in Cars
Alison Chaiken
 
Dumb and dumber or fast and furious
Dumb and dumber or fast and furiousDumb and dumber or fast and furious
Dumb and dumber or fast and furious
Reputelligence
 
Protecting Autonomous Vehicles and Connected Services with Software Defined P...
Protecting Autonomous Vehicles and Connected Services with Software Defined P...Protecting Autonomous Vehicles and Connected Services with Software Defined P...
Protecting Autonomous Vehicles and Connected Services with Software Defined P...
Mahbubul Alam
 
Women Edition: 5. World Automotive Conference
Women Edition: 5. World Automotive ConferenceWomen Edition: 5. World Automotive Conference
Women Edition: 5. World Automotive Conference
Ersin KARA
 
Connected Car Investment Thesis
Connected Car Investment ThesisConnected Car Investment Thesis
Connected Car Investment Thesis
James Harris
 
Automotive Cybersecurity: Shifting into Overdrive
Automotive Cybersecurity: Shifting into OverdriveAutomotive Cybersecurity: Shifting into Overdrive
Automotive Cybersecurity: Shifting into Overdrive
accenture
 
SANS - Developments car hacking - 36607
SANS - Developments car hacking - 36607SANS - Developments car hacking - 36607
SANS - Developments car hacking - 36607
Felipe Prado
 
Connected & Driverless vehicles: the road to Safe & Secure mobility?
Connected & Driverless vehicles: the road to Safe & Secure mobility?Connected & Driverless vehicles: the road to Safe & Secure mobility?
Connected & Driverless vehicles: the road to Safe & Secure mobility?
Bill Harpley
 
Top 10 automotive industry trends and technologies to look for in 2021
Top 10 automotive industry trends and technologies to look for in 2021Top 10 automotive industry trends and technologies to look for in 2021
Top 10 automotive industry trends and technologies to look for in 2021
Katy Slemon
 
Connected Cars Quickly Becoming Part of the Internet of Things (IoT)
Connected Cars Quickly Becoming Part of the Internet of Things (IoT)Connected Cars Quickly Becoming Part of the Internet of Things (IoT)
Connected Cars Quickly Becoming Part of the Internet of Things (IoT)
ParthaS
 
NIX Cybersecurity for Vehicles Powered by AI
NIX Cybersecurity for Vehicles Powered by AI NIX Cybersecurity for Vehicles Powered by AI
NIX Cybersecurity for Vehicles Powered by AI
NIX
 
The Autonomous Revolution of Vehicles & Transportation 6/12/19
The Autonomous Revolution of Vehicles & Transportation 6/12/19The Autonomous Revolution of Vehicles & Transportation 6/12/19
The Autonomous Revolution of Vehicles & Transportation 6/12/19
Mark Goldstein
 
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Connected & Autonomous vehicles: cybersecurity on a grand scale v1Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Bill Harpley
 
SMACIC_Clean
SMACIC_CleanSMACIC_Clean
SMACIC_Clean
Assad Jees
 
EDHEC Keynote Digital Oct 14 2017
EDHEC Keynote Digital Oct 14 2017EDHEC Keynote Digital Oct 14 2017
EDHEC Keynote Digital Oct 14 2017
Greger Ottosson
 
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th..."Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
Edge AI and Vision Alliance
 

Similar to Within 10 Years, Autonomous Vehicles Will Change Every CISO’s Job (20)

Blockchain for the Automotive Industry the 2018 Worldwide Survey Results
Blockchain for the Automotive Industry the 2018 Worldwide Survey ResultsBlockchain for the Automotive Industry the 2018 Worldwide Survey Results
Blockchain for the Automotive Industry the 2018 Worldwide Survey Results
 
Why Cars Need Free Software
Why Cars Need Free SoftwareWhy Cars Need Free Software
Why Cars Need Free Software
 
The 10 most advanced automotive tech companies of 2020
The 10 most advanced automotive tech companies of 2020The 10 most advanced automotive tech companies of 2020
The 10 most advanced automotive tech companies of 2020
 
STIX, TAXII, CISA: Impact of the Cybersecurity Information Sharing Act of 2015
STIX, TAXII, CISA: Impact of the Cybersecurity Information Sharing Act of 2015STIX, TAXII, CISA: Impact of the Cybersecurity Information Sharing Act of 2015
STIX, TAXII, CISA: Impact of the Cybersecurity Information Sharing Act of 2015
 
From Driver Distraction to Driver Augmentation: Open Source in Cars
From Driver Distraction to Driver Augmentation: Open Source in CarsFrom Driver Distraction to Driver Augmentation: Open Source in Cars
From Driver Distraction to Driver Augmentation: Open Source in Cars
 
Dumb and dumber or fast and furious
Dumb and dumber or fast and furiousDumb and dumber or fast and furious
Dumb and dumber or fast and furious
 
Protecting Autonomous Vehicles and Connected Services with Software Defined P...
Protecting Autonomous Vehicles and Connected Services with Software Defined P...Protecting Autonomous Vehicles and Connected Services with Software Defined P...
Protecting Autonomous Vehicles and Connected Services with Software Defined P...
 
Women Edition: 5. World Automotive Conference
Women Edition: 5. World Automotive ConferenceWomen Edition: 5. World Automotive Conference
Women Edition: 5. World Automotive Conference
 
Connected Car Investment Thesis
Connected Car Investment ThesisConnected Car Investment Thesis
Connected Car Investment Thesis
 
Automotive Cybersecurity: Shifting into Overdrive
Automotive Cybersecurity: Shifting into OverdriveAutomotive Cybersecurity: Shifting into Overdrive
Automotive Cybersecurity: Shifting into Overdrive
 
SANS - Developments car hacking - 36607
SANS - Developments car hacking - 36607SANS - Developments car hacking - 36607
SANS - Developments car hacking - 36607
 
Connected & Driverless vehicles: the road to Safe & Secure mobility?
Connected & Driverless vehicles: the road to Safe & Secure mobility?Connected & Driverless vehicles: the road to Safe & Secure mobility?
Connected & Driverless vehicles: the road to Safe & Secure mobility?
 
Top 10 automotive industry trends and technologies to look for in 2021
Top 10 automotive industry trends and technologies to look for in 2021Top 10 automotive industry trends and technologies to look for in 2021
Top 10 automotive industry trends and technologies to look for in 2021
 
Connected Cars Quickly Becoming Part of the Internet of Things (IoT)
Connected Cars Quickly Becoming Part of the Internet of Things (IoT)Connected Cars Quickly Becoming Part of the Internet of Things (IoT)
Connected Cars Quickly Becoming Part of the Internet of Things (IoT)
 
NIX Cybersecurity for Vehicles Powered by AI
NIX Cybersecurity for Vehicles Powered by AI NIX Cybersecurity for Vehicles Powered by AI
NIX Cybersecurity for Vehicles Powered by AI
 
The Autonomous Revolution of Vehicles & Transportation 6/12/19
The Autonomous Revolution of Vehicles & Transportation 6/12/19The Autonomous Revolution of Vehicles & Transportation 6/12/19
The Autonomous Revolution of Vehicles & Transportation 6/12/19
 
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Connected & Autonomous vehicles: cybersecurity on a grand scale v1Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
 
SMACIC_Clean
SMACIC_CleanSMACIC_Clean
SMACIC_Clean
 
EDHEC Keynote Digital Oct 14 2017
EDHEC Keynote Digital Oct 14 2017EDHEC Keynote Digital Oct 14 2017
EDHEC Keynote Digital Oct 14 2017
 
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th..."Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
 

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
Priyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
Priyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
Priyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
Priyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
Priyanka Aash
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
Priyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Priyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
Priyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
Priyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
Priyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
Priyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
Priyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Priyanka Aash
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Priyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Priyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Recently uploaded

AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
Ajin Abraham
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
saastr
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
DianaGray10
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
DianaGray10
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
Pablo Gómez Abajo
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
BibashShahi
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 

Recently uploaded (20)

AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Artificial Intelligence and Electronic Warfare
Artificial Intelligence and Electronic WarfareArtificial Intelligence and Electronic Warfare
Artificial Intelligence and Electronic Warfare
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 

Within 10 Years, Autonomous Vehicles Will Change Every CISO’s Job

  • 1. SESSION ID: #RSAC Laura Koetzle WITHIN 10 YEARS, AUTONOMOUS VEHICLES WILL CHANGE EVERY CISO’S JOB MBS-T08 Vice President, Group Director. Forrester Research @lkoetzle
  • 2. #RSAC How many of you came to this session today because you wanted to see just how crazy this idea was?
  • 3. #RSAC 3 “I think there is a world market for maybe five computers.” --Thomas Watson, chairman of IBM, 1943
  • 7. #RSAC How do we define autonomy? 7
  • 8. #RSAC SAE’s 6 Levels of Automation 8 SAE level Name Execution of Steering and Acceleration/Deceleration Human driver monitors the driving environment 0 No Automation Human driver 1 Driver Assistance Human driver and system 2 Partial Automation System Automated driving system monitors the driving environment 3 Conditional Automation System 4 High Automation System 5 Full Automation System Source: SAE J3016, SAE International
  • 9. #RSAC Experts disagree about where the road leads. 9
  • 16. #RSAC Information security implications: Automotive 16 Current model: “Vehicle only talks to the manufacturer’s back end. Problem solved.” Over the air (OTA) vehicle system updates are tempting targets for introducing systemic vulnerabilities In-vehicle component architecture is segmented, and third parties can only get CAN-bus data from the OEM
  • 18. #RSAC Information security implications: Logistics and shipping 18 Current autonomous vehicle system design doesn’t assume active sensor interference Current collision algorithms don’t handle steep grades well, creating exploitable vulnerabilities Platooning will win over Level 3 autonomy
  • 20. #RSAC Information security implications: Insurance and vehicle finance 20 Manufacturers, insurers, and public sector argue over ownership, use, and sharing of vehicle data Compromise solutions involve “neutral” servers to mirror OEM data and allow access to authorized third parties. Usage-based insurance (UBI) gives OEMs and insurers joint profit opportunities, but data output can drive controlling or discriminatory behavior
  • 22. #RSAC Information security implications: Media and entertainment 22 Your firm needs ethical data usage guidelines on in-vehicle marketing and sponsored rides, too. Just because you can, doesn’t mean you should. Autonomous vehicles drive finer-grained entitlements
  • 24. #RSAC Information security implications: Public sector 24 Vehicle to infrastructure (V2I) communication drives spoofing and poisoning attacks on public services (traffic, bridge closure updates, etc) City planners, infrastructure engineers, and transport policymakers need infosec help to play “what if” and incent useful behavior
  • 26. #RSAC Information security implications: Information security and privacy 26 Autonomous vehicle security is indeed “just” an IoT security case. But each IoT security case is special. 10 years on, your firm will subsidize employees’ autonomous commutes; you will need to update employee relations and cyber-risk insurance policies to match
  • 27. #RSAC Three phases of transformation:
  • 28. #RSAC Three phases of transformation 28 Phase 1 2017 to 2020 Phase 2 2020 to 2025 Phase 3 2025 and beyond  Warehouse automation  Freight vehicle convoying/platooning  Autonomous inland freight vessels and harbor convoys  Vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications  Insurance rates rise  Last mile autonomous drone deliveries  Mobile parcel lockers  All vehicles in Singapore and newly-built cities in China are autonomous  Auto insurance rates fall  Tesla no longer makes cars
  • 29. #RSAC What does the threat model look like in each of the three phases?
  • 30. #RSAC Threat model: Phase one (2017-2020) 30 Attacks on OTA updates of autonomous vehicle systems Companies transgress standards of ethical data usage, suffer losses of customer trust and fines (think EU GDPR enforcement) Third-party data sharing arrangements between OEMs, insurers, regulators, and service providers become prime targets
  • 31. #RSAC Threat model: Phase two (2020-2025) 31 Attempted spoofing, poisoning, or disruption of V2V and V2I communications goes mainstream Sponsored rides and other in-vehicle advertising become targets; fraudsters get paid for spoofed eyeballs and deliberately flawed targeting
  • 32. #RSAC Threat model: Phase three (2025-beyond) 32 Information security and safety concerns factor into “mandatory retirement” timelines for autonomous vehicles V2V and V2I communications decrease over time (vehicles become more “autonomous” in the true sense of the word) because they’ll always be more vulnerable to hacking
  • 34. #RSAC
  • 35. #RSAC
  • 36. #RSAC What to do next week 36 Automotive, logistics and shipping, and transport: Find your autonomous vehicle pilot groups, and start asking security questions Pay particular attention to connections between vehicles, infrastructure, and people Insurance and vehicle financial services Yours is mostly a conventional data security & privacy challenge, albeit bigger/faster/more Boost the security of consortium and third-party data accessors; they’re a softer target
  • 37. #RSAC What to do next week (II) 37 Government Offer your expertise to policy and regulatory working groups Media and entertainment You may end up as the customer face of the autonomous vehicle, which makes you accountable for securing it Understand your information security supply chain for these experiences
  • 38. #RSAC What to do in the next two years Discuss plans for autonomous commute support: Timelines, mechanisms supported, restrictions on employee usage planned Understand consumer and employee privacy expectations and regulatory requirements 38
  • 39. #RSAC 39 “We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next 10.” --Bill Gates, 1996
  • 40. SESSION ID: #RSAC Laura Koetzle THANK YOU MBS-T08 +31.20.305.43.45 lkoetzle@forrester.com @lkoetzle For further reference: Autonomous Vehicles Will Reshape The Global Economy