How the Surveillance State is
Changing IT Security Forever
Richard Stiennon
September 4, 2013
Wednesday, September 4, 13
June 6, 2013. It begins
Wednesday, September 4, 13
Why SIGINT matters
Wednesday, September 4, 13
Scenarios
• Member of Congress contacts with
stock brokers
• Volume of calls between acquirer
and target
• CEO-CFO interac...
If only it were just meta data
...the Justice Department has secretly
interpreted federal surveillance law to
permit thous...
“Collect everything”
Wednesday, September 4, 13
PRISM Rogue’s Gallery
Wednesday, September 4, 13
The Destruction of Trust
• US tech companies will be the victims
• US cloud services already suffering
• Attestations bein...
The New Threat Hierarchy
• Surveillance State
• Information Warfare
• CyberCrime
• Hactivism
• Vandalism
• Experimentation...
$652 million Project Genie
Additionally, under an extensive effort code-named GENIE,
U.S. computer specialists break into ...
Implications for security
vendors
• The state as threat actor
• Researching NSA malware
• Defending against NSA surveillan...
Enterprise is compromised
• If every employee’s email and phone
conversations are captured what are
breach notification req...
Re-vamping enterprise security
• A universal threat must be met with
universal security
• Spending on encryption set to do...
Ten fold increase in spending
0
175
350
525
700
2003 2013 2023
IT Security Spending in $billions
hacking
cyber crime
cyber...
Upcoming SlideShare
Loading in …5
×

How the Surveillance State Changes IT Security Forever

23,791 views

Published on

The NSA's appetite for collecting all data has hurt the US tech industry. Trust has been broken on many fronts. Security spending set to explode by a factor of ten to counter the surveillance state.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
23,791
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

How the Surveillance State Changes IT Security Forever

  1. 1. How the Surveillance State is Changing IT Security Forever Richard Stiennon September 4, 2013 Wednesday, September 4, 13
  2. 2. June 6, 2013. It begins Wednesday, September 4, 13
  3. 3. Why SIGINT matters Wednesday, September 4, 13
  4. 4. Scenarios • Member of Congress contacts with stock brokers • Volume of calls between acquirer and target • CEO-CFO interactions • Journalist-whistleblower interactions • Petraeus-Broadwell Guardian image Wednesday, September 4, 13
  5. 5. If only it were just meta data ...the Justice Department has secretly interpreted federal surveillance law to permit thousands of low-ranking analysts to eavesdrop on phone calls. Wednesday, September 4, 13
  6. 6. “Collect everything” Wednesday, September 4, 13
  7. 7. PRISM Rogue’s Gallery Wednesday, September 4, 13
  8. 8. The Destruction of Trust • US tech companies will be the victims • US cloud services already suffering • Attestations being asked for by EU clients Wednesday, September 4, 13
  9. 9. The New Threat Hierarchy • Surveillance State • Information Warfare • CyberCrime • Hactivism • Vandalism • Experimentation Wednesday, September 4, 13
  10. 10. $652 million Project Genie Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed "covert implants," sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions. -Washington Post Wednesday, September 4, 13
  11. 11. Implications for security vendors • The state as threat actor • Researching NSA malware • Defending against NSA surveillance Wednesday, September 4, 13
  12. 12. Enterprise is compromised • If every employee’s email and phone conversations are captured what are breach notification requirements? • HIPPA? • GLB? • SOX? Wednesday, September 4, 13
  13. 13. Re-vamping enterprise security • A universal threat must be met with universal security • Spending on encryption set to double this year • Protecting keys will lead to massive investment in security Wednesday, September 4, 13
  14. 14. Ten fold increase in spending 0 175 350 525 700 2003 2013 2023 IT Security Spending in $billions hacking cyber crime cyber espionage surveillance state $639 Billion Wednesday, September 4, 13

×