The Future Evolution of Cybersecurity

Cybersecurity Prediction ConferenceOctober 12th 2014, Rome Italy

Matthew RosenquistCybersecurity Strategist, Intel Corp

Biography

2

Matthew RosenquistCybersecurity StrategistIntel Security Group

Matthew benefits from 20 years in the field of security, specializing in strategy, threats, operations, crisis management, measuring value, communicating industry changes, and developing cost effective capabilities which deliver the optimal level of security. As a cybersecurity strategist, he works to understand and communicate the future of security and drive industry collaboration to tackle challenges and uncover opportunities to significantly improve global computing security.

Mr. Rosenquist built and managed Intel’s first global 24x7 Security Operations Center, overseen internal platform security products and services, was the first Incident Commander for Intel’s worldwide IT emergency response team, and managed security for Intel’s multi-billion dollar worldwide mergers and acquisitions activities. He has conducted investigations, defended corporate assets, established policies, developed strategies to protect Intel’s global manufacturing, and owned the security playbook for the PC strategic planning group. Most recently, Matthew worked to identify the synergies of Intel and McAfee as part of the creation of the Intel Security Group, one of the largest security product organizations in the world.

Twitter @Matt_RosenquistLinkedIn Blogs Intel IT Peer Network

Technology connects and enriches the lives of every

person on earth

Security is critical to protect computing technology

from threats which undermine the health of

the industry

“...If security breaks down, technology breaks down”

Brian KrebsNoted Cybersecurity Reporter

5

• Understand the value of security in technology and shifting trends

• Better insights to today’s challenges and prepare for tomorrows dangers

• Identify opportunities and best practices for better security across the industry

• Define what success looks like:

• How do we prepare?

• How do we achieve sustainable security?

• Can we maintain an optimal balance of risk?

Peering into the future of cybersecurity

Chain Reactions Drive Cybersecurity Evolution…

6

Technology-Landscape Environmental changes

Graphic

7

More Users

~4B internet users by 2020

6.6B mobile cellular accts 2013

New users are less savvy, more likely to share sensitive data

Easier to manipulate & victimize

More Devices

50B ‘things’ connected by 2020

35% will be M2M connections

Proliferation of sensor data

New architecture vulnerabilities

More Usages

New services, applications, social ecosystems, and infrastructures

New data types, aggregation

Risky behaviors, untested tech, and unforeseen consequences

Technology-Landscape Environmental changes

8

More Data

13x increase of mobile data 2012-17

3x data increase by 2018

30GB per person/mo. (2x 2013)

18% CAGR of Business traffic

Cheaper to store data vs delete

Greater Value

$14T Internet of Things value, 2022

$90T value of the networked economy by end of next decade

Enterprises responsible 85% data

Controlling financial, defense & critical infrastructure

Personal activity and health telemetry

Evolving IT Infrastructures

M2M, Software Defined Infrastructures (SDDC, SDN, Virtualization), cloud

4x DC traffic by 2018, 31% CAGR

13,300 trillion connections by 2020

Internet of Things M2M networks will grow fastest

ITU International Telecommunications Union

9

A growing target-rich environment of more users, data, and devices

Motivation for attacks rise as information and systems increase in value

New technology adoption, infrastructures, and usages creates a larger attack surface

Easy Users/Devices/Data Target Graphic

Effects of Technology-Landscape changes

More attractive targets emerge asopportunities for attacks

Threat Evolution

10

Threat Agents Evolve

Rise of government surveillance,

cyberwarfare, information control

Social, political attacks, outsourcing

Motivations shift from personal

gains to aspirations of control

Investment grows

Powerful, organized, and well funded new threat agents

Resources & community thrives

Success reinforces investment and attracts new attackers

Nation-state ‘equalizer’

Seeking New Targets

Government, industrial, business

Satisfy dark-markets and for-profit vulnerability research

Hardware attacks up, POS, mobile, ATM, vehicles, industrial

Attackers maintain the initiative

$400b

Annual

cost of

global cybercrime

Threat Evolution

11

Security talent pool shrinks

70% orgs are understaffed

58% senior and 36% staff level positions went unfilled in 2013

High leadership turnover

Tools and Methods

Powerful tools and code emerge

Reverse-engineering and reuse

15% of vulnerabilities exploited

Markets for exploits, services, vulnerabilities, data, and skills

Threats Accelerate

Professionals emerge, educated, organized, focused, and capable

Attacking further down the stack, firmware and base code

Faster reconnaissance, recruiting, and development of compromises

12

Attackers capabilities increases with investments, experience, and professional threat agents

Successes boosts confidence, raises the lure for more attacks and boldness to expand scope

Defenders struggle with a growing attack surface, challenging effectiveness models, lack of talent, and insufficient resources

Effects of the Threat Evolution

Threats advance, outpacing defenders

The Race to Evolve is On!

Impacts and Effects

13

Speed of Attacks

Increased pace: vulnerability to

exploit to compromises

New malware at 4 per second

1M+ victims/day (12/second)

Collective impact

$3T impact to the tech market

20%-30% of IT budgets

Privacy, personal finance

Emerging Life-Safety risks

Stress and Fear

Outages, downtime, reporting

Data breaches, reputation, IP

Job loss, brand, competition, downsize, other major impacts,

What’s next?

An average Day in an Average

Enterprise

49%

Impacts and Effects

14

Annual malware growth rate200M+ total malware samples

Organizations sufferingdata loss

Online adults victims of cybercrime or negative situations

Worldwide IT security spending in 2014, 7.9% increase

Organizations compromised by attacker bypassing all defenses

552MTotal identities exposed in 2013,

493% increase

$71B 97%

93%50%31 million

New 3-monthrecord

4 Levels of Cybersecurity Impacts

15

Denial of Service (A)• Access of customers• Availability of data,

systems, & services• DDOS network attacks,

ransom-ware data locking attacks

Data Theft& Exposure (C)• ID Theft• Privacy• Data Breach• Transaction data• Database hacks,

skimming, lost storage, keylogging

Monitor & Manipulate (I)• Internal-access

surveillance for advantage

• Tamper / Manipulation• Long-term data

gathering campaign

Own & Obliterate (C/I/A)• Administrative ownership and control• Capability of unrecoverable obliteration• Strategic attack, undermining of org capability

Security Competency

Attacker Innovation

Today, we are here.

We have yet to experience, understand, and adapt to

emerging impacts

16

Users are impacted more and more. Awareness increases and security issues are recognized as a serious problem

Organizations feel the pain in losses, negative press, interruption, leadership, & competitiveness

Demands for more securely designed products, trustworthy vendors, better user-behaviors, advanced security systems, and more regulation to protect assets, usability, privacy, and availability

Effects of Impacts

Expectations around security rise, driving change

www.informationisbeautiful.net

Defenses Respond

Graphic

17

Comprehensive

Security as a continuous cycle

Defense-In-Depth process

Technology and Behaviors

Obstacles and Opposition

Ubiquitous

Security must follow data from creation to deletion

Layered across IT ecosystem

Contextual aspects gain in importance

Seeking Optimal Risk

Risk management planning

Perceptions by executives

Balancing the triple constraints of Cost, Risk, and Usability

Meeting users shifting demands

18

Unified

Consolidation of security functions

Independent security controls work together

Security industry collaborates across usages

Better Designs

Industry standards & BKM’s evolve for specific threats

Trustworthy products, designed to be harder to compromise

Robust architectures with built-in security for detection & response

Explicit Regulations

Increase in number and specificity

Raise the bar, but not a guarantee of security

Cover more segments and usages

Can be impediments to growth

Defenses Respond

The Future of Securing Technology

19

Smart Security innovation must deliver more capable solutions to keep pace with threats

Ubiquitous Security must protect data wherever it exists or is used, for all parties and devices across the compute landscape

Trusted Technology and security providers must be trustworthy, in the creation and operation of their products

Strong Products and services must be hardened to resist compromise and make security transparent to users

Open Platforms and security standards must be open to promote collaboration and accelerate adoption

The compute industry

must transform to

become sustainably

secure

Good Practices will Emerge…

20

Smarter vs More

Collaboration across security functions improving effectiveness

Better IT choices & enablement

Measurably balancing the triple constraints of risk, cost, & usability

Expectations Drive Change

Society’s expectations shift with pain, impact, and inconvenience

Trust will be valued, demanded

Better security, privacy, and more control (even if it is not used)

Improved controls

Innovation intersecting emerging attacks to keep pace with attackers

Integration across solutions vs point products

Intelligence, analysis, and action

Analysis Conclusion

21

Verge of rapid changes, will get worse before it gets better

Threat landscape becomes more professional, organized, and funded

Technology ecosystem grows rapidly, creating new attack surfaces

Value of security rises in the eyes of the public, government, and commercial sectors

Attackers will outpace defenders in the short term, until fundamental changes take place

Defenses will evolve to be smarter, with optimal and sustainable security as the goal

Recommendations

22

Leadership is crucial. Take definitive steps to be ahead of the risk curve. Do what is great, while it is small…

Seek an optimal and sustainable level of security

Stay aware of your threats, assets, controls, and exposures over time

Get in front of technology adoption and leverage security to enable rather than impede desired usages

Treat security as a cycle. Prevention is important, but is never impervious. Plan across the cycle, including feedback loops for continual improvement

Leverage defensive advantages, experts, and continuously implement industry best-known-methods

Stay positive, keep learning, and collaborate across the community. We are stronger together than individually

23

Security Industry Data and Sources

24

• 3.6B people by 2020. Source: ITU International Telecommunications Union• 6.6B mobile cellular subscriptions in 2013. Source: WorldBank.org• Growth of devices chart. Source: BI Intelligence• 50B ‘things’ connected by 2020. Source: Cisco• 35% will be M2M connections. Source: Cisco• More Data growth estimate graphic Source: IDC• 13x increase of mobile data 2012-17 Source: Cisco • 3x data increase by 2018 Source: Cisco• 30GB per person/mo. (2x 2013) Source: Cisco• 18% CAGR of Business traffic Source: Cisco• $14.4 trillion dollars by 2022Internet of Things value. Source: Cisco• Theoretical network connections table. Source: Cisco• 4x DC traffic by 2018, 31% CAGR. Source: Cisco• 13,300 trillion connections by 2020. Source: Cisco• 70% of organizations claim they do not have enough IT security staff. Source: Ponemon Institute report: Understaffed and at Risk• 58% of senior staff positions and 36% of staff positions went unfilled in 2013. Source: Ponemon Institute report: Understaffed and at Risk• 15% of vulnerabilities exploited Source: University of Maryland• Average Day in an Average Enterprise Stopwatch. Source: Check Point Security Report 2014• New malware at 4 per second. Source: McAfee• 1M+ victims/day (12/second). Source: McAfee• $3T impact to the tech market: Source: World 2014 World Economic Forum’s Risk and Responsibility in a Hyperconnected World • 20%-30% of IT budgets. Sources: McKinsey report (20-30%), Forrester 21%, SANS 11%-25%• 49%, 200M+ total malware samples 240 per minute, 4 per second Source: McAfee Threat Report Q1 2014• 50% Online adults victims of cybercrime or negative situations Source: Symantec• 93% Organizations suffering data loss: Source: UK Government BIS survey 2013• $71B Worldwide IT security spending in 2014, 7.9% increase Source: Gartner• 97% Organizations compromised by attacker bypassing all defenses. Source: FireEye and Mandiant report Cybersecurity’s Maginot Line• 552M Total identities exposed in 2013, 493% increase Source: Symantec• Data Breach bubble graph. Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/