a strategy for addressing cyber security challenges
TRANSCRIPT
![Page 1: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/1.jpg)
A Strategy for Addressing Cyber Security Challenges
Mustaque Ahamad Professor of Computer Science, Georgia Ins>tute of Technology Global Professor of Engineering, New York University Abu Dhabi
Co-‐founder and Chief Scien>st, Pindrop Security
![Page 2: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/2.jpg)
A Couple of Observa>ons • Cyber security has become an extremely important problem for people, businesses and governments.
• Addressing cyber security challenges presents serious challenges.
• Cyber now reaches into cri>cal physical systems.
• Cyber security is going to be a journey, not a des>na>on.
![Page 3: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/3.jpg)
Are Things Really Bad? • Growing sophis>ca>on of the threat landscape – Cyber criminals, hack>vits, terrorists and na>on-‐states – Cyber crime costs are reaching half a trillion dollars (In India, 0.21% of GDP, McAfee 2014 Report)
– Greatest transfer of wealth (Keith Alexander, hXp://foreignpolicy.com/2012/07/09/nsa-‐chief-‐cybercrime-‐cons>tutes-‐the-‐greatest-‐transfer-‐of-‐wealth-‐in-‐history/ )
• Complex technology ecosystem – “Reflec>ons on trus>ng trust”
• People, processes and coordina>on across mul>ple stakeholders
![Page 4: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/4.jpg)
Threats + Vulnerabili>es => AXacks • Can we make threats go away?
• AXribu>on is extremely difficult • Global and transna>onal
• How can we address vulnerabili>es? • Security errors in sofware (over 1700 entries in NVD in last 3 months)
• Asymmetry – aXackers only need to find one bug, we need to fix all
• People are weak links • Only higher assurance, no perfect security – Stronger preven>on and early detec>on – Faster recovery and remedia>on
![Page 5: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/5.jpg)
So, What Can We Do? • Educa>on – Developing the “security mindset” – Undergraduate and graduate programs
• Research – Rapidly evolving field
• Policy, legal and regula>on – It is much more than technology
![Page 6: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/6.jpg)
Educa>ng Cyber Security Professionals • US Na>onal Ini>a>ve for Cybersecurity Educa>on (NICE) hXp://csrc.nist.gov/nice/framework/
![Page 7: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/7.jpg)
Capacity Building for Educa>ng Cyber Security Professionals
• What do we do? – Undergraduate or graduate programs? – Integra>ng security concepts in CS curriculum? – Voca>onal programs?
• How do we do it? – So, where do we find cyber security faculty? – Developing hands on projects and laboratories
• US Response – Centers of Excellence Program (NSA/DHS) – Scholarship-‐for-‐Service (SFS) Program) – NSF SaTC Educa>on Projects
• Curriculum development, sharing, workshops etc.
![Page 8: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/8.jpg)
Research Capacity Building • Evolving threat landscape and rapidly changing technologies – Gelng ahead of emerging threats – “Test and verify” rather than “trust but verify”
• Diverse set of research challenges – Trustworthiness of technology to human dimension
• Real-‐world impact of research – Tech transfer and commercializa>on
![Page 9: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/9.jpg)
Example I: Malware Analysis • Scalable malware analysis system processes approximately 250K samples a day
• Extrac>ng features from communica>on paXerns
• Big data due to deep packet analysis and event volume
• Machine learning for aXribu>on • Visualiza>on and ac>onable intelligence
Mariposa Botnet Tracking and Takedown
![Page 10: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/10.jpg)
Example II: Data-‐Driven Cyber Risk • Collect cyber risk relevant data from mul>ple sources – Vulnerabili>es – Exploit kits and malware – AXack data (public and private)
• Analy>cs and visualiza>on – Lean back and lean forward
Calendar view of reported vulnerabili>es
![Page 11: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/11.jpg)
Na>onal R&D Strategy: US Example • Na>onal Science Founda>on Secure and Trustworthy
(SaTC) – Launched afer developing a na>onal strategy (
hXps://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf)
– Interdisciplinary including behavioral and economic aspects • DHS, DARPA and NSA Ini>a>ves
– Cri>cal infrastructure security (CPS) – Resilient and transparent compu>ng – Science of security
• Networking and Informa>on Technology Research and Development (NITRD) Program – Coordinated across mul>ple agencies – High level goal is to maintain US technological leadership in this field
![Page 12: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/12.jpg)
Cyber Security Policy • Policy development is as important as best technical safeguards
• Should companies and government agencies required to prac>ce certain level of cyber hygiene?
• Informa>on sharing and coordina>on • Privacy • Legal and enforcement issues
![Page 13: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/13.jpg)
Lessons Learned • Educa>on capacity building – Aggressively support centers like CERC IIIT Delhi – CS curriculum needs to be augmented with cyber security offerings at all levels
– “Educa>ng the educators” – summer schools, workshops and hosted programs
– What do we do about faculty? • Incen>ves for CS faculty members to shif/expand their research into cyber security • Be crea>ve (professor of prac>ce, global professor etc.)
![Page 14: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/14.jpg)
Lessons Learned Contd. • Research capacity building
– You cannot be a major player without a strong research base • How many papers at security conferences from India?
– Launch/seed a few ambi>ous (and high risk) research projects like NSF’s fron>ers
– Start/get security conferences to India to grow the community – Applied research exper>se
• Cannot only rely on security vendor professionals for crisis handling • CDC for cyber, CERT 2.0?
– Coordina>on across Na>onal Labs, DRDO?? – Home grown cyber security companies??
![Page 15: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/15.jpg)
Lessons Learned Contd. • Cyber security is much more than technology – Policy, regulatory and legal dimensions – Cyber security maturity model and best prac>ces – Preparedness assessment – Conversa>ons at the highest level (WEF ini>a>ve) – Informa>on sharing, coordina>on and mutual aid – Informal trust networks
![Page 16: A Strategy for Addressing Cyber Security Challenges](https://reader034.vdocuments.net/reader034/viewer/2022052509/55a6facc1a28abe80d8b465b/html5/thumbnails/16.jpg)
Conclusions • Cyber risk ranks among the top global risks (2015 WEF Global risks report)
• Na>onal response is of cri>cal importance • Need to move at “network speed” • It is all about capacity building • Ignore research at your own peril