Matthew Rosenquist Cybersecurity StrategistJanuary 2017

Cybersecurity may be fought with technology, but it is people who triumph.

We must invest in the future generations of professionals who will carry on the fight.

Agenda

Introduction

Future challenges in cybersecurity drive demand

Industry best practices and perspectives

Cybersecurity industry workforce opportunities

Needed skills, training, and student resources

Questions and Answers discussion

BiographyMatthew RosenquistCybersecurity Strategist and Evangelist, Intel Corporation

25 years in the field of security, specializing in strategy, threats, operations, crisis management, measuring value, communications, and establishing strategic organizations which deliver optimal security capabilities.

As a cybersecurity strategist, he champions the meaningfulness of security, advises on emerging opportunities and threats, drives industry collaboration, and advocates a sustainable balance of cost, controls, and productivity across business, governments, and academic sectors.

• Consults globally to governments, academia, business, and cybersecurity professionals• Built and managed Intel’s global Security Operations Center• First Incident Commander for Intel’s worldwide CERT • Managed security for Intel’s multi-billion dollar worldwide M&A activities• Overseen internal platform security products and services • Strategic planner for the Intel Architecture security playbook• Unified synergies forming the 3rd largest global security product organization• Conducted investigations, defended corporate assets, established policies, developed strategies to

protect Intel’s global manufacturing

Matthew is an outspoken evangelist and advocate of cybersecurity who delivers keynotes, speeches, lectures, and has a significant social following of security technologists and global professionals.

4

Twitter: @Matt_RosenquistLinkedIn Blogs: https://www.linkedin.com/today/author/matthewrosenquist

Future Cybersecurity Challenges drive demand

5

Security Industry Needs Leadership

“...If security breaks down, technology breaks down”

Brian KrebsNoted Cybersecurity Reporter

Innovation Drives Risk Convergence

New technology bridges the virtual and physical worlds, to connect and enrich peoples lives

Rapid Shift of Skills in the Industry

Needed skills will change over time, as security, privacy, and safety evolve.

Strategies will evolve, to expand what is possible, in order to align with shifting expectations.

The next generation of security professionals must understand and be able to contribute to the delivery of best-known-practices.

Evolving Landscape, Adversaries, and Battlefield

i29 countries

Have formal cyberwarfare units

i63 countries

Use cyber tools for surveillance

i

$19 billion US 2017 proposed

budget for cybersecurity

i$6 trillion

Cyber-crime impact globally by 2021

i200% increase

In cyber-crime in the last 5 years

i$3 –$90 trillion

Aggregate innovation impact of cyber-risks by 2020

Ha

rd

-

Att

ack

Dif

ficu

lty

-

Ea

sy

IMPACT GOES FAR BEYOND

Cybersecurity costs

typically measured as part

of an incident

Actual costs of long term

impacts including lost

contract revenue, operational

disruption, devaluation of

trade name, loss of IP, rises in

insurance premiums,

increased cost to raise debt,

customer relationship impacts

%COST

~1%*

Source: US Tech Manufacturing Company Case Study , Deloitte

~99%

i35% US population

Healthcare records exposedin 2015

i400k New Malware/Day

575 million uniquesamples of malware exist

i+2 Billion Users

4 billion users online by 2020, up from 2+ billion in today

i50-200 Billion Devices

Connected to theInternet by 2020

i25+ Million Applications

Connected by 2020 creating 50x the volume of data

9

Changing Digital World

10

Growing Number of Users: 4B connected people

More Users

New Devices

Innovative Usages

Generating Vast Data

Sensitive Functions

Increased Target Value

New Devices Types: 50-200B IoT devices

Innovative Usages and Access: 25M+ applications

Creation of Vast Amounts of Data: 50 Trillion gigabytes

Critical Functionality: Infrastructure, Defense, Transportation

Creates Targets with Increased Value

4 Levels of Cybersecurity Impacts

11

Denial of Service (A)• Access of customers• Availability of data,

systems, & services• DDOS network attacks,

ransom-ware data locking attacks

Data Theft& Exposure (C)• ID Theft• Privacy• Data Breach• Transaction data• Database hacks,

skimming, lost storage, keylogging

Monitor & Manipulate (I)• Internal-access

surveillance for advantage

• Tamper / Manipulation• Long-term data

gathering campaign

Own & Obliterate (C/I/A)• Administrative ownership and control• Capability of unrecoverable obliteration• Strategic attack, undermining of org capability

Security Competency

Attacker Innovation

Attacks evolve over time for different technology

and usages

Security Futures Summary:

12

1. Threats remain equitable to the growth and use of technology

2. Age of massive connectivity (ex. IoT, mesh, 5G/6G, blockchains, etc.) drives opportunities (for good and bad – cyber threats will take advantage)

3. Society expectations raise for cyber security, privacy, and safety

4. Tipping points approach: threats to life-safety, cybercrime hyper-growth, offensive cyberwarfare

5. Pendulum swings towards more security, ultimately settles for an optimal balance (regulatory, nation-states, technology innovators/manufacturers)

6. Emerging data, devices, and services are targeted by Threat Agents pursuing their objectives, driven by their specific motivations

Industry best practices and perspectives

13

The Best Organizationsa

Seeks Optimal Risk

Risk management planning

Anticipates impacts

Balance Cost, Risk, & Usability

Adapts to shifting demands

Comprehensive Processes

Security as a continuous cycle

Continuous improvement process

Technology and Behaviors

Obstacles and Opposition

Leads into the Future

Clearly defines success

Plans for a sustainable future

Roles and accountability

Continuously adapting

14

Important Considerations…

15

Smarter vs More

Collaboration across security functions improving effectiveness

Better IT choices & enablement

Properly balancing the risk, cost, and usability constraints

Expectations Drive Change

Society’s expectations shift with pain, impact, and inconvenience

Trust will be valued, demanded

Security, privacy, and controls will align with greater impacts

Controls Must Adapt

Innovation intersecting emerging attacks to keep pace with attackers

Static defenses are easy to defeat

Intelligence, analysis, and actions must feedback to improve systems

Future Technology to be Designed with Security

Smart Security innovation must deliver more capable solutions to keep pace with threats

Ubiquitous Security must protect data wherever it exists or is used, for all parties and devices across the compute landscape

Trusted Technology and security providers must be trustworthy, in the creation and operation of their products

Strong Products and services must be hardened to resist compromise and make security transparent to users

Open Platforms and security standards must be open to promote collaboration and accelerate adoption

Security must be part of the design

for future technology. Adding security after, is no longer sufficient or

sustainable

16

Cybersecurity industry workforce opportunities

17

Lack of Security Talent Hinders the Industry

The lack of qualified cybersecurity talent will greatly restrict the growth and effectiveness of security teams.

Academia is working to satiate demand, an estimated 2 million unfilled cybersecurity positions by 2017, but it will take time.

Result:1. Salaries will continue to rise until demand is met2. Headhunting and retention of top talent becomes

ruthlessly competitive3. Leadership and technical roles in greatest demand4. Outsourcing to MSSP’s and security firms will increase

Cybersecurity Workforce Shortage

o 1.5-2 million estimated unfilled positions by 2017

o Job postings rose 91% (2010-2014)

o Leaders and engineers in highest demand

o Professional Services, Finance, Defense and Manufacturing are leading sectors

o Finance, Healthcare, and Retail are growing fastest

o ‘Hybrid’ jobs are increasing, contributing to demand

Needed skills, training, and student resources

20

Skills and Training

The best way to prepare the next generation of cybersecurity professionals:

• Hard Skills (technical)

• Soft Skills (behavior)

• Experience (contextual)

• Job Market Insights (opportunity data)

Hard Skills

Soft Skills

Experience

Job Market Insights

Navigate to

Success

Soft Skills are Important1. Dependability – Being dependable means that you do what you say you will, when you say you will. You can be trusted

to complete any task, and you will do it well.

2. Motivation – You should be able to motivate yourself to get tasks done, and take the initiative to find new ways to improve upon not only yourself and your work, but also your organization.

3. Communication – This is one of those skills you hear about all the time, and that’s for a reason. Communication is the key to any human interaction, especially in the workplace.

4. Commitment – Employers want to know that you’re not only committed to the company and your job, but to turning out the best work you can, every time.

5. Creativity – Can you think about problems in a new and interesting way? Show your employer how.

6. Problem Solving – If you’re confronted with a problem, employers want to know that you will do everything you can to fix it. Your creative skills will come in handy here.

7. Flexibility – Sometimes, your job is going to be a little like a roller coaster. Can you adjust to the chaos?

8. Teamwork – You’re not done with group work after graduate school. Working in a team is an essential part of almost every job.

9. Leadership – You may not be a natural born leader, but can you step up and guide either a group of people or a process if necessary?

10. Time Management – Ability to balance workloads and prioritize what gets done, in the face of many deliverables

http://www.nationalsoftskills.org/top-10-soft-skills-for-success/

Experience and Certification

Source: Burning Glass Technologies report -Job Market Intelligence: Cybersecurity Jobs, 2015

Job Posting Requirements

35% Industry certifications

84% Bachelors degree or higher

83% 3+ years of experience

10% Security Clearance

Relationship between experience and certification

• Entry level certifications typically require less than 3 years of experience

• Advanced certifications require at least 3-5 years experience

Many, Many CertificationsGSLC: GIAC Security Leadership ManagementGISP: GIAC Information Security Professional ManagementGCPM: GIAC Certified Project Manager ManagementGSEC: GIAC Security Essentials Security AdministrationGCIH: GIAC Certified Incident Handler Security AdministrationGCIA: GIAC Certified Intrusion Analyst Security AdministrationGPEN: GIAC Penetration Tester Security AdministrationGWAPT: GIAC Web Application Penetration Tester Security AdministrationGISF: GIAC Information Security Fundamentals Security AdministrationGCWN: GIAC Certified Windows Security Admin Security AdministrationGPPA: GIAC Certified Perimeter Protection Analyst Security AdministrationGCED: GIAC Certified Enterprise Defender Security AdministrationGICSP: Global Industrial Cyber Security Professional Security AdministrationGXPN: GIAC Exploit Researcher & Adv. Pen Tester Security AdministrationGAWN: GIAC Assess & Audit Wireless Networks Security AdministrationGCUX: GIAC Certified UNIX Security Administrator Security AdministrationGMOB: GIAC Mobile Device Security Analyst Security AdministrationGMON: GIAC Continuous Monitoring Certification Security AdministrationGCCC: GIAC Critical Controls Certification Security AdministrationGPYC: GIAC Python Coder Security AdministrationGASF: GIAC Advanced Smartphone Forensics ForensicsGCFE: GIAC Certified Forensic Examiner ForensicsGREM: GIAC Reverse Engineering Malware ForensicsGCFA: GIAC Certified Forensic Analyst ForensicsGNFA: GIAC Network Forensic Analyst ForensicsGSSP-JAVA: GIAC Secure SW Programmer-Java Software SecurityGWEB: GIAC Certified Web Application Defender Software SecurityGSSP-.NET: GIAC Secure SW Programmer- .NET Software SecurityGLEG: GIAC Law of Data Security & Investigations LegalGSNA: GIAC Systems and Network Auditor Audit

NICE Framework

National Initiative for Cybersecurity Education framework (NCWIF)http://csrc.nist.gov/nice/framework

• Reference resource defining cybersecurity work and a standardized set of required tasks and skills.

• Designed to help organizations educate, recruit, train and retain a qualified cybersecurity workforce.

Job Market Insights

CyberSeek.org - free interactive resource for cybersecurity job seekers, sponsored by NIST, CompTIA, and NICE.

Job Market Insights

• Job locations & salary

• Openings concentrations

• Demand averages

• Titles and roles

• Certification prevalence

• Alignment to NICE framework

• Career advancement pathways

The Future of Cybersecurity Education is Bright

Emerging challenges will drive the needs in cybersecurity – Understand the market needs

Employers will expect workers to know and apply industry best practices and perspectives – Align academics to the future expectations

The roles are expanding for incoming cybersecurity workforce – Prepare students for the new roles

Resources are emerging to assist academic staff and graduates to understand the needed skills and opportunities – Empower students to be self-sufficient in tracking employment demands