trends in cybersecurity · trends in cybersecurity what history teaches and where the future will...
TRANSCRIPT
Trends in CybersecurityWHAT HISTORY TEACHES AND WHERE THE FUTURE WILL LEAD US
JASON INGALLS MAY 22, 2017FOUNDER, CEOINGALLS INFORMATION SECURITY IINFOSEC.COM
Cybersecurity: Protecting DataData Communication, Storage, Processing We use data to make decisions
We make decisions faster when we have trustworthy access to secure data and communications
We eventually automate decisions and actions that have known outcomes
We are doing this more and more with more important things: Weapon Systems
Public Transportation
Healthcare
Cybersecurity Objectives
In order to protect data, communication and automation, we must meet three major objectives: Confidentiality: We must trust the
system to respect privileged access
Integrity: We trust the system to do what it was designed to do
Availability: We trust the system to be there when we need it
Evolution OfHacker Culture
1980’s: Phreakers& Hackers
1990’s: Hackers& Script Kiddies
2000’s: Script Kiddies & Organized Crime
2010’s: Hacktivists & Advanced Persistent Threats
Troubling Implications The Cybercrime Growth Curve
Source: 2016 Verizon Data Breach & Incident Response Report
Problem #1: Not Enough Talent
360,000 Open cybersecurity jobs in U.S. as of August, 2016
1,000,000 Job Openings Worldwide
Not enough current college programs to close the gap
Problem #2: Too Much Data
Cybersecurity tools can collect up to 10 billion bits per second (10 Gbps)
Fills up a 4 Terabyte drive in less than an hour
Most of this data is useless Investigating an attack in all this
data becomes very difficult Data is being created on an
exponential scale
Working Towards The Future
Long term solution: get kids interested in cybersecurity, produce workforce
Mid-term solution: Create better cybersecurity tools
Immediate solution: Encourage everyone to practice good cybersecurity in personal and professional lives
If you and your friends are being chasedby a bear, you don’t have to be thefastest, you just can’t be the slowest.
That’s cybersecurity today.
The Future: Sharing Threats and Creating Risk Pools Information Sharing and Analysis
Organizations (ISAOs): Standards-based organizations that
provides membership with help on cyber
Formerly known as ISACs, now with Federal guidance
Can be co-op, private, or non-profit Allows for risk-based analysis and
decisions on larger data sets
The Future: Trusted Security Protects Our Privacy Security is required for assured privacy
It must be trusted It must be transparent where possible
Anything you put on the Internet never goes away What about right to be forgotten? Audit requirements ensure privacy
Companies will be forced to bargain beyond free services for user data As soon as people remember their most
valuable possession is their identity and privacy
“There goes John again…”
The Far Horizon: Artificial Intelligence
Which One?
In a recent poll, computer scientists were asked if we could expect General Artificial Intelligence by 2050.
Most said yes.Next question: