Elektrik kesintisinden kredi kartı hırsızlığına, filmlerden dizilere; siber güvenlik başlığı haberler ve magazin gündeminde baş köşelere yerleşmeye başladı. Peki kurumlar ve devlet yönetimleri hangi alanlara odaklanmalı? Ya da bu başlığın tam adı ne olmalı ve kavram karmaşasına nasıl yaklaşmalıyız? Information Security Forum raporları ile son yıllarda Türkiye ve Dünya'daki kurumların gündeminde en ön sıralarda yer alan başlıklardan yola çıkarak hazırlanan bu sunumda, önümüzdeki yıllarda sadece siber güvenlik camiasının değil, kurum ve devlet yönetimlerinin de odaklanması gereken alanlara ışık tutulmaya çalışılacak.
2. A. Burak Sadıç
1995
2003-2013
2014 yılında katıldığı
PricewaterhouseCoopers Türkiye ofisinde
Bilgi Güvenliği ve Siber Güvenlik
Hizmetleri Lideri olarak çalışan Burak’ın
yirmi senelik danışmanlık ve yönetim
deneyimi bulunmaktadır. ODTÜ
Elektrik-Elektronik Mühendisliği
bölümünden 1995 yılında mezun olan
Burak, PwC öncesinde sırasıyla PDI-
Erkom, Siemens, Meteksan, Koç.net,
Innova ve Symantec bünyesinde çeşitli
kademelerde çalıştı. Symantec'teki 10
yıllık iş yaşamının son dört yılında ise
Güneydoğu Avrupa'daki 12 ülke ve
Türkiye'yi kapsayan bölgedeki
danışmanlık ekiplerini yönetti.
2014-…
15. 14
“There are known knowns; there are
things we know we know. We also
know there are known unknowns, that
is to say we know there are some
things we do not know. But there are
also unknown unknowns – the ones
we don’t know we don’t know.”
Former United States Secretary of
Defense Donald Rumsfeld
February 12, 2002
20. 19
1. Disruption divides and conquers
Innovation is bringing new opportunities for business, but also malicious
actors that seek to disrupt operations.
1.1 Supercharged connectivity overwhelms defences
Reasonably-priced and superfast gigabit connectivity will provide new business
opportunities. However, it will also open new avenues for criminals to pursue
destructive activity online.
1.2 Crime syndicates take a quantum leap
Criminal organisations will become more sophisticated and migrate many of
their activities online. Organisations will struggle to keep pace and the effects
will be felt around the globe.
1.3 Tech rejectionists cause chaos
In response to socio-economic inequality, ‘tech rejectionists’ will instigate
widespread social unrest and disrupt local economies. Organisations with
supply chains in the affected regions will struggle to cope.
21. 20
1. Disruption divides and conquers
Innovation is bringing new opportunities for business, but also malicious
actors that seek to disrupt operations.
1.1 Supercharged connectivity overwhelms defences
Reasonably-priced and superfast gigabit connectivity will provide new business
opportunities. However, it will also open new avenues for criminals to pursue
destructive activity online.
1.2 Crime syndicates take a quantum leap
Criminal organisations will become more sophisticated and migrate many of
their activities online. Organisations will struggle to keep pace and the effects
will be felt around the globe.
1.3 Tech rejectionists cause chaos
In response to socio-economic inequality, ‘tech rejectionists’ will instigate
widespread social unrest and disrupt local economies. Organisations with
supply chains in the affected regions will struggle to cope.
22. 21
1. Disruption divides and conquers
Innovation is bringing new opportunities for business, but also malicious
actors that seek to disrupt operations.
1.1 Supercharged connectivity overwhelms defences
Reasonably-priced and superfast gigabit connectivity will provide new business
opportunities. However, it will also open new avenues for criminals to pursue
destructive activity online.
1.2 Crime syndicates take a quantum leap
Criminal organisations will become more sophisticated and migrate many of
their activities online. Organisations will struggle to keep pace and the effects
will be felt around the globe.
1.3 Tech rejectionists cause chaos
In response to socio-economic inequality, ‘tech rejectionists’ will instigate
widespread social unrest and disrupt local economies. Organisations with
supply chains in the affected regions will struggle to cope.
23. 22
2. Complexity conceals fragility
A cyberspace congested with people and devices is becoming more complex,
exposing the fragility of the underlying infrastructure.
2.1 Dependence on critical infrastructure becomes dangerous
Whole societies are dependent on ageing, poorly maintained and highly critical
infrastructure. Connectivity failures will force organisations to update their
resilience and invest in technology transformation programmes.
2.2 Systemic vulnerabilities are weaponised
Malicious actors will weaponise systemic vulnerabilities in software systems of
individual technology companies, threatening the integrity of Internet
infrastructure.
2.3 Legacy technology crumbles
As digital connectivity grows, legacy technology will be further exposed to attackers.
The damage from the resultant incidents will exceed anything that has come before.
2.4 Death from disruption to digital services
Disruption of digital systems in transport and medical services will lead to verifiable
deaths. Public pressure forces organisations to respond.
24. 23
2. Complexity conceals fragility
A cyberspace congested with people and devices is becoming more complex,
exposing the fragility of the underlying infrastructure.
2.1 Dependence on critical infrastructure becomes dangerous
Whole societies are dependent on ageing, poorly maintained and highly critical
infrastructure. Connectivity failures will force organisations to update their
resilience and invest in technology transformation programmes.
2.2 Systemic vulnerabilities are weaponised
Malicious actors will weaponise systemic vulnerabilities in software systems of
individual technology companies, threatening the integrity of Internet
infrastructure.
2.3 Legacy technology crumbles
As digital connectivity grows, legacy technology will be further exposed to attackers.
The damage from the resultant incidents will exceed anything that has come before.
2.4 Death from disruption to digital services
Disruption of digital systems in transport and medical services will lead to verifiable
deaths. Public pressure forces organisations to respond.
25. 24
2. Complexity conceals fragility
A cyberspace congested with people and devices is becoming more complex,
exposing the fragility of the underlying infrastructure.
2.1 Dependence on critical infrastructure becomes dangerous
Whole societies are dependent on ageing, poorly maintained and highly critical
infrastructure. Connectivity failures will force organisations to update their
resilience and invest in technology transformation programmes.
2.2 Systemic vulnerabilities are weaponised
Malicious actors will weaponise systemic vulnerabilities in software systems of
individual technology companies, threatening the integrity of Internet
infrastructure.
2.3 Legacy technology crumbles
As digital connectivity grows, legacy technology will be further exposed to attackers.
The damage from the resultant incidents will exceed anything that has come before.
2.4 Death from disruption to digital services
Disruption of digital systems in transport and medical services will lead to verifiable
deaths. Public pressure forces organisations to respond.
26. 25
2. Complexity conceals fragility
A cyberspace congested with people and devices is becoming more complex,
exposing the fragility of the underlying infrastructure.
2.1 Dependence on critical infrastructure becomes dangerous
Whole societies are dependent on ageing, poorly maintained and highly critical
infrastructure. Connectivity failures will force organisations to update their
resilience and invest in technology transformation programmes.
2.2 Systemic vulnerabilities are weaponised
Malicious actors will weaponise systemic vulnerabilities in software systems of
individual technology companies, threatening the integrity of Internet
infrastructure.
2.3 Legacy technology crumbles
As digital connectivity grows, legacy technology will be further exposed to attackers.
The damage from the resultant incidents will exceed anything that has come before.
2.4 Death from disruption to digital services
Disruption of digital systems in transport and medical services will lead to verifiable
deaths. Public pressure forces organisations to respond.
27. 26
3. Complacency bites back
Organisations are too complacent, paying insufficient attention to threats
concealed by international borders.
3.1 Global consolidation endangers competition and security
As the dominant providers of information services expand their global
operations, customers will become more concerned about potential
service disruptions and failures.
3.2 Impact of data breaches increases dramatically
Data breaches will grow in frequency and size, increasing the
operational impact and recovery costs. In response, governments will
introduce additional data protection legislation and regulations.
28. 27
3. Complacency bites back
Organisations are too complacent, paying insufficient attention to threats
concealed by international borders.
3.1 Global consolidation endangers competition and security
As the dominant providers of information services expand their global
operations, customers will become more concerned about potential
service disruptions and failures.
3.2 Impact of data breaches increases dramatically
Data breaches will grow in frequency and size, increasing the
operational impact and recovery costs. In response, governments will
introduce additional data protection legislation and regulations.