Iurii Garasym, Director of Corporate Security at ELEKS and President of Cloud Security Alliance Lviv Chapter
The future crimes and predestination of cybersecurity. Thoughts aloud in a whiskey bar.
Iurii’s professional goal is to make business survivable. He focuses on security program development/improvement based on emerging security solutions and integrates those into business goals, objectives, strategy and activities.
2. VENEZUELA “DRONE ATTACK”
Ways to prevent drones infringing your privacy and safety
• Anti-Drone Drones
• Anti-Drone Birds
• Anti-Drone Jammers
• Drone-Blinding Lasers
• Drone Detection Systems
• Drone Hijacks
• No Drone Zones
• Drone Surveillance Laws
• An apparent assassination attempt on President Nicolás
Maduro during a military parade in the capital Caracas
• Two drones with explosives
• Panic, dozens of soldiers running away
"Justice! Maximum punishment!
And there will be no forgiveness."
“Technology … is a queer thing; it brings
you great gifts with one hand and it stabs
you in the back with the other”
4. TRENDS IN BUSINESS
Value continues to migrate
online: Cloud, Big Data
Corporations are expected to be more
‘open’ than ever before
Everything is connected
Supply chains are increasingly
interconnected.
There is a business in cybercrime
Difficult to know what you even own, difficult
to analyze
Entire digital world could be erased in just a
few keystrokes
Mobile, Social Networks, IoT, BYOx (bring
your own device / app …) are an easy point
of entry into corporate networks for malware
Everything is vulnerable
No perimeter any more. Companies are
encouraging vendors and customers to join
their networks
Professional cybercrime organizations.
Hackers provide “cybercrime as a service”
1
2
3
4
5
5. SECURITY VENDORS MAP
• Tons of data + tons of alerts. You can’t sit more people
to deal with it
• Lack of budget, people, skills, management support …
what else?
• Security technology silos
• Algorithms, machine learning, AI are already on our
side, but still 100+ days to discover a breach
• Attack is easier than defense
• Focus on hype and emerging stuff, niche players
6. Cybercrime alone costs nations more than
$1 trillion globally, far more
than the record $300 billion
of damage due to natural disasters in
2017. Cyber attacks are ranked as the
biggest threat facing the business world
today — ahead of terrorism, asset
bubbles, and other risks.”
“An attack on a computer processing or
communications network could cause $50
billion to $120 billion of economic damage, a
loss ranking somewhere between those of
Hurricanes Sandy and Katrina”
7.
8. IMPACT ON THE COST OF DATA BREACH
• Average total cost of a data breach: $3.86 million
• At 50 million records, estimated total cost of a breach is
$350 million dollars
• The vast majority of these breaches (10 out of 11)
stemmed from malicious and criminal attacks. Not human
factor
• The average time to detect and contain a mega breach
was 365 days
• $148 per lost or stolen record on average
• In the long term, breached companies underperformed
the market. In the longer term, share prices continue to
grow, but not fast enough to keep up with the NASDAQ
10. eleks.com
Make existing
technology more
efficient.
Data collected and
stored once.
Context matter.
Dynamic
architecture.
Standardization.
SIEM is not dead. Its
one of the SOAPA
ingredients.
SECURITY OPERATIONS AND ANALYTICS
PLATFORM ARCHITECTURE
Cloud-based services and delivery:
• SaaS Applications
• Platform and infrastructure
• Managed as service (MSP)
• Analytics, shared threat intel
Automation and Orchestration layer
Analytics layer
Software services and integration layer
SIEM, network forensics, EDR, TIP,IRP, UEBA …
Security Controls:
• Remediation
• Policy updates
• Publish/subscribe
• Transaction
processing
• Message bus…
• Collection
• Normalization
• De-duplication
• Compression/encryption…
Security Telemetry
(logs, flows, network and host sensors, threat intelligence, IAM, cloud services, vulnerability,…
Common
distributed data
services
11. eleks.com
United States and
China investing
hundreds of millions
of dollars in
quantum computing
research.
A multi-purpose
quantum computer
will be able to crack
the ubiquitous RSA
and ECC encryption
algorithms by 2030.
QUANTUM SAFE SECURITY
“In 2016, Google Chrome deployed an experimental
post-quantum configuration of TLS to bring attention
to the subject and to test to its viability”
12. eleks.com
...
INSURANCE
• There is no 100% security
• Establishing cybersecurity alone is no longer
enough. Cyber resilience. Risk management
• Avoid, Mitigate, Transfer, Accept
• Predictability is key, but speed of change and a
short history
• It doesn’t replace the need for sound cybersecurity
practices
• Coverage 1. cyber liability insurance (provides
cover for liabilities that an organization causes to
its customers or to others) and 2. cyber risk
insurance (cover direct losses to the organization).
• There will be cyber risks that cannot be transferred
• You cant transfer accountability
2020
1.1 Cyber and physical attacks combine to
business resilience
1.2 Satellites cause chaos on the ground
1.3 Weaponised appliances leave
organisations powerless
2.1 Quantum arms race undermines the
digital economy
2.2 Artificially intelligent malware amplifies
attackers’ capabilities
2.3 Attacks on connected vehicles put the
brakes on operations
3.1 Biometrics offer a false sense of security
3.2 New regulations increase the risk and
compliance burden
3.3 Trusted professionals divulge
organizational weak points
13. THE TRANSFORMATION OF
CYBER SECURITY
Those things will apply even in case of driverless cars, smart cities and mars
colonization
Now:
• Showstopper
• Compliance driven
• System centric
• Prevent, detect, respond
• People, process, technology
• Trends (NG everything, ...)
• Silos
• Offensive
• Managed services
• Reactive
• TTP
• Add-on
• Corp sec
Shifts to:
• Business enabler
• Business/risk driven
• People centric
• Adaptive security
• Data
• Hygiene + trends
• Context matter / integration
• Defensive
• Insurance
• Proactive
• BA, Data science
• By design and by default
• Communities
16. 2020 IS ALMOST HERE
Center for Long-Term Cybersecurity founded at UC Berkeley’s
School of Information with support from the Hewlett Foundation
How might individuals function in a world where literally everything
they do online will likely be hacked or stolen? How could the
proliferation of networked appliances, vehicles, and devices
transform what it means to have a “secure” society? What would be
the consequences of almost unimaginably powerful algorithms that
predict individual human behavior at the most granular scale?
Notas do Editor
Benefits of drones:
- Pakage delivery
- Improved surveillance and security
- Better Internet
Meeting with IBM CISO – 90% of his daily work is basic stuff
1. About 10 years ago the attacks were aimed only at large corporations.
2. Criminals are adopters of new technologies. They were first who use cellphones, pagers, blockchain, ML. Today they are building their own nationwide encrypted radio telecommunication systems (narco-cartels in Mexico) while many Americans still can’t get a decent mobile phone signal most of a time.
We are creating the problems ourselves
1. Make existing people much more effective.
2. Reaction to proactive.
Cyber resilience requires recognition that organizations must prepare now to deal with severe impacts from cyber threats that are impossible to predict.
If it is possible to block the transfer of stolen money, then cyber criminals will disappear and will not participate in that business model.
https://cltc.berkeley.edu/
The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future
These scenarios are not predictions
If it is possible to block the transfer of stolen money, then cyber criminals will disappear and will not participate in that business model.