SlideShare a Scribd company logo

The cyber security hype cycle is upon us

Jonathan Sinclair
Jonathan Sinclair

A review of where we are along with some predictions for 2018

Technology
1 of 61
Download to read offline
It seems what we were saying about: Government snooping, side-channel attacks, data exfiltration, corporate disclosure, poor product delivery, 3rd party vendor trust, security opt-out model, cloud, CEO ignorance etc. was right.
Is there a wave to be ridden or shall we keep our heads down until the disruption passes?
~15 years in the industry: ADI still confusing Advancement
Disruption…
An Englishman at heart Oxford Living Dictionary: • Disruption = “Disturbance or problems which interrupt an event, activity, or process”
Me vs. Silicon Valley
ADI – Looking at History: Ploughing
ADI – Looking at History: Ploughing
ADI – Looking at History: Ploughing
ADI – Looking at History: Ploughing
ADI - We actually want
ADI – Looking at History: Ploughing • Progress measured by Scale and the power-scale ratio • What’s actually important is not the nomenclature but what it stands for: • Removal of the human element and automation
Does the same apply to tech? • Progress measured by reduction in Size and increase in Capacity
Greed is good • Whether through • Reduction of work force = increase in profits • Reduction in size and increase in capacity (more information stored in less space) • More cores on a chip • More data in a lake • More bits down a pipe • Bigger is Better!
Nice story… but • You’re probably bored and this isn’t an academic treatise into definitions! • And what on earth does does this have to do with surfing waves or hiding in a bomb shelter and waiting for the debris to settle?
In ADI: Scalability makes the difference!
Old dayz (Local = No issue)
LAN (Bigger but controllable)
WAN (Bigger still, but still controllable)
Internet (Holy sh**, as large as it gets and no control)
Cloud (Out of control, kind of…) Vendor lock-in.
Progress Size of exposure = Out of control Threat landscape = Gigantic
Has Malware changed? Malware Viruses Worms Trojan Horses Ransomware
In fact; 1989 vs. 2016 (Mikko Hypponen Tweet from March 2016)
So things are the same? • The plough has become the automated machine, categories are the same. • What used to be this: • Is now this: • msf > use exploit/multi/java_rmi_server • msf exploit(java_rmi_server) > set RHOST 192.168.2.7 • msf exploit(java_rmi_server) > exploit • …….. • Meterpreter > shell Build/Simulate Environment Obtain software Install software Reverse software Create exploit Weaponize Deploy
Categories stay the same, scale changes, fall-out more important (Wannacry, no cyberwar in Ukraine right ;)
Change of the game: • Now the time to mention buzzwords • IoT, Big Data, Data Lakes, AI, Machine Learning etc. and
Algorithms create algorithms- Google, google and more google • Google – crypto algorithm • Alice and Bob communicating incognito blocking out Eve • Deepmind • AlphaGo, AlphaZero (Go and Chess) • Google: Voice synth on par with humans • Tacotron 2 Poof and magic: Accountability removed…
Backpropagation 1986: One trick pony? • The explosion of a singular idea: • Deep-learning Nets or Backpropagation nets are: “Neural nets can be thought of as trying to take things—images, words, recordings of someone talking, medical data—and put them into what mathematicians call a high- dimensional vector space, where the closeness or distance of the things reflects some important feature of the actual world.” –Hinton • The problem: • “Neural nets are just thoughtless fuzzy pattern recognizers, and as useful as fuzzy pattern recognizers can be—hence the rush to integrate them into just about every kind of software—they represent, at best, a limited brand of intelligence, one that is easily fooled”
The Others • Cylance • N/A • Darktrace • Bayesian learning • PatternEX • Supervised learning • DARPA, • Cyber Grand Challenge: AI at war: Mayhem wins
We are facing something new! • It’s happening on the fringes, for most … • But being integrated across the board meaning… ohh no the speed limit is 45mph
My Predictions for the Enterprise 2018 • Privacy moves into a leading position: Security supports Privacy Security
My Predictions for the Enterprise 2018 • Apple exploits gain more traction: root -> return, return, return
My Predictions for the Enterprise 2018 • Phishing, phishing and more phishing: Because it works
My Predictions for the Enterprise 2018 • More issues with Open Src stack • Because you thought it was hard to maintain and patch “managed software”, now you’re managing stuff created by non-professionals (for a large part)
My Predictions for the Enterprise 2018 • Side-channel attacks /
My Predictions for the Enterprise 2018 • DDoS – Doesn’t get enough press and is a fundamental problem: Mirai, Reaper etc. Scale again!
My Predictions for the Enterprise 2018 • 3rd party vendor breaches: Let’s go in through the backdoor • Queue: Target, Deloitte, Amazon, Equifax, DHS, etc. all organisations charged with responsibly handling customer information. • How secure are your partners really? • They WILL lie to you….
My Predictions for the Enterprise 2018 • ML/AI or simply Stochastic modelling • Model reliance will become more ubiquitous and explainable AI will increase in complexity. Trust the machine
My Predictions for the Enterprise 2018 • Companies continue to struggle with SOC deployments, incident response, log fatigue etc.
My Predictions for the Enterprise 2018 • Skills gap deteriorates further: Security Theatre continues LinkedIn trolling • Banking CISO: No formal education in IT • Pharma CISO: No formal education in IT • Manufacturing CISO: No formal education in IT • Energy CISO: No formal education in IT • Chemical CISO: No formal education in IT • Agriculture CISO: No formal education in IT • University CISO: Degree in Engineering • Government CISO: Degree in Computer Science • Technology CISO: Degree in Mathematics
Last thought(s) • No one talks about the on-premise solution offerings anymore • Have we forgotten how to build? • Where are the CBA’s for this vs. cloud, in today’s situation? • Pandora’s box has been opened, “there’s no going back, you’ve changed things”
Vendor lock-in • API’s, JSON calls and all other integration fudge = vendor lock in like we’ve never seen before. • CoreOS CEO Alex Polvi: • “Lambda and serverless is one of the worst forms of proprietary lock-in that we've ever seen in the history of humanity” • “It's code that tied not just to hardware – which we've seen before – but to a data center, you can't even get the hardware yourself. And that hardware is now custom fabbed for the cloud providers with dark fiber that runs all around the world, just for them. So literally the application you write will never get the performance or responsiveness or the ability to be ported somewhere else without having the deployment footprint of Amazon.“
Consumer rights • Tech’s wild-west and lack of accountability • Gov.uk: • You can get help if you’re treated unfairly or when things go wrong. This includes: • credit and store cards • faulty goods • counterfeit goods • poor service • problems with contracts • problems with builders • rogue traders • IT never mentioned anywhere and it’s going to get worse!
Handling of CPU bugs disclosure 'incredibly bad': OpenBSD’s Theo de Raadt "It is a scandal, and I want repaired processors for free. I don't care if they are 30% slower, as long as they work to spec. Intel has been exceedingly clever to mix Meltdown (speculative loads) with a separate issue (Spectre). This is pulling the wool over the public's eyes."
BACKUP Slides, for fun and reference Covering the topics: - ADI definition - Predictions - Threats - Thoughts from Lyft CISO
Is this advancement, innovation or just disruption? • Are they the same? • What is advancement (positive) • What is disruption (negative) • Each cause change • But when should we react? • Everything is ADI
Predications are always dangerous Speed differentials Enterprise, vs. small business vs. start-up
Enterprise 2018 • Not much will change • Asset inventory will still be challenging • AV, or NGAV will start to replace traditional AV, however more about re- branding • L1 SOC automation (PatternEX, Smart Algor’s, etc.) will start, but industry still immature • Data science and security staff skill shortage will still be an issue • Automation will be pushed harder • But real disruption around tech e.g. advanced data analytics, containerisation scalability, software robotics, AI powered incident response, advanced end- point protection, is likely not to happen outside specialised groups
Small business • Lack of in-house skills will likely lead to slow adoption, security will still be ‘bolted-on’ and not built in • Migration of service providers to Cloud IaaS and SaaS, but these will be packaged and re-sold. Small-businesses won’t actually feel the change, until it goes wrong
Start-up’s • Will pivot on new tech, because they need to ‘pretend’ they are mature and through this they can show glitz and glamour e.g. • Yeah we can scale to 1000+ endpoints as we leverage AWS Elastic compute • You want pretty dashboards, of course we leverage Elastic Search and the ELK stack • Deploy anywhere and access at any time, of course we have an HTTP(S) mgmt. dashboard hosted on Azure with seamless integration into your AD • Use of AI and cutting edge ML – Of course, we run Tensor flow, out of the box and scale it across our platform. • Blah, blah, blah
My Predictions for the Enterprise 2018 • Hardware attacks (Intel etc.)
Predictions: What are others saying?
Prediction: MIT’s takeaways • More breaches: Equifax • Thank you data consolidation, data lakes and the emergence of the data broker, queue service providers • Ransomware in the Cloud • Did I mention: Lack of control?  Maybe another Eternal Blue, Accidental leak? • NotPetya (Eternal Blue), Wannacry (Eternal Blue), Cryptolocker (email attachment) • Weaponisation of AI • Cyber-physical attacks • Mining Crypto currencies • Hacking elections
Prediction: PWC “2018 could be the year that the third leg of the information security triad, integrity of data, really comes to the fore. All organisations rely on the integrity of their data to function, from the food supply chain, to the medical profession, to any company reporting financial results. An attacker that can cause a question mark to appear over the integrity of their target's data could potentially cause huge damage.”
Prediction: Symantec Symantec: 1. Blockchain Will Find Uses Outside Of Cryptocurrencies But Cyber criminals Will Focus On Coins and Exchanges 2. Cyber criminals Will Use Artificial Intelligence (AI) & Machine Learning (ML) To Conduct Attacks 3. Supply Chain Attacks Will Become Mainstream 4. File-less and File-light Malware Will Explode 5. Organisations Will Still Struggle With Security-as-a-Service (SaaS) Security 6. Organisations Will Still Struggle With Infrastructure-as-a-Service (IaaS) Security – More Breaches Due to Error, Compromise & Design 7. Financial Trojans Will Still Account For More Losses Than Ransomware 8. Expensive Home Devices Will Be Held To Ransom 9. IoT Devices Will Be Hijacked and Used in DDoS Attacks 10. IoT Devices Will Provide Persistent Access to Home Networks
Threats are still easy: AV avoidance Old days (signature): • Byte change • Polymorphic engines • Dynamic programming techniques Modern day (AI, behaviour-based and NGAV): • Code obfuscation • Alternative Data Streams • In-memory
New threats • Air-gap bridged (laser keyboard analysis) • Marketing malware – marketing ads fight each other • Quote for Joanna Rutkowska “Don’t be deluded that a single user system is a non-shared computer… Modern computers execute so much 3rd-party code & parse so much untrusted input, that we must assume they are ‘shared’” 06.01.18
Lyft CISO: Mike Johnson I'm not interested in the top Security stories or top trends of 2017. I was there. I am more interested in what flew under the radar or what got too much coverage. My offerings: • Threat intelligence as a product is oversold and there are way too many companies in this space • We don’t have an officially appointed US Federal CISO (Grant Schneider is “acting”) • Your AI product is not intelligent • We are working on bringing in more diverse candidates in our entry level jobs, but not doing enough for our more experienced professionals from diverse backgrounds • Phishing your employees and then forcing anyone who clicks a link to sit through a half hour video is not raising security awareness - it's just making your employees resent you

Recommended

Top 12 Threats to Enterprise
Top 12 Threats to EnterpriseTop 12 Threats to Enterprise
Top 12 Threats to Enterprise
Argyle Executive Forum
 
William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...
centralohioissa
 
Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?
centralohioissa
 
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechMT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
Dell EMC World
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Rishi Singh
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
STASH | Datacentric Security
 
How to improve your system monitoring
How to improve your system monitoringHow to improve your system monitoring
How to improve your system monitoring
Andrew White
 
Ruben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security InitiativesRuben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security Initiatives
centralohioissa
 

Recommended

Top 12 Threats to Enterprise
Top 12 Threats to EnterpriseTop 12 Threats to Enterprise
Top 12 Threats to Enterprise
Argyle Executive Forum
 
William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...
centralohioissa
 
Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?
centralohioissa
 
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechMT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
Dell EMC World
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Rishi Singh
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
STASH | Datacentric Security
 
How to improve your system monitoring
How to improve your system monitoringHow to improve your system monitoring
How to improve your system monitoring
Andrew White
 
Ruben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security InitiativesRuben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security Initiatives
centralohioissa
 
Thriving in the world of Big Data
Thriving in the world of Big DataThriving in the world of Big Data
Thriving in the world of Big Data
Livingstone Advisory
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
Livingstone Advisory
 
Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Livingstone Advisory
 
Lean Hunting
Lean HuntingLean Hunting
Lean Hunting
Ben Johnson
 
SecureWorld - Communicating With Your CFO
SecureWorld - Communicating With Your CFOSecureWorld - Communicating With Your CFO
SecureWorld - Communicating With Your CFO
Gene Kim
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defense
Jason Luttrell, CISSP, CISM
 
DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?
DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?
DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?
Jason Bloomberg
 
Government and Education Webinar: Public Sector Cybersecurity Survey - What I...
Government and Education Webinar: Public Sector Cybersecurity Survey - What I...Government and Education Webinar: Public Sector Cybersecurity Survey - What I...
Government and Education Webinar: Public Sector Cybersecurity Survey - What I...
SolarWinds
 
What does an internet of things business look like?
What does an internet of things business look like?What does an internet of things business look like?
What does an internet of things business look like?
Alexandra Deschamps-Sonsino
 
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Livingstone Advisory
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
centralohioissa
 
Making best-in-class security ubiquitous - Why security is no longer just an ...
Making best-in-class security ubiquitous - Why security is no longer just an ...Making best-in-class security ubiquitous - Why security is no longer just an ...
Making best-in-class security ubiquitous - Why security is no longer just an ...
Thoughtworks
 
When IT Fails The Business Fails...
When IT Fails The Business Fails...When IT Fails The Business Fails...
When IT Fails The Business Fails...
Gene Kim
 
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry CollaborationHelen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaboration
centralohioissa
 
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with SalesforceDell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
Dreamforce
 
Adapting for the Internet of Things
Adapting for the Internet of ThingsAdapting for the Internet of Things
Adapting for the Internet of Things
Tripwire
 
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the WarGary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
centralohioissa
 
Webinar - Finding Local Tech Expertise and Support for Nonprofits and Librari...
Webinar - Finding Local Tech Expertise and Support for Nonprofits and Librari...Webinar - Finding Local Tech Expertise and Support for Nonprofits and Librari...
Webinar - Finding Local Tech Expertise and Support for Nonprofits and Librari...
TechSoup
 
Migrate to Google Apps? - Gillingham
Migrate to Google Apps? - GillinghamMigrate to Google Apps? - Gillingham
Migrate to Google Apps? - Gillingham
Mark Gillingham
 
Security in the News
Security in the NewsSecurity in the News
Security in the News
James Sutter
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud Computing
John D. Johnson
 
The evolving CIO|CISO relationship
The evolving CIO|CISO relationship The evolving CIO|CISO relationship
The evolving CIO|CISO relationship
Zscaler
 

More Related Content

What's hot

Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
Livingstone Advisory
 
Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Livingstone Advisory
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defense
Jason Luttrell, CISSP, CISM
 
DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?
DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?
DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?
Jason Bloomberg
 
Security in the News
Security in the NewsSecurity in the News
Security in the News
James Sutter
 

What's hot (20)

Thriving in the world of Big Data
Thriving in the world of Big DataThriving in the world of Big Data
Thriving in the world of Big Data
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
 
Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...
 
Lean Hunting
Lean HuntingLean Hunting
Lean Hunting
 
SecureWorld - Communicating With Your CFO
SecureWorld - Communicating With Your CFOSecureWorld - Communicating With Your CFO
SecureWorld - Communicating With Your CFO
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defense
 
DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?
DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?
DevOps, Digital, and Cloud - Two's Company, Three's a Crowd?
 
Government and Education Webinar: Public Sector Cybersecurity Survey - What I...
Government and Education Webinar: Public Sector Cybersecurity Survey - What I...Government and Education Webinar: Public Sector Cybersecurity Survey - What I...
Government and Education Webinar: Public Sector Cybersecurity Survey - What I...
 
What does an internet of things business look like?
What does an internet of things business look like?What does an internet of things business look like?
What does an internet of things business look like?
 
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
 
Making best-in-class security ubiquitous - Why security is no longer just an ...
Making best-in-class security ubiquitous - Why security is no longer just an ...Making best-in-class security ubiquitous - Why security is no longer just an ...
Making best-in-class security ubiquitous - Why security is no longer just an ...
 
When IT Fails The Business Fails...
When IT Fails The Business Fails...When IT Fails The Business Fails...
When IT Fails The Business Fails...
 
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry CollaborationHelen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaboration
 
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with SalesforceDell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
 
Adapting for the Internet of Things
Adapting for the Internet of ThingsAdapting for the Internet of Things
Adapting for the Internet of Things
 
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the WarGary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
 
Webinar - Finding Local Tech Expertise and Support for Nonprofits and Librari...
Webinar - Finding Local Tech Expertise and Support for Nonprofits and Librari...Webinar - Finding Local Tech Expertise and Support for Nonprofits and Librari...
Webinar - Finding Local Tech Expertise and Support for Nonprofits and Librari...
 
Migrate to Google Apps? - Gillingham
Migrate to Google Apps? - GillinghamMigrate to Google Apps? - Gillingham
Migrate to Google Apps? - Gillingham
 
Security in the News
Security in the NewsSecurity in the News
Security in the News
 

Similar to The cyber security hype cycle is upon us

Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile World
Hao Tran
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile World
Inside Analysis
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Prevention
centralohioissa
 
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve PooleDevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
JAXLondon_Conference
 
How would AI shape Future Integrations?
How would AI shape Future Integrations?How would AI shape Future Integrations?
How would AI shape Future Integrations?
Srinath Perera
 

Similar to The cyber security hype cycle is upon us (20)

Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud Computing
 
The evolving CIO|CISO relationship
The evolving CIO|CISO relationship The evolving CIO|CISO relationship
The evolving CIO|CISO relationship
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile World
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile World
 
What CISOs should know about SAP security
What CISOs should know about SAP securityWhat CISOs should know about SAP security
What CISOs should know about SAP security
 
20170613 iasa architecture - Tim Willoughby presentation
20170613 iasa architecture - Tim Willoughby presentation20170613 iasa architecture - Tim Willoughby presentation
20170613 iasa architecture - Tim Willoughby presentation
 
Redgate_summit_atl_kgorman_intersection.pptx
Redgate_summit_atl_kgorman_intersection.pptxRedgate_summit_atl_kgorman_intersection.pptx
Redgate_summit_atl_kgorman_intersection.pptx
 
From Microfilm to Big Data - How Can One Brain Handle This Much Change Withou...
From Microfilm to Big Data - How Can One Brain Handle This Much Change Withou...From Microfilm to Big Data - How Can One Brain Handle This Much Change Withou...
From Microfilm to Big Data - How Can One Brain Handle This Much Change Withou...
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC PerspectiveSecurity Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC Perspective
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Prevention
 
We cant hack ourselves secure
We cant hack ourselves secureWe cant hack ourselves secure
We cant hack ourselves secure
 
Is IIOT Right for You?
Is IIOT Right for You?Is IIOT Right for You?
Is IIOT Right for You?
 
CompTIA Cyber Career Pathway: Developing skills for 2020 and beyond
CompTIA Cyber Career Pathway: Developing skills for 2020 and beyondCompTIA Cyber Career Pathway: Developing skills for 2020 and beyond
CompTIA Cyber Career Pathway: Developing skills for 2020 and beyond
 
Tech Refresh - Ambient Computing and the IT "new normal"
Tech Refresh - Ambient Computing and the IT "new normal"Tech Refresh - Ambient Computing and the IT "new normal"
Tech Refresh - Ambient Computing and the IT "new normal"
 
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve PooleDevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
 
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
 
Threat Modeling All Day!
Threat Modeling All Day!Threat Modeling All Day!
Threat Modeling All Day!
 
How would AI shape Future Integrations?
How would AI shape Future Integrations?How would AI shape Future Integrations?
How would AI shape Future Integrations?
 
Brand Commerce - We all know the shiny stuff at the front. But what magic is ...
Brand Commerce - We all know the shiny stuff at the front. But what magic is ...Brand Commerce - We all know the shiny stuff at the front. But what magic is ...
Brand Commerce - We all know the shiny stuff at the front. But what magic is ...
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
 

More from Jonathan Sinclair

More from Jonathan Sinclair (11)

Is the SOC working as a viable business model (or security model)?
Is the SOC working as a viable business model (or security model)?Is the SOC working as a viable business model (or security model)?
Is the SOC working as a viable business model (or security model)?
 
Machine learning 101 - or less
Machine learning 101 - or lessMachine learning 101 - or less
Machine learning 101 - or less
 
Architecting trust in the digital landscape, or lack thereof
Architecting trust in the digital landscape, or lack thereofArchitecting trust in the digital landscape, or lack thereof
Architecting trust in the digital landscape, or lack thereof
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?
 
XAI – accountability unchecked
XAI – accountability uncheckedXAI – accountability unchecked
XAI – accountability unchecked
 
Cyber speed – the unknown velocity component
Cyber speed – the unknown velocity componentCyber speed – the unknown velocity component
Cyber speed – the unknown velocity component
 
Cyber Security: Strategies, Defence and what’s not working
Cyber Security: Strategies, Defence and what’s not workingCyber Security: Strategies, Defence and what’s not working
Cyber Security: Strategies, Defence and what’s not working
 
Blue Ocean IT Security
Blue Ocean IT SecurityBlue Ocean IT Security
Blue Ocean IT Security
 
Vulnerability management today and tomorrow
Vulnerability management today and tomorrowVulnerability management today and tomorrow
Vulnerability management today and tomorrow
 
State of virtualisation -- 2012
State of virtualisation -- 2012State of virtualisation -- 2012
State of virtualisation -- 2012
 
Breach analysis slideshare
Breach analysis slideshareBreach analysis slideshare
Breach analysis slideshare
 

Recently uploaded

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

The cyber security hype cycle is upon us

  • 1. It seems what we were saying about: Government snooping, side-channel attacks, data exfiltration, corporate disclosure, poor product delivery, 3rd party vendor trust, security opt-out model, cloud, CEO ignorance etc. was right.
  • 2.
  • 3. Is there a wave to be ridden or shall we keep our heads down until the disruption passes?
  • 4. ~15 years in the industry: ADI still confusing Advancement
  • 6. An Englishman at heart Oxford Living Dictionary: • Disruption = “Disturbance or problems which interrupt an event, activity, or process”
  • 7. Me vs. Silicon Valley
  • 8. ADI – Looking at History: Ploughing
  • 9. ADI – Looking at History: Ploughing
  • 10. ADI – Looking at History: Ploughing
  • 11. ADI – Looking at History: Ploughing
  • 12. ADI - We actually want
  • 13. ADI – Looking at History: Ploughing • Progress measured by Scale and the power-scale ratio • What’s actually important is not the nomenclature but what it stands for: • Removal of the human element and automation
  • 14. Does the same apply to tech? • Progress measured by reduction in Size and increase in Capacity
  • 15. Greed is good • Whether through • Reduction of work force = increase in profits • Reduction in size and increase in capacity (more information stored in less space) • More cores on a chip • More data in a lake • More bits down a pipe • Bigger is Better!
  • 16. Nice story… but • You’re probably bored and this isn’t an academic treatise into definitions! • And what on earth does does this have to do with surfing waves or hiding in a bomb shelter and waiting for the debris to settle?
  • 17. In ADI: Scalability makes the difference!
  • 18. Old dayz (Local = No issue)
  • 20. WAN (Bigger still, but still controllable)
  • 21. Internet (Holy sh**, as large as it gets and no control)
  • 22. Cloud (Out of control, kind of…) Vendor lock-in.
  • 23. Progress Size of exposure = Out of control Threat landscape = Gigantic
  • 24. Has Malware changed? Malware Viruses Worms Trojan Horses Ransomware
  • 25. In fact; 1989 vs. 2016 (Mikko Hypponen Tweet from March 2016)
  • 26. So things are the same? • The plough has become the automated machine, categories are the same. • What used to be this: • Is now this: • msf > use exploit/multi/java_rmi_server • msf exploit(java_rmi_server) > set RHOST 192.168.2.7 • msf exploit(java_rmi_server) > exploit • …….. • Meterpreter > shell Build/Simulate Environment Obtain software Install software Reverse software Create exploit Weaponize Deploy
  • 27. Categories stay the same, scale changes, fall-out more important (Wannacry, no cyberwar in Ukraine right ;)
  • 28. Change of the game: • Now the time to mention buzzwords • IoT, Big Data, Data Lakes, AI, Machine Learning etc. and
  • 29. Algorithms create algorithms- Google, google and more google • Google – crypto algorithm • Alice and Bob communicating incognito blocking out Eve • Deepmind • AlphaGo, AlphaZero (Go and Chess) • Google: Voice synth on par with humans • Tacotron 2 Poof and magic: Accountability removed…
  • 30. Backpropagation 1986: One trick pony? • The explosion of a singular idea: • Deep-learning Nets or Backpropagation nets are: “Neural nets can be thought of as trying to take things—images, words, recordings of someone talking, medical data—and put them into what mathematicians call a high- dimensional vector space, where the closeness or distance of the things reflects some important feature of the actual world.” –Hinton • The problem: • “Neural nets are just thoughtless fuzzy pattern recognizers, and as useful as fuzzy pattern recognizers can be—hence the rush to integrate them into just about every kind of software—they represent, at best, a limited brand of intelligence, one that is easily fooled”
  • 31. The Others • Cylance • N/A • Darktrace • Bayesian learning • PatternEX • Supervised learning • DARPA, • Cyber Grand Challenge: AI at war: Mayhem wins
  • 32. We are facing something new! • It’s happening on the fringes, for most … • But being integrated across the board meaning… ohh no the speed limit is 45mph
  • 33. My Predictions for the Enterprise 2018 • Privacy moves into a leading position: Security supports Privacy Security
  • 34. My Predictions for the Enterprise 2018 • Apple exploits gain more traction: root -> return, return, return
  • 35. My Predictions for the Enterprise 2018 • Phishing, phishing and more phishing: Because it works
  • 36. My Predictions for the Enterprise 2018 • More issues with Open Src stack • Because you thought it was hard to maintain and patch “managed software”, now you’re managing stuff created by non-professionals (for a large part)
  • 37. My Predictions for the Enterprise 2018 • Side-channel attacks /
  • 38. My Predictions for the Enterprise 2018 • DDoS – Doesn’t get enough press and is a fundamental problem: Mirai, Reaper etc. Scale again!
  • 39. My Predictions for the Enterprise 2018 • 3rd party vendor breaches: Let’s go in through the backdoor • Queue: Target, Deloitte, Amazon, Equifax, DHS, etc. all organisations charged with responsibly handling customer information. • How secure are your partners really? • They WILL lie to you….
  • 40. My Predictions for the Enterprise 2018 • ML/AI or simply Stochastic modelling • Model reliance will become more ubiquitous and explainable AI will increase in complexity. Trust the machine
  • 41. My Predictions for the Enterprise 2018 • Companies continue to struggle with SOC deployments, incident response, log fatigue etc.
  • 42. My Predictions for the Enterprise 2018 • Skills gap deteriorates further: Security Theatre continues LinkedIn trolling • Banking CISO: No formal education in IT • Pharma CISO: No formal education in IT • Manufacturing CISO: No formal education in IT • Energy CISO: No formal education in IT • Chemical CISO: No formal education in IT • Agriculture CISO: No formal education in IT • University CISO: Degree in Engineering • Government CISO: Degree in Computer Science • Technology CISO: Degree in Mathematics
  • 43. Last thought(s) • No one talks about the on-premise solution offerings anymore • Have we forgotten how to build? • Where are the CBA’s for this vs. cloud, in today’s situation? • Pandora’s box has been opened, “there’s no going back, you’ve changed things”
  • 44. Vendor lock-in • API’s, JSON calls and all other integration fudge = vendor lock in like we’ve never seen before. • CoreOS CEO Alex Polvi: • “Lambda and serverless is one of the worst forms of proprietary lock-in that we've ever seen in the history of humanity” • “It's code that tied not just to hardware – which we've seen before – but to a data center, you can't even get the hardware yourself. And that hardware is now custom fabbed for the cloud providers with dark fiber that runs all around the world, just for them. So literally the application you write will never get the performance or responsiveness or the ability to be ported somewhere else without having the deployment footprint of Amazon.“
  • 45. Consumer rights • Tech’s wild-west and lack of accountability • Gov.uk: • You can get help if you’re treated unfairly or when things go wrong. This includes: • credit and store cards • faulty goods • counterfeit goods • poor service • problems with contracts • problems with builders • rogue traders • IT never mentioned anywhere and it’s going to get worse!
  • 46. Handling of CPU bugs disclosure 'incredibly bad': OpenBSD’s Theo de Raadt "It is a scandal, and I want repaired processors for free. I don't care if they are 30% slower, as long as they work to spec. Intel has been exceedingly clever to mix Meltdown (speculative loads) with a separate issue (Spectre). This is pulling the wool over the public's eyes."
  • 47.
  • 48. BACKUP Slides, for fun and reference Covering the topics: - ADI definition - Predictions - Threats - Thoughts from Lyft CISO
  • 49. Is this advancement, innovation or just disruption? • Are they the same? • What is advancement (positive) • What is disruption (negative) • Each cause change • But when should we react? • Everything is ADI
  • 50. Predications are always dangerous Speed differentials Enterprise, vs. small business vs. start-up
  • 51. Enterprise 2018 • Not much will change • Asset inventory will still be challenging • AV, or NGAV will start to replace traditional AV, however more about re- branding • L1 SOC automation (PatternEX, Smart Algor’s, etc.) will start, but industry still immature • Data science and security staff skill shortage will still be an issue • Automation will be pushed harder • But real disruption around tech e.g. advanced data analytics, containerisation scalability, software robotics, AI powered incident response, advanced end- point protection, is likely not to happen outside specialised groups
  • 52. Small business • Lack of in-house skills will likely lead to slow adoption, security will still be ‘bolted-on’ and not built in • Migration of service providers to Cloud IaaS and SaaS, but these will be packaged and re-sold. Small-businesses won’t actually feel the change, until it goes wrong
  • 53. Start-up’s • Will pivot on new tech, because they need to ‘pretend’ they are mature and through this they can show glitz and glamour e.g. • Yeah we can scale to 1000+ endpoints as we leverage AWS Elastic compute • You want pretty dashboards, of course we leverage Elastic Search and the ELK stack • Deploy anywhere and access at any time, of course we have an HTTP(S) mgmt. dashboard hosted on Azure with seamless integration into your AD • Use of AI and cutting edge ML – Of course, we run Tensor flow, out of the box and scale it across our platform. • Blah, blah, blah
  • 54. My Predictions for the Enterprise 2018 • Hardware attacks (Intel etc.)
  • 55. Predictions: What are others saying?
  • 56. Prediction: MIT’s takeaways • More breaches: Equifax • Thank you data consolidation, data lakes and the emergence of the data broker, queue service providers • Ransomware in the Cloud • Did I mention: Lack of control?  Maybe another Eternal Blue, Accidental leak? • NotPetya (Eternal Blue), Wannacry (Eternal Blue), Cryptolocker (email attachment) • Weaponisation of AI • Cyber-physical attacks • Mining Crypto currencies • Hacking elections
  • 57. Prediction: PWC “2018 could be the year that the third leg of the information security triad, integrity of data, really comes to the fore. All organisations rely on the integrity of their data to function, from the food supply chain, to the medical profession, to any company reporting financial results. An attacker that can cause a question mark to appear over the integrity of their target's data could potentially cause huge damage.”
  • 58. Prediction: Symantec Symantec: 1. Blockchain Will Find Uses Outside Of Cryptocurrencies But Cyber criminals Will Focus On Coins and Exchanges 2. Cyber criminals Will Use Artificial Intelligence (AI) & Machine Learning (ML) To Conduct Attacks 3. Supply Chain Attacks Will Become Mainstream 4. File-less and File-light Malware Will Explode 5. Organisations Will Still Struggle With Security-as-a-Service (SaaS) Security 6. Organisations Will Still Struggle With Infrastructure-as-a-Service (IaaS) Security – More Breaches Due to Error, Compromise & Design 7. Financial Trojans Will Still Account For More Losses Than Ransomware 8. Expensive Home Devices Will Be Held To Ransom 9. IoT Devices Will Be Hijacked and Used in DDoS Attacks 10. IoT Devices Will Provide Persistent Access to Home Networks
  • 59. Threats are still easy: AV avoidance Old days (signature): • Byte change • Polymorphic engines • Dynamic programming techniques Modern day (AI, behaviour-based and NGAV): • Code obfuscation • Alternative Data Streams • In-memory
  • 60. New threats • Air-gap bridged (laser keyboard analysis) • Marketing malware – marketing ads fight each other • Quote for Joanna Rutkowska “Don’t be deluded that a single user system is a non-shared computer… Modern computers execute so much 3rd-party code & parse so much untrusted input, that we must assume they are ‘shared’” 06.01.18
  • 61. Lyft CISO: Mike Johnson I'm not interested in the top Security stories or top trends of 2017. I was there. I am more interested in what flew under the radar or what got too much coverage. My offerings: • Threat intelligence as a product is oversold and there are way too many companies in this space • We don’t have an officially appointed US Federal CISO (Grant Schneider is “acting”) • Your AI product is not intelligent • We are working on bringing in more diverse candidates in our entry level jobs, but not doing enough for our more experienced professionals from diverse backgrounds • Phishing your employees and then forcing anyone who clicks a link to sit through a half hour video is not raising security awareness - it's just making your employees resent you