SlideShare a Scribd company logo

Cyber Security at CTX15, London

John Palfreyman
John Palfreyman

The document discusses cyber security, cyber crime, and the rise of smartphones and social media. It covers topics such as the changing technology and business landscape including cloud, mobile, big data/analytics, and social business. It also discusses the challenges posed by smartphones, social media, and the "bring your own device" trend in enterprises. The document advocates for a smarter approach to cyber security that balances technical and people mitigations and emphasizes risk management. It also discusses the future of contextual, adaptive security.

Related slideshows

Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
 
Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docx
 
1 of 37
Download to read offline
© 2015 IBM Corporation Cyber Security, Cyber Crime . . . . and the meteoric rise in the usage of smartphones and social media V3, 21 Apr15 John Palfreyman, IBM
© 2015 IBM Corporation 2 1.  Cyber Security & Cyber Crime in Context 2.  Technology & Business Landscape 3.  A Smarter Approach 4.  The Future & Concluding Remarks Agenda
© 2015 IBM Corporation 3 §  Politically neutral, cross-party policy voice of the internet and technology sector –  Informing policy for a competitive, inclusive, networked society §  Alerts EU, UK Parliamentarians, Policy Makers –  potential impacts, implications, and unintended consequences –  policies for online and digital technologies §  Initiatives 1.  Ubiquitous Broadband 2.  Cyber Security and Counter e-Crime 3.  Digital Education 4.  Digital Health Services 5.  Internet of Things & Smart UK 6.  UK at the Centre of the Digital Single Market Digital Policy Alliance (EURIM)
© 2015 IBM Corporation Cyber Security & Cyber Crime in Context Who are the bad guys & what are they up to?
© 2015 IBM Corporation 5 Cyber Security – IBM Definition Cyber Security /–n 1. the protection of an organisation and its assets from electronic attack to minimise the risk of business disruption.
© 2015 IBM Corporation 6 Cyber Security - Expanded Hacking Malware Botnets Denial of Service Trojans Cyber-dependent crimes Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13
© 2015 IBM Corporation 7 Cyber Crime Hacking Malware Botnets Denial of Service Trojans Cyber-dependent crime Fraud Bullying Theft Sexual Offences Trafficking Drugs Cyber-enabled crime Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13
© 2015 IBM Corporation 8 §  Confusion & hype abound §  Common attack methods §  Common methods of defense / counter / investigation §  Data > Insight chain §  Prosecution – burden of evidence §  Learning & sharing possible, but patchy Cyber Security & (counter) Cyber Crime
© 2015 IBM Corporation 9 Cyber Threat MOTIVATION S O P H I S T I C A T I O N National Security, Economic Espionage Notoriety, Activism, Defamation Hacktivists Lulzsec, Anonymous Monetary Gain Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Nuisance, Curiosity Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red Nation-state actors, APTs Stuxnet, Aurora, APT-1
© 2015 IBM Corporation A new type of threat Attacker generic Malware / Hacking / DDoS IT Infrastructure Traditional Advanced Persistent Threat Critical data / infrastructure Attacker !
© 2015 IBM Corporation 11 Attack Phases 1 Break-in Spear phishing and remote exploits to gain access Command & Control (CnC) 2 Latch-on Malware and backdoors installed to establish a foothold 3 Expand Reconnaissance & lateral movement increase access & maintain presence 4 Gather Acquisition & aggregation of confidential data Command & Control (CnC) 5 Exfiltrate Get aggregated data out to external network(s)
© 2015 IBM Corporation IBM X-Force 12 March 2015IBM Security Systems IBM X-Force Threat Intelligence Quarterly, 1Q 2015 Explore the latest security trends—from “designer vulns” to mutations in malware— based on 2014 year-end data and ongoing research
© 2015 IBM Corporation Technology & Business Landscape New opportunities for cyber crime!
© 2015 IBM Corporation 14 Smarter Planet Instrumented – Interconnected - Intelligent
© 2015 IBM Corporation 15 Cloud DRIVERS §  Speed & agility §  Fast Innovation §  CAPEX to OPEX USE CASES §  SCM, HR, CRM as a SERVICE §  Predictive Analytics as a SERVICE
© 2015 IBM Corporation 16 Mobile DRIVERS §  Mobility in Business §  Agility & flexibility §  Rate of technology change USE CASES §  Information capture, workflow management §  Education where & when needed §  Case advice Map
© 2015 IBM Corporation 17 Big Data / Analytics DRIVERS §  Drowning in Data §  Insight for SMARTER §  More UNRELIABLE data USE CASES §  Citizen Sentiment §  Predictive Policing §  OSINT augmentation Open Source Internal Sources Intelligence Analysis SIGINT BiometricsEmail GeoINT Telephone Records Data  Records  
© 2015 IBM Corporation 18 Social Business DRIVERS §  Use of Social Channels §  Smart Employment §  Personnel Rotation USE CASES §  Citizen Sentiment §  Counter Terrorism §  Knowledge Retention Gather INTELLIGENCE •  Social Media as OSINT •  Individuals, Groups, Events •  Supplement traditional sources Efficient WORKING •  Breaking down Silos •  Collaboration •  “Self help” Culture Leverage KNOWLEDGE •  Access to Experts, Content •  Collaborative Ventures •  Enables Innovation Positive IMAGE •  Promotion / marketing •  Recruiting •  Citizen engagement InternalExternal
© 2015 IBM Corporation 19 Systems of Engagement ü  Collaborative ü  Interaction oriented ü  User centric ü  Unpredictable ü  Dynamic Big Data / Analytics Cloud Social Business Mobile
© 2015 IBM Corporation 20 Use Case – European Air Force Secure Mobile CHALLENGE •  Support Organisational Transformation •  HQ Task Distribution •  Senior Staff demanding Mobile Access SOLUTION •  IBM Connections •  MS Sharepoint Integration •  MaaS 360 based Tablet Security BENEFITS •  Improved work efficiency •  Consistent & timely information access •  Secure MODERN tablet
© 2015 IBM Corporation 21 The Millennial Generation EXPECT . . . §  to embrace technology for improved productivity and simplicity in their personal lives §  tools that seem made for and by them §  freedom of choice, embracing change and innovation INNOVATE . . . •  Actively involve a large user population •  Work at Internet Scale and Speed •  Discover the points of value via iteration •  Engage the Millennial generation
© 2015 IBM Corporation Smart Phones (& Tablets) . . . 22 §  Used in the same way as a personal computer §  Ever increasing functionality (app store culture) . . . §  . . . and often more accessible architectures §  Offer “anywhere” banking, social media, e-mail . . . §  Include non-PC (!) features Context, MMS, TXT §  Emergence of authentication devices
© 2015 IBM Corporation . . . are harder to defend ? . . . 23 §  Anti-virus software missing, or inadequate §  Encryption / decryption drains the battery §  Battery life is always a challenge §  Stolen or “found” devices– easy to loose §  Malware, mobile spyware, impersonation §  Extends set of attack vectors §  Much R&D into securing platform
© 2015 IBM Corporation . . . and Bring your Own Device now mainstream 24 §  Bring-your-own device expected §  Securing corporate data §  Additional complexities §  Purpose-specific endpoints §  Device Management
© 2015 IBM Corporation Social Media – Lifestyle Centric Computing 25 www.theconversationprism.com §  Different Channels §  Web centric §  Conversational §  Personal §  Open §  Explosive growth
© 2015 IBM Corporation Social Media – Special Security Challenges 26Source: Digital Shadows, Sophos, Facebook §  Too much information §  Online impersonation §  Trust / Social Engineering / PSYOP §  Targeting (Advanced, Persistent Threat) Source: Digital Shadows, Sophos, Facebook
© 2015 IBM Corporation A Smarter Approach to countering cyber crime
© 2015 IBM Corporation 28 Balance Technical Mitigation Better firewalls Improved anti-virus Advanced Crypto People Mitigation Leadership Education Culture Process
© 2015 IBM Corporation 29 ü  Monitor threats ü  Understand (your) systems ü  Assess Impact & Probability ü  Design containment mechanisms ü  Don’t expect perfect defences ü  Containment & quarantine planning ü  Learn & improve Risk Management Approach
© 2015 IBM Corporation Securing a Mobile Device DEVICE •  Enrolment & access control •  Security Policy enforcement •  Secure data container •  Remote wipe TRANSACTION •  Allow transactions on individual basis •  Device monitoring & event detection •  Sever risk engine – allow, restrict, flag for review APPLICATION •  Endpoint management – software •  Application: secure by design •  Application scanning for vulnerabilities ACCESS •  Enforce access policies •  Approved devices and users •  Context aware authorisation 30
© 2015 IBM Corporation Secure, Social Business 31 LEADERSHIP •  More senior, most impact •  Important to leader, important to all •  Setting “tone” for culture CULTURE •  Everyone knows importance AND risk •  Full but SAFE usage •  Mentoring PROCESS •  What’s allowed, what’s not •  Internal & external usage •  Smart, real time black listing EDUCATION •  Online education (benefits, risks) •  Annual recertification •  For all, at all levels
© 2015 IBM Corporation The Future & Concluding Remarks What next . . .
© 2015 IBM Corporation 33 Global Technology Outlook – Beyond Systems of Engagement
© 2015 IBM Corporation 34 Contextual, Adaptive Security Monitor and Distill Correlate and Predict Adapt and Pre-empt Security 3.0 Risk Prediction and Planning Encompassing event correlation, risk prediction, business impact assessment and defensive strategy formulation Multi-level monitoring & big data analytics Ranging from active, in device to passive monitoring Adaptive and optimized response Adapt network architecture, access protocols / privileges to maximize attacker workload
© 2015 IBM Corporation 35 1.  Are you ready to respond to a cyber crime or security incident and quickly remediate? 2.  Do you have the visibility and analytics needed to monitor threats? 3.  Do you know where your corporate crown jewels are and are they adequately protected? 4.  Can you manage your endpoints from servers to mobile devices and control network access? 5.  Do you build security in and continuously test all critical web/mobile applications? 6.  Can you automatically manage and limit the identities and access of your employees, partners and vendors to your enterprise? 7.  Do you have a risk aware culture and management system that can ensure compliance? Fitness for Purpose
© 2015 IBM Corporation 36 1.  Many Similarities – Cyber Crime vs Security – Threat Sophistication 2.  Social Business & Mobile offer transformational value 3.  New vulnerabilities need to be understood to be mitigated 4.  Mitigation needs to be balanced, risk management based and “designed in” Summary
© 2015 IBM Corporation Thanks John Palfreyman, IBM 2dsegma@uk.ibm.com

More Related Content

Cyber Security at CTX15, London

  • 1. © 2015 IBM Corporation Cyber Security, Cyber Crime . . . . and the meteoric rise in the usage of smartphones and social media V3, 21 Apr15 John Palfreyman, IBM
  • 2. © 2015 IBM Corporation 2 1.  Cyber Security & Cyber Crime in Context 2.  Technology & Business Landscape 3.  A Smarter Approach 4.  The Future & Concluding Remarks Agenda
  • 3. © 2015 IBM Corporation 3 §  Politically neutral, cross-party policy voice of the internet and technology sector –  Informing policy for a competitive, inclusive, networked society §  Alerts EU, UK Parliamentarians, Policy Makers –  potential impacts, implications, and unintended consequences –  policies for online and digital technologies §  Initiatives 1.  Ubiquitous Broadband 2.  Cyber Security and Counter e-Crime 3.  Digital Education 4.  Digital Health Services 5.  Internet of Things & Smart UK 6.  UK at the Centre of the Digital Single Market Digital Policy Alliance (EURIM)
  • 4. © 2015 IBM Corporation Cyber Security & Cyber Crime in Context Who are the bad guys & what are they up to?
  • 5. © 2015 IBM Corporation 5 Cyber Security – IBM Definition Cyber Security /–n 1. the protection of an organisation and its assets from electronic attack to minimise the risk of business disruption.
  • 6. © 2015 IBM Corporation 6 Cyber Security - Expanded Hacking Malware Botnets Denial of Service Trojans Cyber-dependent crimes Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13
  • 7. © 2015 IBM Corporation 7 Cyber Crime Hacking Malware Botnets Denial of Service Trojans Cyber-dependent crime Fraud Bullying Theft Sexual Offences Trafficking Drugs Cyber-enabled crime Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13
  • 8. © 2015 IBM Corporation 8 §  Confusion & hype abound §  Common attack methods §  Common methods of defense / counter / investigation §  Data > Insight chain §  Prosecution – burden of evidence §  Learning & sharing possible, but patchy Cyber Security & (counter) Cyber Crime
  • 9. © 2015 IBM Corporation 9 Cyber Threat MOTIVATION S O P H I S T I C A T I O N National Security, Economic Espionage Notoriety, Activism, Defamation Hacktivists Lulzsec, Anonymous Monetary Gain Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Nuisance, Curiosity Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red Nation-state actors, APTs Stuxnet, Aurora, APT-1
  • 10. © 2015 IBM Corporation A new type of threat Attacker generic Malware / Hacking / DDoS IT Infrastructure Traditional Advanced Persistent Threat Critical data / infrastructure Attacker !
  • 11. © 2015 IBM Corporation 11 Attack Phases 1 Break-in Spear phishing and remote exploits to gain access Command & Control (CnC) 2 Latch-on Malware and backdoors installed to establish a foothold 3 Expand Reconnaissance & lateral movement increase access & maintain presence 4 Gather Acquisition & aggregation of confidential data Command & Control (CnC) 5 Exfiltrate Get aggregated data out to external network(s)
  • 12. © 2015 IBM Corporation IBM X-Force 12 March 2015IBM Security Systems IBM X-Force Threat Intelligence Quarterly, 1Q 2015 Explore the latest security trends—from “designer vulns” to mutations in malware— based on 2014 year-end data and ongoing research
  • 13. © 2015 IBM Corporation Technology & Business Landscape New opportunities for cyber crime!
  • 14. © 2015 IBM Corporation 14 Smarter Planet Instrumented – Interconnected - Intelligent
  • 15. © 2015 IBM Corporation 15 Cloud DRIVERS §  Speed & agility §  Fast Innovation §  CAPEX to OPEX USE CASES §  SCM, HR, CRM as a SERVICE §  Predictive Analytics as a SERVICE
  • 16. © 2015 IBM Corporation 16 Mobile DRIVERS §  Mobility in Business §  Agility & flexibility §  Rate of technology change USE CASES §  Information capture, workflow management §  Education where & when needed §  Case advice Map
  • 17. © 2015 IBM Corporation 17 Big Data / Analytics DRIVERS §  Drowning in Data §  Insight for SMARTER §  More UNRELIABLE data USE CASES §  Citizen Sentiment §  Predictive Policing §  OSINT augmentation Open Source Internal Sources Intelligence Analysis SIGINT BiometricsEmail GeoINT Telephone Records Data  Records  
  • 18. © 2015 IBM Corporation 18 Social Business DRIVERS §  Use of Social Channels §  Smart Employment §  Personnel Rotation USE CASES §  Citizen Sentiment §  Counter Terrorism §  Knowledge Retention Gather INTELLIGENCE •  Social Media as OSINT •  Individuals, Groups, Events •  Supplement traditional sources Efficient WORKING •  Breaking down Silos •  Collaboration •  “Self help” Culture Leverage KNOWLEDGE •  Access to Experts, Content •  Collaborative Ventures •  Enables Innovation Positive IMAGE •  Promotion / marketing •  Recruiting •  Citizen engagement InternalExternal
  • 19. © 2015 IBM Corporation 19 Systems of Engagement ü  Collaborative ü  Interaction oriented ü  User centric ü  Unpredictable ü  Dynamic Big Data / Analytics Cloud Social Business Mobile
  • 20. © 2015 IBM Corporation 20 Use Case – European Air Force Secure Mobile CHALLENGE •  Support Organisational Transformation •  HQ Task Distribution •  Senior Staff demanding Mobile Access SOLUTION •  IBM Connections •  MS Sharepoint Integration •  MaaS 360 based Tablet Security BENEFITS •  Improved work efficiency •  Consistent & timely information access •  Secure MODERN tablet
  • 21. © 2015 IBM Corporation 21 The Millennial Generation EXPECT . . . §  to embrace technology for improved productivity and simplicity in their personal lives §  tools that seem made for and by them §  freedom of choice, embracing change and innovation INNOVATE . . . •  Actively involve a large user population •  Work at Internet Scale and Speed •  Discover the points of value via iteration •  Engage the Millennial generation
  • 22. © 2015 IBM Corporation Smart Phones (& Tablets) . . . 22 §  Used in the same way as a personal computer §  Ever increasing functionality (app store culture) . . . §  . . . and often more accessible architectures §  Offer “anywhere” banking, social media, e-mail . . . §  Include non-PC (!) features Context, MMS, TXT §  Emergence of authentication devices
  • 23. © 2015 IBM Corporation . . . are harder to defend ? . . . 23 §  Anti-virus software missing, or inadequate §  Encryption / decryption drains the battery §  Battery life is always a challenge §  Stolen or “found” devices– easy to loose §  Malware, mobile spyware, impersonation §  Extends set of attack vectors §  Much R&D into securing platform
  • 24. © 2015 IBM Corporation . . . and Bring your Own Device now mainstream 24 §  Bring-your-own device expected §  Securing corporate data §  Additional complexities §  Purpose-specific endpoints §  Device Management
  • 25. © 2015 IBM Corporation Social Media – Lifestyle Centric Computing 25 www.theconversationprism.com §  Different Channels §  Web centric §  Conversational §  Personal §  Open §  Explosive growth
  • 26. © 2015 IBM Corporation Social Media – Special Security Challenges 26Source: Digital Shadows, Sophos, Facebook §  Too much information §  Online impersonation §  Trust / Social Engineering / PSYOP §  Targeting (Advanced, Persistent Threat) Source: Digital Shadows, Sophos, Facebook
  • 27. © 2015 IBM Corporation A Smarter Approach to countering cyber crime
  • 28. © 2015 IBM Corporation 28 Balance Technical Mitigation Better firewalls Improved anti-virus Advanced Crypto People Mitigation Leadership Education Culture Process
  • 29. © 2015 IBM Corporation 29 ü  Monitor threats ü  Understand (your) systems ü  Assess Impact & Probability ü  Design containment mechanisms ü  Don’t expect perfect defences ü  Containment & quarantine planning ü  Learn & improve Risk Management Approach
  • 30. © 2015 IBM Corporation Securing a Mobile Device DEVICE •  Enrolment & access control •  Security Policy enforcement •  Secure data container •  Remote wipe TRANSACTION •  Allow transactions on individual basis •  Device monitoring & event detection •  Sever risk engine – allow, restrict, flag for review APPLICATION •  Endpoint management – software •  Application: secure by design •  Application scanning for vulnerabilities ACCESS •  Enforce access policies •  Approved devices and users •  Context aware authorisation 30
  • 31. © 2015 IBM Corporation Secure, Social Business 31 LEADERSHIP •  More senior, most impact •  Important to leader, important to all •  Setting “tone” for culture CULTURE •  Everyone knows importance AND risk •  Full but SAFE usage •  Mentoring PROCESS •  What’s allowed, what’s not •  Internal & external usage •  Smart, real time black listing EDUCATION •  Online education (benefits, risks) •  Annual recertification •  For all, at all levels
  • 32. © 2015 IBM Corporation The Future & Concluding Remarks What next . . .
  • 33. © 2015 IBM Corporation 33 Global Technology Outlook – Beyond Systems of Engagement
  • 34. © 2015 IBM Corporation 34 Contextual, Adaptive Security Monitor and Distill Correlate and Predict Adapt and Pre-empt Security 3.0 Risk Prediction and Planning Encompassing event correlation, risk prediction, business impact assessment and defensive strategy formulation Multi-level monitoring & big data analytics Ranging from active, in device to passive monitoring Adaptive and optimized response Adapt network architecture, access protocols / privileges to maximize attacker workload
  • 35. © 2015 IBM Corporation 35 1.  Are you ready to respond to a cyber crime or security incident and quickly remediate? 2.  Do you have the visibility and analytics needed to monitor threats? 3.  Do you know where your corporate crown jewels are and are they adequately protected? 4.  Can you manage your endpoints from servers to mobile devices and control network access? 5.  Do you build security in and continuously test all critical web/mobile applications? 6.  Can you automatically manage and limit the identities and access of your employees, partners and vendors to your enterprise? 7.  Do you have a risk aware culture and management system that can ensure compliance? Fitness for Purpose
  • 36. © 2015 IBM Corporation 36 1.  Many Similarities – Cyber Crime vs Security – Threat Sophistication 2.  Social Business & Mobile offer transformational value 3.  New vulnerabilities need to be understood to be mitigated 4.  Mitigation needs to be balanced, risk management based and “designed in” Summary
  • 37. © 2015 IBM Corporation Thanks John Palfreyman, IBM 2dsegma@uk.ibm.com