SECURITY
Overview
Preparedness for future…
Have you felt Cyber Insecurity?
Can we fathom out of
the challenge?
Police IT
Ecosystem
How IT Systems work?
Who are the best adopters of technology?
One of its kind
Who will take a call?
Zero Day
at the heart of it all
12
May 16, 2018
Curiosity
Monetary Gain
National Security
Espionage,�Political Activism
The sophistication of cyber threats, attackers and motives are rapidly escalating.
Motive
1995 – 2005
1st Decade of the Commercial Internet
Revenge
Script-kiddies or hackers using tools, web-based “how-to’s”
Insiders, using inside information
Organized Crime, Hackers and Crackers using sophisticated tools
Competitors, Hacktivists
Nation-state Actors; Targeted Attacks / Advanced Persistent Threat
2005 – 2015
2nd Decade of the Commercial Internet
Adversary
*X-Force Research - 2013
Getting hacked in the new normal.
Sanjay Sahay
Data Manipulation
Digital Iron Dome
Massive attack on Israel’s National Electricity Grid
The World's First Digital Weapon
Precision is the key
Outstanding Coding and Testing
Absolute Game Changer
9/11
This recent undated satellite image provided by Space Imaging/Inta SpaceTurk shows the once-secret Natanz nuclear complex in Natanz, Iran, about 150 miles south of Tehran.
Baltimore
Encryption
�Fortune 500 companies��97% has been hacked!� �
Internet of things!
Global Information Grid
A very vulnerable one!
Cloud the most happening place
How secure are we?
Cloud Computing�
Results of IDC survey ranks Security 74.6% as the biggest challenge
Web of Profits
Global Cyber Crime is worth $1.5 trillion a year
Web of Profits
Web of Profits
Some services and products:
cyber is the world!
from pace maker to nuclear power plants
from text documents to the hybrid cloud
We live in a digitally porous world!
“If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization.”
-Weinberg's Second Law
Weakest link
The human factor!
Insider Threat
The lone wolves of the Cyber Age!
I
N
S
I
D
E
R
S
Tough Challenge
39
May 16, 2018
End user didn’t think before clicking
Weak password/default password in use
Insecure configuration
Use of legacy or un-patched hardware or software
Lack of basic network security protection
The top 5 reasons why attacks are related to system hygiene or user knowledge.
1
2
3
4
5
Where should you start?
These three controls can help you address the top vulnerabilities and begin to reduce risk.
Build a �risk-aware culture
Protect the network & end-points
Automate security hygiene & manage incidents with intelligence
DATA
is at the center of our universe
Data Brokers
Resilience
What the System Ought to Provide
Ubiquitous Surveillance
Military - Internet Complex
Corporate
Surveillance
Govt / Business Corporations
FBI
VS
World at crossroads…
Internal Security
External Security
Counter Terrorism
Rogue States
Cyber War
Money Laundering
Underworld
Underground Economy
Naxalism
Data Brokers
Hacktivists
World at crossroads…
And the IT companies themselves!!!
Privacy has no meaning
More data, more money!
Everything for a price
I
N
S
I
D
E
R
H
A
C
K
T
I
V
I
S
T
S
I
S
I
S
VS
The Malware Story
Asymmetric Warfare – A new form
the costing
Attribution
MLAT
BUDAPEST COVENTION
The Dark Net
The Internet provides a delivery system for the pathological states of mind
Crime Inc.
Crime as a service!
Payment mechanism in place!
Information Sharing!
Where will the Cyber Security Professionals come from?
It’s a refrain being heard for the past 18 months the world over: “We need more skilled people for our security team.”
global cybersecurity workforce will have more than
NIST Special Publication 800-181
National Initiative for Cybersecurity Education (NICE)
Cybersecurity Workforce Framework
Federal Information Security Modernization Act (FISMA) of 2014
a partnership between government, academia, and the private sector working to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development.
cultivating an integrated cybersecurity workforce that is globally competitive from hire to retire
Cyber Security
How different?
in its simplest sense, allows each human being to be left alone in a core which is inviolable.
A WORLD HELD HOSTAGE !
D
A
T
A
White Paper of the Committee of Experts on a Data Protection Framework for India
K
E
Y
P
R
I
N
C
I
P
L
E
S
Indicators
Indicators
How much of cyber crime investigation we are equipped to handle?
Silk Road Investigation
San Bernardino Case
WannaCry
Petya
Talent
Only Hands On is On!
There’s no reason
that the good guys can’t be the same !!!.
The bad guys are smart, well equipped, and determined.
As Steve Job’s said we are at the crossroads of technology and humanities. Technology is racing to become the mankind’s DNA. Transformational changes demand transformational answers. Digital is the only way forward. What matters is grey matter in a knowledge driven world. Together we can and together we will find a method in the digital madness.
The way forward…
Thank you