Future cybersecurity threats and research needs.

Size: px

Start display at page:

Download "Future cybersecurity threats and research needs."

Cordelia O’Connor’
8 years ago
Views:

www.thalesgroup.com Future cybersecurity threats and research needs.

1 Future cybersecurity threats and research needs. 3 rd Franco-American Workshop on Cybersecurity Lyon Kreshnik Musaraj kreshnik.musaraj@thalesgroup.com December

2 2 / Challenges Overall increasing volume and/or complexity of cyber-attacks, as well as decreasing capabilities to act upon the attackers. Difficulty to deal with all the feedback provided by existing security technologies and solutions. Human knowledge exploitation in the cyber defence and cyber detection branches is limited. Progress rate of attack techniques VS progress rate of defensive measures. Current and future cyber security research Cross-combination of monitoring data sources Heterogenity data issues Semi-automatic data processingobstacles Attack knowledge extraction and interpretation; What do really mean the security alerts that I receive? How can I make use of the collected expertise? Real-time surveillance of the «big picture» APT: can they be really be addressed?!

Progress rate of attack techniques VS progress rate of defensive measures.

3 3 / Current (and future) cyber security threats Scalability and distribution of attacks. It is now common to observe intense threat activity even under normal circumstances, and for non-critical targets. Evasive techniques. What was intended to represent defensive measures, has become the common solution to avoid protective barriers. Data leakage issues. Current technologies remain limited to simple and medium scenarios. Beware of noise! Too many alerts and events, used by almost no one, to detect nothing. The human factor. Technology is not the main solution, it still remains an accessory. Compliance cannot replace it either.

What was intended to represent defensive measures, has become the common solution to avoid protective barriers. Data leakage issues.

4 4 / What market conditions to satisfy? Capabilities to marketing Market growth Market Potential Customer acceptance ROI Employment Growth Positive Impact on domains/sector Positive Impact on economy What are the research needs? The entire ecosystem needs to be heard Research actions are needed in order to face current voids: TRIVIAL(?)! Priorities need to be defined, and the business and research community needs to have its stake in the game Account for different viewpoints: threat relevance, business impact, future projections of threats increase in size, complexity, and nature.

Impact on economy What are the research needs?

5 5 / Facts and figures 9 Partners across Europe: European Organisation for Security, TNO, Engineering, Atos, Thales, Fraunhofer, Ecorys, University of Trento, Conceptivity Coordinator: European Organisation for Security CAPITAL selects key societal and technological domains whose future is at risk due to potential cybersecurity and privacy threats CAPITAL identifies how ICT could address these threats and can contribute to decreasing their impact or completely removing them CAPITAL works closely with the European Commission Public-Private Platform for Network and Information Security (NIS Platform) WG 3 on Secure ICT Research & Innovation

cybersecurity and privacy threats CAPITAL identifies how ICT could address these threats and can contribute to decreasing their impact or completely removing

6 6 /

7 7 / ANALYSIS OF THE STATE OF THE ART AND FUTURE THREATS CAPITAL will identify: emerging current and future threats a list of solutions per emerging area impacted areas of information technology ANALYSIS OF RESEARCH NEEDS CAPITAL will conduct a gap analysis between current and future cybersecurity threats CAPITAL will review other research agendas and conduct a market study

information technology ANALYSIS OF RESEARCH NEEDS CAPITAL will conduct a gap analysis between

8 8 / RESEARCH ACTIVITIES Identification and authentication Development of rich identification and authentication techniques to ensure privacy, and handle identities securely. Security of cloud computing Study virtualization architectures to enable full security/performance isolation at all levels (e.g., I/O, memory, cache) as well as data flow analysis in hypervisors applying statistical machine learning to detect attacks. Mobile devices and emerging technologies Given the fact that through mobile and wearable devices highly sensitive personal and enterprise data is communicated, confidentiality, privacy and integrity seem to be the most important property to guarantee. Exploring highly scalable technologies for efficient monitoring and analysis of security events that have the potential to compromise mobile devices.

Mobile devices and emerging technologies Given the fact that through mobile and wearable devices highly sensitive personal and enterprise data is communicated, confidentiality, privacy and integrity

9 9 / RESEARCH ACTIVITIES Critical infrastructure security Most of the critical infrastructures (e.g. water supply, electricity, healthcare, telecommunication) highly depend on Industrial Control Systems (ICS). Current EU projects need to be followed by additional research efforts, research should be carried out on ICS identity, privacy and trust management. Internet of things Development, convergence and interoperability of technologies for secure identification and authentication that can operate at a global scale. Increasing security assurance by developing risk and cost assessment methods adapted to the IoT (early security verification) and to enable assurance in the development of software based services.

Current EU projects need to be followed by additional research efforts, research should be carried out on ICS identity, privacy and trust management.

10 10 / RESEARCH ACTIVITIES Security and privacy by design Economic research should aim to gain more insight into the costs of a secure design, which may be initially higher and may require a trade-off between risks and expenses. A key problem is the impossibility to design completely secure system, which will stimulate cybercriminals to find ways to benefit from flaws. The challenge for researchers will be to explore the conditions under which developers stay ahead of cybercriminals. End-user awareness and usable security The development of useable security systems which are simple to understand for end-users. Currently methods for securing a system or device are often very complicated and therefore insufficiently used by the majority of end-users. The strengthening of the knowledge of end-users on cybersecurity and privacy risks.

The challenge for researchers will be to explore the conditions under which developers stay ahead of cybercriminals.

11 11 / FUTURE SOCIETAL NEEDS CAPITAL will identify promising solution concepts to found challenges in emerging areas Drafting and validation of the final Research Agenda For all these, substantial input is collected from experts and professionals in the cybersecurity field, based on a questionnaire. Actual conclusion: Determining future research topics in cybersecurity, and assessing their impact and relevance on future trends is a complex and error-prone task, but a mandatory one.

professionals in the cybersecurity field, based on a questionnaire.

Contributing an integrated Research and Innovation Agenda for Cybersecurity The role and approach of the market study

Contributing an integrated Research and Innovation Agenda for Cybersecurity The role and approach of the market study Véronique Pevtschin Engineering Ingegneria Informatica S.p.A CSP Innovation Forum 2015