Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns

Similar documents
The UK cyber security strategy: Landscape review. Cross-government

2 Gabi Siboni, 1 Senior Research Fellow and Director,

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

Honourable members of the National Parliaments of the EU member states and candidate countries,

National Cyber Security Policy -2013

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Cyber Security Strategy

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

Cybersecurity on a Global Scale

TUSKEGEE CYBER SECURITY PATH FORWARD

AN INSIGHT TO CYBER WORLD WITH PROF. MICHAEL E.SMITH

Secure by design: taking a strategic approach to cybersecurity

Statement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives

S. ll IN THE SENATE OF THE UNITED STATES

CYBERSPACE SECURITY CONTINUUM

Protecting Organizations from Cyber Attack

CyberSecurity Solutions. Delivering

Harmful Interference into Satellite Telecommunications by Cyber Attack

Thank you for your very kind introduction.

Safety & Security in Computer Based Systems. Brian Gladman

Cyberspace Situational Awarness in National Security System

Making our Cyber Space Safe

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy

Cybersecurity: Mission integration to protect your assets

Business Continuity for Cyber Threat

A Community Position paper on. Law of CyberWar. Paul Shaw. 12 October Author note

Cyber security in an organization-transcending way

The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v

White Paper: Cyber Hawk or Digital Dove

working group on foreign policy and grand strategy

Hybrid Warfare & Cyber Defence

ITU Global Cybersecurity Agenda (GCA)

Cyber security Building confidence in your digital future

A NEW APPROACH TO CYBER SECURITY

United States Cyber Security in the 21st Century

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Terms of Reference for the Review of the OECD Guidelines for the Security of Information Systems and Networks

Address C-level Cybersecurity issues to enable and secure Digital transformation

Capabilities for Cybersecurity Resilience

Internet Governance and Cybersecurity Patrick Curry MACCSA

CYBER SECURITY STRATEGY AN OVERVIEW

Towards defining priorities for cybersecurity research in Horizon 2020's work programme Contributions from the Working Group on Secure ICT

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Safety by trust: British model of cyber security. David Wallace, First Secretary, Head of of the Policy Delivery Group British Embassy in Warsaw

the Council of Councils initiative

BRUNEI DARUSSALAM'S SECURITY CONCEPTS AND PERCEPTIONS

Priority III: A National Cyberspace Security Awareness and Training Program

Advanced Threat Protection with Dell SecureWorks Security Services

The main object of my research is :

European Commission Per

On the European experience in critical infrastructure protection

A Detailed Strategy for Managing Corporation Cyber War Security

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

Five Principles for Shaping Cybersecurity Norms

Privacy and Security in Healthcare

The internet and digital technologies play an integral part

Option 1: Use the Might of the U.S. Military to End the Assad Regime

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

The Path Ahead for Security Leaders

Knowing Your Enemy How Your Business is Attacked. Andrew Rogoyski June 2014

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Evolution of Cyber Security and Cyber Threats with focus on Cloud Computing

Cyber-Security. FAS Annual Conference September 12, 2014

Of Citadels And Sentinels: State. Tim Legrand and Jeff Malone

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

It's a MAD, MAD, MAD Cyber World

Internet Safety and Security: Strategies for Building an Internet Safety Wall

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

ITU National Cybersecurity/CIIP Self-Assessment Tool

The virtual battle. by Mark Smith. Special to INSCOM 4 INSCOM JOURNAL

A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Trends Concerning Cyberspace

The UK Cyber Security Strategy Protecting and promoting the UK in a digital world

Cybersecurity & International Relations. Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey.

Cyber Security Strategy for Germany

Promoting a cyber security culture and demand compliance with minimum security standards;

Cybersecurity. Canisius College

CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response

G7 Opportunities for Collaboration

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY

THE STRATEGIC POLICING REQUIREMENT. July 2012

Cyber Security Strategy

CENTRE FOR STRATEGIC CYBERSPACE + SECURITY SCIENCE LEADERSHIP. RESEARCH. DEFENCE.

Cyber security Building confidence in your digital future

Transcription:

Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns Benjamin GITTINS Ronald KELSON

What is cyberspace and why is it so important? US Government Cyberspace Policy Review cyberspace.. underpins almost every facet of modern society and provides critical support for the U.S. economy, civil infrastructure, public safety and national security. C Y BE R S PAC E P O L I C Y R E V I E W Assuring a Trusted and Resilient Information and Communications Infrastructure

SERIOUS cyber dependency problems UK Government Cyber Security Strategy 2011 Cyberspace has now grown to become a domain where strategic advantage industrial or military can be won or lost. The UK Cyber Security Strategy Protecting and promoting the UK in a digital world... The growing use of cyberspace means that its disruption can affect nations ability to function effectively in a crisis. November 2011

Global Perspectives on the Cyber Risk Security & Defence Agenda Cyber-Security 2012 Report Survey of 250 world leaders in 35 countries: 74% believe that cyber defence is as important or more important than missile defence 84% see cyber-attacks as a threat to national and international security and to trade 57% believe a cyber arms race is taking place Cyber-security: The vexed question of global rules An independent report on cyber-preparedness around the world With the support of

Damage or disruption to critical infrastructure is seen as the greatest single threat posed by cyber-attacks a national threat with wide economic consequences. Cyber-security: The vexed question of global rules An independent report on cyber-preparedness around the world With the support of

Most likely cause of global governance failure? Critical systems failure due to cyber attacks World Economic Forum Global Risks 2012 Report Figure 17: The Dark Side of Connectivity Constellation Cyber attacks Terrorism Massive incident of data fraud or theft Critical systems failure Global governance failure Massive digital misinformation Failure of diplomatic conflict resolution Origin Risk Increasing capabilities for cyber crime and attacks. Pathways Balance-of-power tips as new actors can wage effective interference and disrupt commerce. Manifestation The traditional system of global governance is undermined.

Critical systems failure Occurs when a single failure triggers cascading failures in the critical infrastructure and networks ( ed: escalating the risks of nuclear mishap, mistake and war ) Identified as a key concern for world leaders from government, business and civil society. Insight Report Global Risks 2012 Seventh Edition An Initiative of the Risk Response Network most likely be caused by cyber attacks Cyber attacks rank 4 th out of 50 global risks

Cyber attacks to divert existential threats? If you want to hit a country severely you hit its power and water supplies. Cyber technology can do this without shooting a single bullet. Prof. Isaac Ben-Israel Cyber Security advisor to Israel Prime Minister Director of Defense R&D Directorate in Israel s Ministry of Defense (1998-)

Case point: Stuxnet computer Worm Critical infrastructure is proven vulnerable Stuxnet: Spreads indiscriminately - NOW found in 155 countries Spies on and subverts industrial systems Can physically damage equipment e.g. Iran nuclear facility (NB: different cyber attacks have destroyed room sized generators) Found in more than 100,000 industrial plants worldwide - suggests a field test of a cyber weapon in different security cultures Siemens Simatic PLC

Another big problem: cyber attack attribution with the borderless and anonymous nature of the internet, precise attribution is often difficult and the distinction between adversaries is increasingly blurred. The UK Cyber Security Strategy Protecting and promoting the UK in a digital world Some states regard cyberspace as providing a way to commit hostile acts deniably. You cannot physically threaten or retaliate against a person or state you cannot identify or hold liable - enabling third parties to escalate confrontations! November 2011

To summarise U.S. Government Position U.S. National Security Agency There is no such thing as secure any more. - Debora Plunkett (2011) Director Information Assurance Directorate (IAD) U.S. National Security Agency

Introducing Brian Snow 35 years in the USA NSA 12 years as Technical Director Many U.S. government and military systems deploy his algorithms; including nuclear command and control Brian Snow

The stability of nations is at risk I am here to tell you your cyber systems continue to function and serve you NOT due to the EXPERTISE of your security staff, but solely due to the SUFFERANCE of your opponents. November 2011 Brian Snow

Fear of national strategic failure fuels cyber arms race approx. 140 countries e.g. DARPA s global-scale cyber offensive initiative Plan X will support development of fundamental strategies and tactics needed to dominate the cyber battlespace. An effective cyber offense capability requires exploitable vulnerabilities in all potential target systems; it requires collective ICT weakness.

Our four key strategies for managing the risks We can't misplace our trust in different components of the system that might have already been violated. We have to assume that all components of our system are not safe, and make sure we are adjusting accordingly. Debora Plunkett Strategy 1. Design ICT for human trust

Our four key strategies for managing the risks We have to design and architect our systems with the assumption that adversaries, will on occasion, get in. Debora Plunkett Strategy 2. Design ICT to be dependable during insider and outsider attacks, including: management or technical personnel attacks; and covert malware in the hardware and software (introduced during manufacture or later)

ICT systems are NOT designed to safety standards that match our level of dependence on them Strategy 3. Holistically converge Safety and Security capabilities into ICT so modern global society can Trust and Depend on ICT

Strategy 4. Resolve architectural flaws in the design of computers If you look for a one-word synopsis of computer design philosophy, it was and is: SHARING. In the security realm, the one word synopsis is SEPARATION: keeping the bad guys away from the good guys stuff! So today, making a computer secure requires imposing a separation paradigm on top of an architecture built to share. That is tough! Brian Snow

Our globally inclusive cyber security ecosystem (where each part can stand alone) Secure Realtime Quick-to-Market SR Revolution TruSIP Privacy and Safety Enhanced Computer Roaming access with smart card secured ID's Global-scale Identity and Key Management short range wireless Cloud IdM and CKM Service Universal Network Carrier (Janelda)

Our ecosystem will reduce fear Synaptic Labs ICT vision is guided by democratic principles of Spirit of Laws Treatise on political theory (1748) Advocated: - separation of powers - a system of checks & balances - preservation of civil liberties Goal: - Enable citizens to have confidence/trust/ assurance in the integrity of the political system Designing these principles more strongly into ICT systems to enable stakeholders to have confidence and trust in specifications, products, services and managers

We distribute the burden of trust to reduce fear Each chain represents actions of a sovereign (or group of sovereigns) Honest action by one sovereign is sufficient to ensure security For each client transaction, distribute trust across sovereigns

This trust model can scale globally... Canada Italy Japan Russian Federation Mexico France Korea Russian Federation

We must change our toxic environment! We should also support and get involved in forward-leaning efforts, such as those proposed by Synaptic Laboratories within the ICT Gozo Malta Project. They seek to holistically address the hard security problems! This must be taken on by others as well. Brian Snow Public Statement of Support November 2011

Advisors and/or Expert Reviewers from... Brian Snow Tidorum RTEMS

Contact: Email: Phone: Web: Benjamin GITTINS Chief Technical Officer Synaptic Laboratories Limited cto@pqs.io +356 9944 9390 www.synaptic-labs.com Chief Technical Officer ICT Gozo Malta www.ictgozomalta.eu

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information