Wearable Technology Evolution & Security: Grant Brown - Security Strategist Symantec
3.58 KM 12.11 KPH 493 Calories 114 BPM WEARABLE TECH EVOLUTION AND SECURITY GRANT BROWN SECURITY STRATEGIST @thegrantbrown V1.1 2
WEARABLE IS PART OF A RAPIDLY EXPANDING TECHNOLOGY LANDSCAPE DATA GROWTH INTERNET OF THINGS BIG DATA CONSUMERIZATION CLOUD MOBILE SOFTWARE DEFINED OPEN SOURCE CONVERGED
ONE COMPUTER -- TO MANY DEVICES 4
CONSTANT CONNECTION 5
INFORMATION HERE TO INFORMATION EVERYWHERE 6
INTERNET OF EVERYTHING 7
Wearable Technology WEARABLE TECHNOLOGY Presentation Identifier Goes Here 8
WEARABLE TECH IS RESULT OF KEY TECH THEMES INTERACTING Smartphone as core to access systems Cognizant Computing Mobile wallet Internet based communications Expanding Smartphone and Tablet Usage Critical infrastructure and manufacturing Smart Homes / Cities Cars with mobile functionality Internet of Things Fitness and lifestyle Fashion and Style Connectivity Privacy concerns Smaller devices Wearable Technology Open Data rather than just big Data Increase in Data Volumes Connecting of information to social Big Data and Open / Social Information Non-Tech Savvy Users Left behind by the innovation Confusion for users Will wearable make this easier or harder? Wider Accessibility
NEW THREATS ARISE AS NEW TECHNOLOGY REACHES CRITICAL MASS M2M Internet of Things Wearable Technology PCs Servers Internet ecommerce Viruses Worms Mobility Cloud Identity Theft DDoS Mobile Malware Social Media Terrorism? Privacy Manipulation of Data
PRIVACY AND SECURITY Protection across the ecosystem Across networks, devices and content Cloud Brokers Implementation of Protection Hacking Internet of Things Compromise physical security from digital Ransomware Hacktivism Cybercrime affecting the physical world People centric authentication Biometrics Location Context Behaviour Authentication Multiple online personae Separation of work and personal Expansion of privacy services Provenance on Social Media and Websites Anonymity and Provenance Expansion of regulation Harmonisation and cooperation across borders. Manage security exposure from sharing information online? Privacy and Data Protection
A DATA EXPLOSION! 12 A large and growing market with big security problems Surveillance Data Breach Stalking ID Theft Privacy Safety 60% US Adults Self-Track (Pew Research) 170M Self-Tracking Devices to Ship in 2017 (ABI Research)
ANATOMY OF A SELF-TRACKING DEVICE 13 Battery Splash-proof cover Motor Generates vibrations for discrete feedback Motion sensor Multi-axis motion detector Bluetooth chip For wireless syncing with computer/phone Power button Status LEDs Syncing jack For wired syncing with phone/tablet & charging TRACKING YOUR EVERY MOVE
ANOTHER TRACKING DEVICE 14 Magnetometer Proximity & ambient light sensors Yaw Roll Magnetic field Cameras front & back Pitch GPS sensor Gyroscopic sensor Microphone Accelerometer A SENSOR FOR EVERYTHING
WHERE THE BITS FIT IN 15 More moving parts = more risks RISK RISK RISK 23.56 KM 123 BPM 15. 8 RISK RISK
PERSONAL DATA S NEW FRIEND 16 Traditional personally identifiable information (PII) NAME SLEEP DOB ADDRESS RISK GPS COORDS GLUCOSE MOOD ID # WEIGHT meets quantified self Information
SELF-TRACKING IS RISKY FOR USERS 17 Your digital footprint will be everywhere! 23.56 KM 123 BPM 15.8 52% Do not have a privacy policy 20% Login credentials in clear text (Apps that require login) 14 Domains contacted by apps
MEET BLUEBERRY PI! 18 TOTAL PRICE $75 4GB SD Card $5 Raspberry pi $35 Bluetooth 4.0 USB dongle $7 Battery pack $28 OUR BLUETOOTH TRACKER
TRIGGERS OUTCOMES AND SOCIETAL IMPACT MATRIX Business motivations that will either drive or inhibit adoption and use of new technology Personal motivation that will either drive or inhibit an individual s adoption and use of new technology Government motivations that will either drive or inhibit government use of technology and possible regulation and laws Current and emerging trends in data collection, analytics systems and information storage and management Systems and ways that users interact with each other and machines. Also includes machine to machine (M2M) interfaces E.g.; mobile apps, Facebook, Twitter, Smart Systems etc. Ecosystems that involve locking information, devices, interfaces into a system in order to get benefit from that system. For example, cloud service providers, Facebook, Apple, Google Devices and technology. Ranging from consumer devices to industrial technology.
TRIGGERS OUTCOMES AND SOCIETAL IMPACT MATRIX Drivers Business Cost Efficiency Profit New Markets Ethics Competitive Customer Advantage Information Personal Personal Health Privacy Convenience Personal Capabilities Comfort Quality of Life Fashion Religion Govt Cost Efficiency Privacy Legal Aging Population Regulation Public Health &Safety Cultural Norms Trust and Services Interactions Activity tracking Location awareness Biometric Data Context Data Predictive Analytics for health Information Interfaces Social M2M Media RFID Nano-Bio Gesture Visual Brainwave Physical Wearable Apps Non- Bio Technical Printers Users Current Triggers Future Triggers Inhibitors Infrastructure Human Body Cloud Cognizant Computing Connected Healthcare Home Mobile Environment Platforms Ecosystems Devices Augmented Human Sensors Implants Manufactured Activity Organs Trackers Google Power Glass Mobile
RISKS AND OPPORTUNITIES FROM AUGMENTED HUMAN Strengths Health and lifestyle information Augmented reality to assist with access to information online Easier access to Smartphones and the Internet Opportunities Health Monitoring Personal Security and Safety Public Safety and Security Cognizant Computing Inputs and Information to Assist with treatment and diagnosis Weaknesses Standards and connectivity Power and communications requirements Increase in information that can be attacked as more information becomes digitized. Leaving the non-digital behind? Threats Ability for a third party to take over wearable device ransom, bullying, terrorism Privacy Data stolen by 3 rd party Glassholes Black-market and fraudulent sales in augmentation technologies 21
FOR THIS NEW WORLD TO FUNCTION, THERE NEEDS TO BE TRUST 22
INFORMATION TECHNOLOGY IS MATURING IF WE RE EMBEDDING TECHNOLOGY WE NEED TO EMBED SECURITY Last 20 years improvements in security and performance Next 5 years improvements in security and performance
As Devices become Smarter, Data more Personalized, Connectivity increasingly Pervasive, New Methods of Protection will be Required Virtual Personal Security Vendors such as Symantec working beyond our traditional markets Assets Physical 24
INFORMATION PEOPLE
CONTEXT AND RELEVANCE Context - Which Device am I on? Context - Where am I? Was I there 5 minutes ago? Identity - Who am I? Policy Do I have rights to this information? Trust and Security Context = + +
UNIVERSAL IDENTITY IDENTITY AND TRUST MODEL INTELLIGENT AUTHENTICATION OF USERS, DEVICES BIOMETRICS, LOCATION, CONTEXT, BEHAVIOR A FUTURE WITH NO PASSWORDS 27
SYMANTEC S ROLE IN EVOLVING INTERNET The information protection authority Data Systems Identities Interactions Security Storage Availability Innovator Advisor Influencer Leader 28