los angeles dgs 16 presentation - the future of cybersecurity - timothy lee

The Future of CybersecurityLos Angeles Digital Government Summit 2016

Timothy Lee

Scope – Known Knowns

Known Knowns

Unknown Unknowns

Known

Unknowns

I. Human Factor Is Key To Cybersecurity

In 2015

• Social Engineering is #1 attack technique (Proofpoint)

• More than 2 billion mobile apps that steal personal data were downloaded (Proofpoint)

• 52% of the root cause of the security breaches are due to human error (CompTIA)

Human Behaviors vs Attack Methods

Human Behaviors

• Trust

• Desire to be helpful

• Fear (unknown, loss, authority)

• Curiosity

• Carelessness

Attack Methods

• Social Engineering (Targeted/Untargeted)

• Water holing

• Trojan / Ransomware

• Social Media / Rogue Apps marketplaces

Recommendation

•User Education and Awareness

•Security Policy and Standards

•Endpoint Security

• Identity and Access Management (IAM)

•Threat Intelligence Service

II. Collaboration Is Key To Cybersecurity

• On-line, Off-line and Real-time coordination

• Information sharing (one-way / two way)

• Command & Control (C&C)

• Centralized or Distributed

Collaborative Attack vs Collaborative Defense

Recommendation

• Promote Cybersecurity collaboration

• Internal Partners ( SOCs/NOCs; IT Departments)

• External Partners (FBI CyberhoodWatch, NCCIC, ISACs)

• Enhance Situational Awareness (SA) capability (Perception, Comprehension and Projection)

• Establish Threat Intelligence Program (information gathering, analyzing and dissemination)

III. Digital /Physical Security Convergence

• Stuxnet launched against Nuclear Control Systems, 2007

• Oil Pipeline in turkey explodes in 2008

• Hacking medical devices in 2011

• Blast Furnance in German Steelworks Attacked, 2014

• Blackouts in Ukraine, 2016

Digital Security Model (CIAS)

Digital Security

Confidentiality

Integrity Availability

Safety

• Data (Confidentiality, Integrity and Availability)

• People / Environments (Safety)

Source: Cybersecurity Scenario 2020 Phase 2 – Gartner G00279414

Recommendation

• Identify critical assets and develop a protection strategy

•Promote collaborative culture

•Establish Threat Intelligence progrma

Summary

•User Education and Awareness

•Cybersecurity Program based on Risk Management Framework

•Cybersecurity Collaboration

Thank you!