synthetic teammates and the future of cybersecurity · 1 synthetic teammates and the future of...
TRANSCRIPT
![Page 1: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/1.jpg)
1
Synthetic Teammates andthe Future of Cybersecurity
Dr. Fernando Maymí Lead Scientist, Cyberspace Operations
Soar Technology, [email protected]
8 August 2017
![Page 2: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/2.jpg)
2
- THE FUTURE THREAT LANDSCAPE- SYNTHETIC TEAMMATES- WORKFORCE DEVELOPMENT
![Page 3: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/3.jpg)
3
- THE FUTURE THREAT LANDSCAPE- SYNTHETIC TEAMMATES- WORKFORCE DEVELOPMENT
![Page 4: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/4.jpg)
4
The Tactical Battlefield of 2050
• Augmented humans
• Automated decision making and autonomous processes
• Misinformation as a weapon
• Micro-targeting
• Large-scale self-organization and collective decision making
• Cognitive modeling of the opponent
• Ability to understand and cope in a contested, imperfect, information environment
![Page 6: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/6.jpg)
6
![Page 7: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/7.jpg)
7
![Page 8: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/8.jpg)
8
![Page 9: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/9.jpg)
9
![Page 10: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/10.jpg)
10
![Page 11: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/11.jpg)
11
![Page 12: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/12.jpg)
12
Concerns
• War on reality: the weaponization of data
• Blended attacks
• Micro-targeting
• Efficiency is easy to hack
• Complex autonomous systems
Understanding the context is essential
![Page 13: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/13.jpg)
13
- THE FUTURE THREAT LANDSCAPE- SYNTHETIC TEAMMATES- WORKFORCE DEVELOPMENT
![Page 14: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/14.jpg)
14
Partial Artificial Intelligence Taxonomy
Machine Learning Cognitive Modeling
![Page 15: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/15.jpg)
15
(Oversimplifying) Artificial Intelligence
Source, Fair use, https://en.wikipedia.org/w/index.php?curid=36632393,
https://readingraphics.com/book-summary-thinking-fast-and-slow/
Analogous to
Machine Learning
Analogous to
Cognitive Modeling
![Page 16: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/16.jpg)
16
Autonomous Agents
Sense
Act
Think
Learn
![Page 17: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/17.jpg)
17
MACHINE LEARNING
System 1
17
![Page 18: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/18.jpg)
18
Machine Learning
Extract
Features
Filter
Noise
Sense
Data
Classify
Sample
External agent validates
results during training phase
Production (trained) system
outputs results to other systems
![Page 19: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/19.jpg)
19
Adversarial Machine Learning
Original image
classified as a panda
with 60% confidence
Imperceptibly modified
image classified as a
gibbon with 99%
confidence
Tiny adversarial
perturbation
This is a gibbon
Source, Fair use, http://www.kdnuggets.com/2015/07/deep-learning-adversarial-examples-misconceptions.html,
https://www.ippl.org/gibbon/wp-content/uploads/2010/09/peppyaction-269x300.jpg
![Page 20: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/20.jpg)
20
Adversarial Machine Learning
Original image
classified as malware
with 60% confidence
Imperceptibly modified
file classified as
whitelisted software
with 99% confidence
Tiny adversarial
perturbation
Source, Fair use, http://www.kdnuggets.com/2015/07/deep-learning-adversarial-examples-misconceptions.html,
https://stixproject.github.io/documentation/idioms/maec-malware/
![Page 21: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/21.jpg)
21
Towards a Solution
![Page 22: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/22.jpg)
22
COGNITIVE MODELING
System 2
22
![Page 23: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/23.jpg)
23
Towards a Common Model of TTPs
Procedures: the algorithmic, atomic unit of cyberspace operations
Techniques: unique ways to perform procedures
Tactics: directed subgraphs of procedures with one or more goals
as their terminal nodes
![Page 24: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/24.jpg)
24
Towards a Common Model of TTPs
Procedures: the algorithmic, atomic unit of cyberspace operations
Techniques: unique ways to perform procedures
Tactics: directed subgraphs of procedures with one or more goals
as their terminal nodes
![Page 25: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/25.jpg)
25
Towards Common Models of Threat Actors
Partial model of APT28 (Fancy Bear) during Operation Pawn Storm
![Page 26: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/26.jpg)
26
Simulated Cognitive Cyber Red-team Attack Model
Command & Control
Situation Reports
Human
Controller
Cyber Actions
Network Under Test
SC2RAM
![Page 27: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/27.jpg)
27
SC2RAM Graphical User Interface
![Page 28: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/28.jpg)
28
Network Attack Visualization
Developed by IHMC for SC2RAM
![Page 29: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/29.jpg)
29
Using Synthetic Attackers for Cybersecurity
![Page 30: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/30.jpg)
30
Autonomous Hunt Teammate
Hypothesis
Generator
Learning Module
Hypothesis
Evaluation
Threat Intel Feeds Other Feeds Internal Models
DHS
ISAC
Commercial
Dark
Web
Social
MediaAssets TTPs
Attacks
Logs
IDS
Firewalls
Internal Sensors
![Page 31: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/31.jpg)
31
- THE FUTURE THREAT LANDSCAPE- SYNTHETIC TEAMMATES- WORKFORCE DEVELOPMENT
![Page 32: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/32.jpg)
32
Workforce Pipeline
Access Employ Develop Retain
![Page 33: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/33.jpg)
33
What Are We Looking For?
Source, fair use: http://host.madison.com/ct
Access Employ Develop Retain
![Page 34: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/34.jpg)
34
Why?
Source, fair use: http://dailymail.co.uk
Access Employ Develop Retain
![Page 35: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/35.jpg)
35
Key Hiring Trends in Cybersecurity
• Companies are seeking certified candidates- 35% of positions required a certification
• Companies are seeking educated candidates
- 80% of positions require a Bachelor’s degree
• Hands-on skills are more valuable than managerial ones- Lead Software Developer average salary: $ 233,333
- Chief Security Officer average salary: $ 225,000
• Openings are harder to fill- Cybersecurity openings remain open 8% longer than IT ones
- Security clearances or financial sector experience is even harder to fill
• Next-generation gap- Younger generation is not as interested in cybersecurity, particularly women
Access Employ Develop Retain
![Page 36: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/36.jpg)
36
Developing the Cybersecurity Workforce
Access Employ Develop Retain
Source, fair use: http://www.naturethruphotos.com
![Page 37: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/37.jpg)
37
Developing the Cybersecurity Workforce
Access Employ Develop Retain
Source, fair use: https://certification.comptia.org
![Page 38: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/38.jpg)
38
Retention
Access Employ Develop Retain
![Page 39: Synthetic Teammates and the Future of Cybersecurity · 1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology,](https://reader034.vdocument.in/reader034/viewer/2022050410/5f86b1622d67941a0c189c05/html5/thumbnails/39.jpg)
39
Most Importantly…
Source: https://www.123rf.com/profile_garagestock
Access Employ Develop Retain