future world: what will cybersecurity look like in … · future world: what will cybersecurity...
TRANSCRIPT
MAY 20, 2019Los Angeles, California
FUTURE WORLD: WHAT WILL CYBERSECURITY LOOK LIKE IN THE
FUTURE?
May 19-22, 2019 • Los Angeles, California113th Annual Conference
Learn more by visiting us at gfoa.org • #GFOA2019
Mike BaileyFinance Consultant, Municipal Research and Services Center
Dan FryeSVP Corporate SecuritySierra-Cedar
Cindy CompertDistinguished Engineer and Security CTO, U.S. Public Sector Market CTO, Data Security & Privacy, IBM SecurityIBM
Future World:The Future of Information SecurityDan FryeSenior Vice President, Corporate Securitylinkedin.com/in/danfrye/
The Cloud has created new opportunities for a decentralized “Things-as-Code” model that will fundamentally change business processes and how security is injected into the organization.
Authentication will be the new perimeter and Identity will be the new firewall.
Security leaders will need to apply supply chain principles to secure the data flows used by the business.
What I want you to remember
https://aws.amazon.com/compliance/shared-responsibility-model/
AWS Security Products
https://www.csoonline.com/article/3200024/cybersecurity-labor-crunch-to-hit-35-million-unfilled-jobs-by-2021.html
DETECTION & RESPONSE
PREVENTION
PROBLEM
https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report.pdf
https://www.esecurityplanet.com/network-security/security-automation-and-orchestration-soar.html
https://www.csoonline.com/article/3390683/how-a-data-driven-approach-to-security-helps-a-small-healthcare-team-embrace-automation.html
Invest in the skills and talent necessary to develop security-as-code, infrastructure-as-code, and business-process-as-code.
Lesson #1
https://www.cnet.com/news/gates-predicts-death-of-the-password/
https://www.cnet.com/news/massive-breach-leaks-773-million-emails-21-million-passwords/
https://xkcd.com/936/
“At Microsoft only 10 percent of our users enter a password on a given day.”
https://www.microsoft.com/security/blog/2019/05/08/3-investments-improve-identity-management-microsoft/
https://techcrunch.com/tag/authentication/
Traditional Network Security Model
Zero TrustSecurityModel
https://www.centrify.com/education/what-is-zero-trust-privilege/
Organizations have to fundamentally change their approach to identity, access, and authorization.
Lesson #2
https://hbr.org/2016/09/bad-data-costs-the-u-s-3-trillion-per-year
What if someone injected data or
manipulated data in a data source?
Security leaders need to account for data risk. What outcomes could happen if data integrity fails?
Lesson #3
Future World:The Future of Information Security
Dan Fryelinkedin.com/in/danfrye/
Cindy E. Compert, CIPT/M
Distinguished Engineer & Security CTO US Public Sector Market
CTO Data Security & Privacy, IBM Security
@CCBigData
May 20, 2019
Contents
• A little R&R• Scary Attacks• AI and Cloud take flight• More R&R• Advice for working with your
CISO
Making the Shift: R&R
Scary Attacks
29
From Ransomware… to CryptojackingRouter Fries Egg
https://www.cnet.com/news/this-cryptocurrency-mining-router-was-hot-enough-to-serve-me-fried-eggs-black-hat-defcon/
31
The Brave Little Toasterbecomes reality
Change is coming..
32
Steps you can take
Cryptojacking:• Train• Patch• Monitor
IoT:• Implement real-time inventory• Patch • Assess entire infrastructure• Isolate infrastructure and network• Consider behavioral monitoring
solutions
https://searchhealthit.techtarget.com/tip/Cryptojacking-emerging-as-a-new-threat-to-healthcare
AI and Cloud Take Flight
AI Security Examples
• Approach: Model behaviors and identify emerging and past threats and risks
• Applications: Network, user, endpoint, app and data, cloud
Predictive Analytics
• Approach: Curation of intelligence and contextual reasoning
• Applications: Structured and unstructured (NLP) data sources
Intelligence Consolidation
• Approach: Reason about security events for triage and response
• Applications: Cognitive SOC analyst, orchestration, automation and digital guardian
Trusted Advisors & Response
Example: AI advisorCExample: Threat enrichmentBExample: User Behavior AnalyticsA
AI: Steps you can take
Understand Identify Use Cases Pilot
Test your hypotheses in a controlled scenario. Get help
from experts. Compare outcomes.
Understand AI capabilities and how they might help you accelerate security
processes
Identify use cases and measure current
processes
Let’s change the way we think about hybrid cloud security
There are 3 key phases to the cloud adoption journey
© 2019 IBM Corporation
Baseline & Strategy
Formally starting on cloud journey, or just starting to move workloads to cloud
Hybrid Environment
Well into cloud transformation or primarily in a hybrid steady-state operation
Cloud / Multi-Cloud
Full cloud transformation or born-in-the-cloud organizations
Many organizations will be faced with the hybrid reality.
Shared security responsibility model has expectations of the customer
© 2019 IBM Corporation
Customer / Tenant Responsibility Cloud Service Provider Responsibility / Native Controls
ON-PREMISES CLOUD
Cloud Native Controls available
Endpoint Security
Application Controls
Identity & Access Management
Data Protection & Encryption
Network Controls
Operating System
Virtualization Layer
Network Infrastructure
Storage
Physical Infrastructure
Endpoint Security
Application Controls
Identity & Access Management
Data Protection & Encryption
Network Controls
Operating System
Virtualization Layer
Network Infrastructure
Storage
Physical Infrastructure
Hybrid Cloud Security: Steps you can take
Protect data Enhance Productivity Ensure Compliance
Enable compliance visibility and reporting into both your
cloud and on-premises environments
Bring your own security controls to strengthen security of your cloud
service providers
Build security into the design, so you don’t lose
productivity going back and incorporating it later
Only
of security budget allocated to cyber resilience activities
of highly ranked resilient organizations are very confident in their ability to prevent a cyberattack
use automation significantly or moderately
increase in threat sharing from 2017 to 2018
Cybersecurity shifts to resilience
77% of Enterprises Don’t Have a Cybersecurity Incident Response Plan
IBM Security / © 2019 IBM Corporation 41
Practice worst case scenarios
4 Keys to R.I.S.K.
IdentifyRepeat Sustain KPI’s
Partner with your CISO• Invest in security according to
value/risk• Know thy data, know thy risk• A security strategy with timelines
is critical• Communicate cyber risk to the
business in specific scenarios
@CCBigData
Thank you
IBM Security / © 2019 IBM Corporation 45