Panel:Engineering Discipline in Cyber

Security

Steve Orrin, Chief Technologist, Intel Federal, Intel Coporation

Intel Corporation 2

Harbor Freight POS Attack

Home Depot

POS Attacked

Sands Hacked

Neiman MarcusHackedTarget breached via

HVAC systems

Spike Botnet launches

DDOS via IoT Devices

2014: The Year of the Data Breach

Sony Hacked

Trends to watch for in 2015:

• Data Breaches continue (like Home Depot, Target, and Anthem)• Full scale attacks on organizations (like Sony and Sands)• Increased focus on Asymmetric attacks, advancements in APT’s including firmware/BIOS targeting

Anthem’s Records Stolen

Intel Corporation

SERVERS

PC

LAPTOP

EMAIL

DATABASE

USB

SMART PHONE

ROUTING/SWITCHING CLOUD

VIRTUALENVIRONMENT

SAN

VOIP

TABLET

EMBEDDEDDEVICES

WIRELESS

APPS

1 BILLIONDEVICES in 2000’s

15 BILLIONCONNECTED DEVICES

in 2015

Security Challenges:469,000 unique malware samples discovered weekly83% organizations hit by Advanced Persistent ThreatsFlat to down IT/IS budgetsFlat number of trained practitioners

100 BILLIONCONNECTED DEVICES

by 2020

DECREASED/FLAT BUDGETS

LIMITED OR UNTRAINED RESOURCES

UNPLANNED COMPLIANCE AND REPORTING REQUIREMENTS

CHANGING BUSINESSDEMANDS

A Nasty Math Problem

.

Intel Corporation 4

The Path Forward: End-to-End Security

Device Security• Physical Device Security• Endpoint Protection• Application/Functional separation

Secure the Data• Confidentiality & Integrity

• At rest, in transit, and in use

• Context Aware Security• Authentication and Access Control for the user, the device and its data

Security Monitoring & Management• Security Policy Management• Security Event Monitoring• Connected Security & Actionable Threat Intelligence