Challenges for the Next Generation of Cybersecurity Professionals - Matthew Rosenquist

Download Challenges for the Next Generation of Cybersecurity Professionals - Matthew Rosenquist

Post on 13-Apr-2017

174 views

Category:

Technology

4 download

Embed Size (px)

TRANSCRIPT

<ul><li><p>Matthew Rosenquist Cybersecurity StrategistJanuary 2017</p></li><li><p>Cybersecurity may be fought with technology, but it is people who triumph.</p><p>We must invest in the future generations of professionals who will carry on the fight.</p></li><li><p>Agenda</p><p> Introduction</p><p> Future challenges in cybersecurity drive demand</p><p> Industry best practices and perspectives</p><p> Cybersecurity industry workforce opportunities</p><p> Needed skills, training, and student resources</p><p> Questions and Answers discussion</p></li><li><p>BiographyMatthew RosenquistCybersecurity Strategist and Evangelist, Intel Corporation</p><p>25 years in the field of security, specializing in strategy, threats, operations, crisis management, measuring value, communications, and establishing strategic organizations which deliver optimal security capabilities.</p><p>As a cybersecurity strategist, he champions the meaningfulness of security, advises on emerging opportunities and threats, drives industry collaboration, and advocates a sustainable balance of cost, controls, and productivity across business, governments, and academic sectors.</p><p> Consults globally to governments, academia, business, and cybersecurity professionals Built and managed Intels global Security Operations Center First Incident Commander for Intels worldwide CERT Managed security for Intels multi-billion dollar worldwide M&amp;A activities Overseen internal platform security products and services Strategic planner for the Intel Architecture security playbook Unified synergies forming the 3rd largest global security product organization Conducted investigations, defended corporate assets, established policies, developed strategies to </p><p>protect Intels global manufacturing</p><p>Matthew is an outspoken evangelist and advocate of cybersecurity who delivers keynotes, speeches, lectures, and has a significant social following of security technologists and global professionals. </p><p>4</p><p>Twitter: @Matt_RosenquistLinkedIn Blogs: https://www.linkedin.com/today/author/matthewrosenquist</p><p>https://twitter.com/Matt_Rosenquisthttps://www.linkedin.com/today/author/matthewrosenquist</p></li><li><p>Future Cybersecurity Challenges drive demand</p><p>5</p></li><li><p>Security Industry Needs Leadership</p><p>...If security breaks down, technology breaks down</p><p>Brian KrebsNoted Cybersecurity Reporter</p></li><li><p>Innovation Drives Risk Convergence</p><p>New technology bridges the virtual and physical worlds, to connect and enrich peoples lives</p></li><li><p>Rapid Shift of Skills in the Industry</p><p>Needed skills will change over time, as security, privacy, and safety evolve.</p><p>Strategies will evolve, to expand what is possible, in order to align with shifting expectations.</p><p>The next generation of security professionals must understand and be able to contribute to the delivery of best-known-practices.</p></li><li><p>Evolving Landscape, Adversaries, and Battlefield</p><p>i29 countries </p><p>Have formal cyberwarfare units</p><p>i63 countries </p><p>Use cyber tools for surveillance</p><p>i</p><p>$19 billion US 2017 proposed </p><p>budget for cybersecurity</p><p>i$6 trillion </p><p>Cyber-crime impact globally by 2021</p><p>i200% increase </p><p>In cyber-crime in the last 5 years</p><p>i$3 $90 trillion </p><p>Aggregate innovation impact of cyber-risks by 2020</p><p>Ha</p><p>rd </p><p> -</p><p>Att</p><p>ack</p><p> Dif</p><p>ficu</p><p>lty</p><p> -</p><p>Ea</p><p>sy</p><p>IMPACT GOES FAR BEYOND </p><p>Cybersecurity costs </p><p>typically measured as part </p><p>of an incident</p><p>Actual costs of long term </p><p>impacts including lost </p><p>contract revenue, operational </p><p>disruption, devaluation of </p><p>trade name, loss of IP, rises in </p><p>insurance premiums, </p><p>increased cost to raise debt, </p><p>customer relationship impacts </p><p>%COST</p><p>~1%*</p><p>Source: US Tech Manufacturing Company Case Study , Deloitte</p><p>~99%</p><p>i35% US population </p><p>Healthcare records exposedin 2015</p><p>i400k New Malware/Day</p><p>575 million uniquesamples of malware exist</p><p>i+2 Billion Users</p><p>4 billion users online by 2020, up from 2+ billion in today</p><p>i50-200 Billion Devices</p><p>Connected to theInternet by 2020</p><p>i25+ Million Applications</p><p>Connected by 2020 creating 50x the volume of data</p><p>9</p></li><li><p>Changing Digital World</p><p>10</p><p> Growing Number of Users: 4B connected people</p><p>More Users</p><p>New Devices</p><p>Innovative Usages</p><p>Generating Vast Data</p><p>Sensitive Functions</p><p>Increased Target Value</p><p> New Devices Types: 50-200B IoT devices</p><p> Innovative Usages and Access: 25M+ applications</p><p> Creation of Vast Amounts of Data: 50 Trillion gigabytes</p><p> Critical Functionality: Infrastructure, Defense, Transportation</p><p>Creates Targets with Increased Value</p></li><li><p>4 Levels of Cybersecurity Impacts</p><p>11</p><p>Denial of Service (A) Access of customers Availability of data, </p><p>systems, &amp; services DDOS network attacks, </p><p>ransom-ware data locking attacks</p><p>Data Theft&amp; Exposure (C) ID Theft Privacy Data Breach Transaction data Database hacks, </p><p>skimming, lost storage, keylogging </p><p>Monitor &amp; Manipulate (I) Internal-access </p><p>surveillance for advantage</p><p> Tamper / Manipulation Long-term data </p><p>gathering campaign </p><p>Own &amp; Obliterate (C/I/A) Administrative ownership and control Capability of unrecoverable obliteration Strategic attack, undermining of org capability</p><p>Security Competency</p><p>Attacker Innovation</p><p>Attacks evolve over time for different technology </p><p>and usages</p></li><li><p>Security Futures Summary:</p><p>12</p><p>1. Threats remain equitable to the growth and use of technology</p><p>2. Age of massive connectivity (ex. IoT, mesh, 5G/6G, blockchains, etc.) drives opportunities (for good and bad cyber threats will take advantage)</p><p>3. Society expectations raise for cyber security, privacy, and safety</p><p>4. Tipping points approach: threats to life-safety, cybercrime hyper-growth, offensive cyberwarfare</p><p>5. Pendulum swings towards more security, ultimately settles for an optimal balance (regulatory, nation-states, technology innovators/manufacturers)</p><p>6. Emerging data, devices, and services are targeted by Threat Agents pursuing their objectives, driven by their specific motivations</p></li><li><p>Industry best practices and perspectives</p><p>13</p></li><li><p>The Best Organizationsa</p><p>Seeks Optimal Risk</p><p>Risk management planning</p><p>Anticipates impacts </p><p>Balance Cost, Risk, &amp; Usability</p><p>Adapts to shifting demands</p><p>Comprehensive Processes</p><p>Security as a continuous cycle</p><p>Continuous improvement process</p><p>Technology and Behaviors</p><p>Obstacles and Opposition</p><p>Leads into the Future </p><p>Clearly defines success</p><p>Plans for a sustainable future</p><p>Roles and accountability</p><p>Continuously adapting </p><p>14</p></li><li><p>Important Considerations</p><p>15</p><p>Smarter vs More</p><p>Collaboration across security functions improving effectiveness</p><p>Better IT choices &amp; enablement</p><p>Properly balancing the risk, cost, and usability constraints</p><p>Expectations Drive Change</p><p>Societys expectations shift with pain, impact, and inconvenience</p><p>Trust will be valued, demanded</p><p>Security, privacy, and controls will align with greater impacts</p><p>Controls Must Adapt</p><p>Innovation intersecting emerging attacks to keep pace with attackers</p><p>Static defenses are easy to defeat</p><p>Intelligence, analysis, and actions must feedback to improve systems</p></li><li><p>Future Technology to be Designed with Security</p><p>Smart Security innovation must deliver more capable solutions to keep pace with threats</p><p>Ubiquitous Security must protect data wherever it exists or is used, for all parties and devices across the compute landscape</p><p>Trusted Technology and security providers must be trustworthy, in the creation and operation of their products</p><p>Strong Products and services must be hardened to resist compromise and make security transparent to users </p><p>Open Platforms and security standards must be open to promote collaboration and accelerate adoptionSecurity must be </p><p>part of the design for future </p><p>technology. Adding security after, is no longer sufficient or </p><p>sustainable</p><p>16</p></li><li><p>Cybersecurity industry workforce opportunities</p><p>17</p></li><li><p>Lack of Security Talent Hinders the Industry</p><p>The lack of qualified cybersecurity talent will greatly restrict the growth and effectiveness of security teams. </p><p>Academia is working to satiate demand, an estimated 2 million unfilled cybersecurity positions by 2017, but it will take time.</p><p>Result:1. Salaries will continue to rise until demand is met2. Headhunting and retention of top talent becomes </p><p>ruthlessly competitive3. Leadership and technical roles in greatest demand4. Outsourcing to MSSPs and security firms will increase</p></li><li><p>Cybersecurity Workforce Shortage</p><p>o 1.5-2 million estimated unfilled positions by 2017</p><p>o Job postings rose 91% (2010-2014)</p><p>o Leaders and engineers in highest demand</p><p>o Professional Services, Finance, Defense and Manufacturing are leading sectors</p><p>o Finance, Healthcare, and Retail are growing fastest </p><p>o Hybrid jobs are increasing, contributing to demand</p></li><li><p>Needed skills, training, and student resources</p><p>20</p></li><li><p>Skills and Training</p><p>The best way to prepare the next generation of cybersecurity professionals:</p><p> Hard Skills (technical)</p><p> Soft Skills (behavior)</p><p> Experience (contextual)</p><p> Job Market Insights (opportunity data)</p><p>Hard Skills</p><p>Soft Skills</p><p>Experience</p><p>Job Market Insights</p><p>Navigate to </p><p>Success</p></li><li><p>Soft Skills are Important1. Dependability Being dependable means that you do what you say you will, when you say you will. You can be trusted </p><p>to complete any task, and you will do it well.</p><p>2. Motivation You should be able to motivate yourself to get tasks done, and take the initiative to find new ways to improve upon not only yourself and your work, but also your organization.</p><p>3. Communication This is one of those skills you hear about all the time, and thats for a reason. Communication is the key to any human interaction, especially in the workplace.</p><p>4. Commitment Employers want to know that youre not only committed to the company and your job, but to turning out the best work you can, every time.</p><p>5. Creativity Can you think about problems in a new and interesting way? Show your employer how.</p><p>6. Problem Solving If youre confronted with a problem, employers want to know that you will do everything you can to fix it. Your creative skills will come in handy here.</p><p>7. Flexibility Sometimes, your job is going to be a little like a roller coaster. Can you adjust to the chaos?</p><p>8. Teamwork Youre not done with group work after graduate school. Working in a team is an essential part of almost every job.</p><p>9. Leadership You may not be a natural born leader, but can you step up and guide either a group of people or a process if necessary?</p><p>10. Time Management Ability to balance workloads and prioritize what gets done, in the face of many deliverables</p><p>http://www.nationalsoftskills.org/top-10-soft-skills-for-success/</p></li><li><p>Experience and Certification</p><p>Source: Burning Glass Technologies report -Job Market Intelligence: Cybersecurity Jobs, 2015 </p><p>Job Posting Requirements</p><p>35% Industry certifications</p><p>84% Bachelors degree or higher </p><p>83% 3+ years of experience</p><p>10% Security Clearance</p><p>Relationship between experience and certification</p><p> Entry level certifications typically require less than 3 years of experience</p><p> Advanced certifications require at least 3-5 years experience</p></li><li><p>Many, Many CertificationsGSLC: GIAC Security Leadership ManagementGISP: GIAC Information Security Professional ManagementGCPM: GIAC Certified Project Manager ManagementGSEC: GIAC Security Essentials Security AdministrationGCIH: GIAC Certified Incident Handler Security AdministrationGCIA: GIAC Certified Intrusion Analyst Security AdministrationGPEN: GIAC Penetration Tester Security AdministrationGWAPT: GIAC Web Application Penetration Tester Security AdministrationGISF: GIAC Information Security Fundamentals Security AdministrationGCWN: GIAC Certified Windows Security Admin Security AdministrationGPPA: GIAC Certified Perimeter Protection Analyst Security AdministrationGCED: GIAC Certified Enterprise Defender Security AdministrationGICSP: Global Industrial Cyber Security Professional Security AdministrationGXPN: GIAC Exploit Researcher &amp; Adv. Pen Tester Security AdministrationGAWN: GIAC Assess &amp; Audit Wireless Networks Security AdministrationGCUX: GIAC Certified UNIX Security Administrator Security AdministrationGMOB: GIAC Mobile Device Security Analyst Security AdministrationGMON: GIAC Continuous Monitoring Certification Security AdministrationGCCC: GIAC Critical Controls Certification Security AdministrationGPYC: GIAC Python Coder Security AdministrationGASF: GIAC Advanced Smartphone Forensics ForensicsGCFE: GIAC Certified Forensic Examiner ForensicsGREM: GIAC Reverse Engineering Malware ForensicsGCFA: GIAC Certified Forensic Analyst ForensicsGNFA: GIAC Network Forensic Analyst ForensicsGSSP-JAVA: GIAC Secure SW Programmer-Java Software SecurityGWEB: GIAC Certified Web Application Defender Software SecurityGSSP-.NET: GIAC Secure SW Programmer- .NET Software SecurityGLEG: GIAC Law of Data Security &amp; Investigations LegalGSNA: GIAC Systems and Network Auditor Audit</p><p>http://www.giac.org/certification/security-leadership-gslchttp://www.giac.org/certification/information-security-professional-gisphttp://www.giac.org/certification/certified-project-manager-gcpmhttp://www.giac.org/certification/security-essentials-gsechttp://www.giac.org/certification/certified-incident-handler-gcihhttp://www.giac.org/certification/certified-intrusion-analyst-gciahttp://www.giac.org/certification/penetration-tester-gpenhttp://www.giac.org/certification/web-application-penetration-tester-gwapthttp://www.giac.org/certification/information-security-fundamentals-gisfhttp://www.giac.org/certification/certified-windows-security-administrator-gcwnhttp://www.giac.org/certification/certified-perimeter-protection-analyst-gppahttp://www.giac.org/certification/certified-enterprise-defender-gcedhttp://www.giac.org/certification/global-industrial-cyber-security-professional-gicsphttp://www.giac.org/certification/exploit-researcher-and-advanced-penetration-tester-gxpnhttp://www.giac.org/certification/assessing-and-auditing-wireless-networks-gawnhttp://www.giac.org/certification/certified-unix-security-administrator-gcuxhttp://www.giac.org/certification/mobile-device-security-analyst-gmobhttp://www.giac.org/certification/continuous-monitoring-certification-gmonhttp://www.giac.org/certification/critical-controls-certification-gccchttp://www.giac.org/certification/python-coder-gpychttp://www.giac.org/certification/advanced-smartphone-forensics-gasfhttp://www.giac.org/certification/certified-forensic-examiner-gcfehttp://www.giac.org/certification/reverse-engineering-malware-gremhttp://www.giac.org/certification/certified-forensic-analyst-gcfahttp://www.giac.org/certification/network-forensic-analyst-gnfahttp://www.giac.org/certification/secure-software-programmer-java-gssp-javahttp://www.giac.org/certification/certified-web-application-defender-gwebhttp://www.giac.org/certification/secure-software-programmer-net-gssp-nethttp://www.giac.org/certification/law-of-data-security-and-investigations-gleghttp://www.giac.org/certification/systems-and-network-auditor-gsna</p></li><li><p>NICE Framework</p><p>National Initiative for Cybersecurity Education framework (NCWIF)http://csrc.nist.gov/nice/framework</p><p> Reference resource defining cybersecurity work and a standardized set of required tasks and skills. </p><p> Designed to help organizations educate, recruit, train and retain a qualified cybersecurity workforce.</p><p>http://csrc.nist.gov/nice/framework</p></li><li><p>Job Market Insights</p><p>CyberSeek.org - free interactive resource for cybersecurity job seekers, sponsored by NIST, CompTIA, and NI...</p></li></ul>

Recommended

View more >