computer networking: beyond routing & switching series · devices –6 devices per person...
TRANSCRIPT
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Computer Networking: Beyond Routing & Switching Series• Next Session: Intro to Data Centers Tuesday, November 10, 2015 8:00 am, PST,
REGISTER HERE
Join for an introduction to the concept of a datacenter from a holistic perspective (hardware, software, processes) with a focus on virtualization and cloud. We will also discuss the challenges that IT departments face and look at the trends in datacenter technologies!
• 3rd Session: Going Wireless – Wireless Communications and Technologies – Dec. 8th, 2015, 9:00 P.M. PST REGISTER HERE
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Mapping Your Path to SuccessUpcoming Sessions:
• The Art of Persuasion & Influencing People November 4th 2015 – 9:00 PM PST, REGISTER HERE
• The Power of Public SpeakingNovember 18th 2015 – 9:00 PM PST, REGISTER HERE
Future Sessions cover Teamwork, Becoming Inspired!, and Communicating Effectively with Body Language
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Internet of Everything Webinar Series
TOPICIoE & Smart Cities
DATE November 12th , 8:00 AM & 8:00 P.M. PST
8:00 A.M. PST: REGISTER HERE
8:00 P.M. PST: REGISTER HERE
The Era of IoT and a World of Cybersecurity and Privacy Opportunities - IoE & Cloud Mobility Webinar
Evelyn de Souza
Data Privacy and Compliance Leader, CTAO Office, Cisco Systems
October 2015
AGENDA
The Implications of IoT for Security and Privacy
IoT Ushering a Data Economy – OpenSource Privacy
Career Paths and Options
Your Call to Action
About Me
MY MISSION
Accelerate digital safety and privacy for personal, business and every day living
Security and Privacy Challenges with IoT
• The increasing number of connected ‘things’ has vastly increased the attack surface of many networks, public, private, commercial and domestic
• Device volume-related security issues include remote monitoring headaches, default passwords and settings, and disparate software and connectivity standards
• Security and privacy remains an afterthought in technology design,
• A secure and private Internet of Things will require a fundamental shift in how people interact with it, helped by clearly defined legislation and component party responsibilities
Capabilities
CustomersActivities
Solutions
Products
Products + Services
Security Vulnerabilities of Connected Vehicles
Onboard
DiagnosticInterface
Vehicle-to-Vehicle
Communication
Remote Software
Update
Content and
Applications
Telematics
Services The Internet
Vulnerabilities of
Onboard Networks,
Devices, and
Applications
Vulnerabilities
of Diagnostic
Interface
Roadside
Networks
Vulnerabilities
over V2I
Communications
Onboard
Wi-Fi Hotspot
Tethered
Smartphone
Vulnerabilities of
Local
Communications
Vulnerabilities of
V2V
Communications
Attacks through all
Communication
Channels
Vulnerabilities of
Cellular
Communication
Security By Design as a mix of Services and Products
Bus Guard
Security Products & Solutions
Penetration Testing
Threat Modelling & Architecture Assessment
Backend Vulnerability Assessment
Application Security & Code Review
Security Services
Operational Security
Research on Piracy
Detect & Respond
Supply Chain Integrity
Security Requirements, Architecture & Design
Device Guard
Local anomalies detection system forvehicles’ internal gateway
Secure framework for infotainment / telematics systems
Customer Privacy & Information Security
Privacy Security
“Are we adequately protecting company
information?”
“Are we doing what we said we would
with customer data?”
“Are we giving our customers choices
regarding their data?”
“Are we protecting sensitive customer
data?”
“Are we properly disposing of customer
data?”
“Are we in compliance with privacy law
& regs?”
“Is the data accurate?”
“Does the data have high integrity?”
“Are we in compliance with security law
& regs?”
“Can customers see their data &
request corrections?”
Why Privacy?
Perceptions of privacy continue to
change
Paradigm-changing technologies like
the Internet impacted privacy in
ways we could have scarcely
imagined 30 years ago
• We know customers expect it
• It’s the right thing to do
• Regulators require it
• Increase in the granular collection, use and disclosure of personal energy information
• Definitions of privacy need to evolve
• Inferred identification of individuals and groups with linkage of data sets
IoT: Ushering in a Data Economy
IOT: The Data Economy
• By end of 2020 –over 50 billion connected devices –6 devices per person
• Selling an IOT product is catalyst for data transactions
• Companies will amass detailed data profiles about consumers (far more personal and intimate than current)
• e.g., an appliance manufacturer could derive significant revenues from selling data on the contents of people's refrigerators to food brands
Ecosystem Governance: Who Owns the Data?
Imagine an auto ecosystem like GM powered by Apple
Have to determine consumer data-sharing between GM and Apple
partners such as gas stations,
record labels and the various apps and relationships that consumers import from their own ecosystems
CIOs will need to plan for granular data-sharing controls that can accommodate consumer preferences while capitalizing on data insights and its monetary value
Growing Appetite for Privacy as a Business Differentiator
• Gigya’s recent survey found that consumers expect transparency, relevance and convenience in return for sharing data http://info.gigya.com/LP-Registration_Consumer-Privacy-Personalization_WP.html
• Apple championing that user privacy and security will be at the forefront of all their products and services http://bgr.com/2015/06/03/tim-cook-privacy-facebook-google/
• 91% of Americans agree that consumers have lost control over how personal data is collected and used http://www.pewinternet.org/2014/11/12/public-privacy-perceptions/
• Data Privacy as one of the top ten technology trends of 2015 https://hbr.org/2015/01/the-tech-trends-you-cantignore-in-2015
Without industry-wide adopted toolsets and mechanisms organizations will not be able to
deliver on goals for privacy that go beyond current capabilities
Balancing Marketing and Data Privacy Needs
• Market Opportunity
• Monetize the value of consumer data
as consumers become aware of its
value
• Give consumers the ability to trade
“personal data” while maintaining
trust
• E.g, a consumer could trade their weight
loss or gain history through their
bathroom scale
• Precedent for monetizing value of data
set through loyalty cards ility to trade
data
• Privacy Opportunity
• Redefine privacy contract to allow
data sharing via ecosystem and
machine-based interactions
• Allow consumer the ability to have
granular data control (both sharing
and blocking) abilities
• Give consumers transparent insights
into market value of their data (via use
of HADOOP and OLAP stores
OpenSource Privacy Core Capabilities
• Privacy Policy Object: A way that individuals can safely identify themselves and opt in to determine which
personal attributes universally across IoT devices and related applications
• A way to easily modify, revoke organization access to personal information
• An auditable trail – chain of custody of an individual’s choices. Enables accountability of the individual for
their choices and actions providing them individual transparency of their own digital trail across multiple
providers.
• OPEN SOURCE privacy features need to be compatible with all major OS. Must be highly scalable and
deemed secure by technical community leaders)
Planning for a Career in IoT Security
• 4 out of 5 jobs in cybersecurity require a degree
• Sought After University Degreees
• Career paths – job titles you might want to pursue
• Where the jobs are
• Who’s recruiting in cyber security
• Getting a mentor and finding your ideal role model
YOUR CALL TO ACTION
Let’s keep the conversation going:
Twitter: @e_desouza
Blog: http://cloudtweaks.com/author/evelyn/
Sign up to Industry Consortiums
Join Cisco Networking Academy• Go to netacad.com
• Click Learn with Us