Cyberdefense and security policy – concepts and considerations for government policy 1
Cyberdefense and security policyConcepts and considerations for government policy
Zoltán PrécsényiGovernment Affairs Manager
Issue statement
Cyberdefense and security policy – concepts and considerations for government policy 2
Agenda
Cyberdefense and security policy – concepts and considerations for government policy 3
The threat landscape1
Attack types 2
Cyberdefence, cybersecurity, cyberintelligence3
Emerging challenges4
Recommendations5
Cyberdefense and security policy – concepts and considerations for government policy 4
The Threat Landscape
2010 Trends
Cyberdefense and security policy – concepts and considerations for government policy 5
Social Networking + social engineering =
compromise
Attack Kits get a caffeine boost
Targeted Attacks continued to evolve
Hide and Seek (zero-day vulnerabilities and
rootkits)
Mobile Threats increase
2010 in numbers• 286M+ threats• +93% web-based attacks• 260.000 identities exposed per breach• +42% mobile vulnerabilities• 6253 new vulnerabilities• 14 new zero day vulnerabilities• 1M+ bots in Rustock• $0.07 to $100 per stolen credit card
Cyberdefense and security policy – concepts and considerations for government policy 6
Cyberdefense and security policy – concepts and considerations for government policy 7
Attack types
Sources
8
Organizedcrime
Wellmeaninginsiders
Maliciousinsiders Extremists
Cyberdefense and security policy – concepts and considerations for government policy
Targets and methods
Cyberdefense and security policy – concepts and considerations for government policy 9
• Any combinations of the above are possible. And likely.
Cyberdefense and security policy – concepts and considerations for government policy 10
CyberdefenseCybersecurityCyberintelligence
From cybersecurity to cyberdefense
Cyberdefense and security policy – concepts and considerations for government policy 11
Cyberintelligence: What is the Internet used for?• Communication:
– Propaganda, instructions, information exchange
– Diversion / disinformation / psychological operations
• Cybercrime and related finances:– Turning stolen data and attack capabilities into profits
– Laundering money
• Intelligence– OSINT operations, social engineering
• Attack– Web-based attacks against information, organisations, infrastructure
The Internet can also be used in support of other forms of attack.
Cyberdefense and security policy – concepts and considerations for government policy 12
Cyberintelligence: needs and challenges• Needs:
– Design: Engineering skills
– Deploy: Infrastructure for advanced monitoring
– Leverage: Strong analytical capabilities, including human intelligence skills
• Challenges:– Fundamental rights: How intrusive can you be?
– Confidentiality, encryption: How effective can you be?
– Mass of information: Can you tell the wheat from the chaff?
– Attribution: Can you tell who you’re up against? Can you really?
Cyberdefense and security policy – concepts and considerations for government policy 13
Symantec™ Global Intelligence NetworkIdentifies more threats, takes action faster & prevents impact
Information ProtectionPreemptive Security Alerts Threat Triggered Actions
Global Scope and ScaleWorldwide Coverage 24x7 Event Logging
Rapid Detection
Attack Activity• 240,000 sensors• 200+ countries
Malware Intelligence• 133M client, server, gateways monitored• Global coverage
Vulnerabilities• 40,000+ vulnerabilities• 14,000 vendors• 105,000 technologies
Spam/Phishing• 5M decoy accounts• 8B+ email messages/day• 1B+ web requests/day
Austin, TXMountain View, CACulver City, CA
San Francisco, CA
Taipei, Taiwan
Tokyo, Japan
Dublin, IrelandCalgary, Alberta
Chengdu, China
Chennai, India
Pune, India
14Cyberdefense and security policy – concepts and considerations for government policy
Cyberdefense and security policy – concepts and considerations for government policy 15
Emerging challenges
Next generation computing technologies
Cyberdefense and security policy – concepts and considerations for government policy 16
Mobile Threats• Most malware for mobiles are Trojans posing as legitimate apps
• Mobiles will be targeted more when used for financial transactions
Cyberdefense and security policy – concepts and considerations for government policy 17
163 vulnerabilities
2010
115 vulnerabilities
2009
42% increase
Cyberdefense and security policy – concepts and considerations for government policy 18
Recommendations
Recommendations
Cyberdefense and security policy – concepts and considerations for government policy 19
Design security already into the earliest concept.10
View cybersecurity as a national security stake.
Security: in depth, mobile, adjustable, dynamic.
Security can no longer go without intelligence.
Monitor, correlate data, respond accordingly.
Assess actual threat levels, prioritise accordingly.
Focus on people, processes and technology.
Operationalise public private partnerships in CIIP.
Ensure that cybersecurity is adequately resourced.
Allocate clear responsibility for cybersecurity.
1
2
3
4
5
6
7
8
9
Thank you!
SYMANTEC PROPRIETARY/CONFIDENTIAL – INTERNAL USE ONLYCopyright © 2010 Symantec Corporation. All rights reserved.
Thank you!
Cyberdefense and security policy – concepts and considerations for government policy 20
Zoltán Précsé[email protected] +32 225 71319