Scenarios for the age of everything on lineMobile and Social Everything

Smart to Smart EverythingThe Internet of Things

Clouds of ThingsIntelligent Things

RepurposingRecycling

ReusePeter Cochranecochrane.org.uk

ca-global.biz

From Identity to Ownership Theft

A  looming  threat  Everything of value is the next target

ownership theft

Ownership

Maintenance

UsageUpdates

Production++++

LogsComing  soon  aN  IoT/CoT  Future  Ever yth ing produced tagged, tracked, on- l ine

• material sourcing• manufacturing history• distribution and supply chain• purchase and ownership details• application, usage, maintenance, repair• repurposing, reuse, recycling sequence• +++

Ownership

Maintenance

UsageUpdates

Production++++

Logs

securing  all  logs  vital  No s o l u t i o n s e n g i n e e red s o fa r !

• illegal access has to be prevented• safety and sustainability at stake• market damage a certainty• value and validity in danger• eForgery a real prospect• ownership is at risk• +++

Log Access Authority ? • Producers• Suppliers• Repairer• Maintainer• Purchaser• Government• Agencies• +++

Log Security ? • Public Key• Multi-Layer• Governance• +++

Ownership

Maintenance

UsageUpdates

Production++++

Logs

log(s)  Protection  Ye t t o b e e n g i n e e r e d !

• cached / distributed master logs ? • uniform or speciated solution(s) ?• embedded public key variants ?• common or variable formats ?• global standards authority ?• multiple key authorities ?• diverse OS and apps ?• diverse hardware ?• diverse protocols ?• evolutionary ?• +++

Primary Security ? • Access mechanisms• Malware protection• Timely adaptation• Embedded AI• Networks• Protocols• Ports• ISPs• +++

networked  Protection  New leve l s o f p roac t i ve th ink ing• design security into the IoT / CoT now• adopt collaboration as a primary tool• do not continue on the back foot• anticipate/plan for worse cases• embed security at every level• create a global security plan• consolidate resources• share all experiences• detect and react fast• automate with AI• +++

Exploit the new degrees of freedom offered by Clouds

Do not stumble blindly into the IoT / CoT future naked

there  are  no  silver  bullets  O n l y a g r o w i n g r a n g e o f t e c h n i q u e s

• staying ahead of developing threats is vital• use all the old tried and tested solutions• plus a growing range of new an novel• this is an evolving space not static• continual adaptation is key• multiple solutions only• concatenation/layered• real time sharing• +++

Security  history  A retroactive patchwork

Growing commercial disruption A patchwork of measures Huge damage potential No proactive thinking Accelerating threat Divided resources Underinvested Rogue states Global Scale Rising costs

MAD Hackers

Criminals Rogue states

N o s t r a t e g y

what  we  understand  Given our exper i ences to da te

Attacking is more fun than defence Malware protection is not enough The threats are always adapting More attackers than defenders Networking increases the threat The risks are always growing More devices sees more risk People are the weakest link There is always a threat Firewalls do not work

ANew

StrategyImperative

what  we  understand  Given our exper iences to date

This is extremely weak & insufficient Multi-factor variants only a temp fix We need far more sophistication We need something easier Subliminal factors work well Full integration required Dongles are impractical What we know is hidden Who we are is implicit What we do habitual Broader

Th ink ingImperative

what  we  understand  Given our exper i ences to da te

Device designers have to rethink Service provides have to rethink Everyone has to be proactive Devices have to be proactive Individuals need protecting Devices need protecting Adaptation is fundamental Early detection a necessity Sharing is fundamental Proactivi ty is vi tal M o r e

ResourcesR e q u i r e d

what  we  understand  G i ven ou r expe r i en ce s t o da t e

A good attacker makes a good defender Habituality is a shared weakness Thinking like the enemy is vital Cross platform attacks the new norm Cross app exposure now common Early detection and action are key War gaming is necessary Dedicated teams needed AI engagement needed

MoreInvestment

E s s e n t i a l

THE  ATTACK  SURFACE  I s a b o u t t o b e w a r p e d

Thousands of Cloud Species More connectivity modes More mobile than fixed New working practices More on-line than off The internet of things Clouds of things Distributed storage WiFi domination Apps on line Greater

Variabilityin Everything

Identity  theft    I t i s s o v e r y e a s y !

Lax security protocols and procedures Spoof bank calls and paperwork Big Data, Meta Data analysis Bogus call centres/services Spoof eMails, TXT, IMs Government records Institutional records Face to face surveys Social networking Company pages On-line surveys Home pages Data mining

BroaderProtection

N e c e s s a r y

ownership  theft    C o u l d b e e v e n e a s i e r !

Lax security protocols and procedures Old technologies mixed with the new Crack one item gives access to all ? Crack one item to acces the network Change/control all ownerships Use ownership as collateral Ownership affords validity Viral step and repeat Creates new crimes Things as hostages eBlackmail +++

BroaderProtection

N e c e s s a r y

Axiomatic  for  sure    I t i s t i m e t o t h i n k a g a i n !

If we do nothing new things will get worse Non stop learning & adaptation required Acting in isolation guarantees failure Continual monitoring necessary Machines action trumps humans Networking and sharing are key Early detection and action vital Integrated security is a must Localised quarantene vital Every level to be protected Every device proactive All networks proactive

A NewEra For

Secur i ty

an  obvious  analogy    T h e e x i s t e n c e t h e o r e m !

A ubiquitous/universal auto-immune system Initially engineered to meet known threats Augmented by ‘timely code inoculation' Continually learning & adapting Deployed at every network level Globally applied and adopted Many variants/contributions Industry wide adoption Full integration a must Device cooperation A New

Form ofS e c u r i t y

the  pract ical i ty    B e y o n d a c o n c e p t !

Hard malware traps on every chip and card And on every device, card, shelf, suit, floor Also all network elements/components Soft malware traps in all code everywhere Automatic experience/solution sharing Fully automated response/reporting Resource sharing and adaptation Many variants & contributions Evolution dominates design Industry wide adoption Ful l integration

Behav iourEmmeregent

& Unpred ic tab le

complexity  status  A mix of c lean and infected

BroadcastingMalware

Respondingwith updated

protection WiderNetworkUpdated

LatestSolutionUpdate

Dynamic isolation of infected devices and components

leading to repair

a  multiplicity  of  channels  Attack exposure/thwarting via access diversity

Blue ToothShort RangeDevice to DeviceDevice to Cloud

Attacks seldom isolated or indeed single sourcedAttacks not restricted to a single channel

Defence opportunities in channel diversityA plurality of channel protection

Real time channel collaborationDiverse support access

Distributed info sharingDynamic access hoppingSecure attack isolation

WiFi/WiMaxMedium RangeWLAN/Cloud

3, 4, 5, 6 GLong RangeDevice to NetDevice to Cloud

SatComBroadcast

Integrated and intelligentsecurity systems embedded

into product and all components

protocols,  techniques,  AI  Being considered but st i l l in the making

Interfaces ?

Encryption ?

Strategies ?

Collaborations ?

Hardware ?

Protocols?

Standards?

Software ?

Systems ?

Players ?

Groups?

Nets ?

Clouds? ?

?

?

?

?

A lot to be done in a very short time !

Lone Hacker

$1Bn

$100M

$10M

$1M

$100k$10k

Organised Crime

Hacker Groups

Companies

RelativeSpending/Resources

Rogue States

Gov Agencies

Institutions

Distribution  of  resources  The misguided, good, bad, and the rogues !

Lone Hacker

$1Bn

$100M

$10M

$1M

$100k$10k

Organised Crime

Hacker Groups

Companies

RelativeSpending/Resources

Rogue States

Gov Agencies

Institutions

Relative  weight  of  resources  How many, how capable , aggregated capabilities

~1000s~100s

~10,000s~1000s

~1000s~10s

~100s

Good

Relative  resources  The ratio of aggregated good to bad

Bad> 3:1

Sufficient for good to prevail over bad !

But ‘bad’ shares resources and knowledge

Whilst ‘good’ operates by ‘need to know’

Sharing knowledge and resources is vital to assure success !

Best estimate assuming equally good people and technical resources on both side of the line:

we  have  to  get  this  right  F a i l u r e c o u l d b e c a t a s t r o p h i c !

Getting it all right on the night is impossibleRapid evolution is the obvious answerFast response and adaptation winsKeeping ahead of the enemyIntegration of all resourcesInvesting appropriatelyThinking well aheadActing well in timeNo relaxation

Thank Youcochrane.org.uk

ca-global.biz

????