outlook briefing 2016: cyber security
TRANSCRIPT
Outlook Briefing 2016:
Cyber Security
Charles Lim
Senior Industry Analyst, Cyber Security - Digital Transformation Practice
Frost & Sullivan Asia Pacific
2
What happens in an Internet minute?
Proliferation of Cyber Attacks in 2015 targeted popular servicesData is the new gold, inability to secure them leads to distrust in services
3
Uber accounts have been hacked and are being used to secure rides in China without
their consent or knowledge
Apple had to remove more than 300 apps from its app store
infected by xCodeGhost malware, affecting 500 million users
In the week of Black Friday, Amazon has reportedly begun
forcibly resetting some users’ passwords over concerns
about a major breach.
54% of security professionals view social engineering attacks through
phishing emails as the top threat technique that they have encountered
Over one thousand email addresses and passwords from
Spotify were possibly leaked
LinkedIn encountered a major breach of its password database - a file containing passwords
using “linkedin” appeared in an online forum
A security researcher discovered a way to perform remote code execution and retrieve confidential data from Instagram and Facebook
Twitter emailed more than 20 users, warning them they may have been targeted by hackers ‘possibly associated with a government’
A Vine star who makes £2,000 per second from his posts claims he has been hacked, with all of his videos deleted from his account
Google Malaysia’s site was hacked; visitors were re-directed to a hacker’s webpage
Hackers claiming to be working on behalf of ISIS took over the Twitter and YouTube accounts of the United States Central Command
All of these attacks occurred in 2015
Compromised Skype users reported that malicious links and messages were sent to their contact list
Cyber attacks – fueling the international crime scene, online
100MMore than 100 millionhealth care recordscompromised in 2015.Medical records are worth10 times more than creditcard information in thedark web.
Cyber attacks – the channel for making a statement
602GbpsOn 31st Dec 2015, BBC received a602Gbps Distributed Denial of Service(DDoS) attack, the highest everrecorded in history.
New World Hacking, who claimedresponsibility announced that it was atest of their power. Their main targetare ISIS websites.
25GB LEAKEDThe Impact Team stole more than 25GB user datafrom adultery website, Ashley Madison and releasedthe information on 18th August 2015.
The original intention was to force Avid Life Media toshut down the website, and stop online adultery.
“Indonesia experiences around 50,000 cyber attacks every day. That makes
it the second-most targeted country for cyber attack after Vietnam.”
- Yono Reksoprodj, advisor to Minister for Political, Legal and Security Affairs Tedjo Edhy Purdijatno
Speaking on Indonesia’s National Cyber Agency 8th Jun 2015
>50,000 ATTACKS
“We don’t believe any cyberdefense is fail proof. But a strong, well
thought out strategy, coupled with a rapid ability for a bank to understand
when its systems have been maliciously penetrated and swiftly take the
necessary actions, such as isolating the attack, is key to a successful
cybersecurity strategy.”
- Stuart Plesser, Standard & Poor’s
Press statement pertaining to possible downgrade of banks’ ratings,
if it is believed to be ill-prepared to withstand cyber attacks.
7
The need to focus on Industrial Control Systems Security as priority
8
Security Challenges within Internet of Things
Source: Frost & Sullivan
Connected cars has been
proven to be hacked in
recent times, however the
actual impact is to the
driver’s safety and are at a
very nascent stage of
security that is acted now by
automobile manufacturers.
Connected homes, which
are developed with the
use of smart consumer
appliances such as
wireless fridges, lighting,
and thermostats have
limited impacts and are
not desirable targets.
Industrial Control Systems, which
automates most critical infrastructures
are now going through an active
transformation to connect to the Internet,
and have been victims of attacks,
extortion where any successful attack
will cause a severe impact to citizens nationwide.
Cyber Attacks Shift Towards Physical SystemsIndustrial Control Systems in operational technology creating new points of vulnerabilities
9
97%
3%
Number of Internet-connected ICS devices, August 2015, Asia Pacific
Connected Devices
Vulnerable Devices
Source: Asia-Pacific Industrial Control Systems Security Report, Frost & Sullivan
N=3087
BLACKOUTto thousands of homes in Western Ukraine,using the BlackEnergy malware to attackelectric substations. it was reportedlydeveloped by Moscow-backed group,Sandworm on 23rd Dec 2015.
Subsequently, its Kiev Airport was attackedby the same malware during Jan 2016.Investigations are ongoing.
Case analysis – Industrial Control Systems Security
The need to protect SCADA (Supervisory Control and Data Acquisition) systems beyond
the “air gap” concept has been elevated since the 2011 Stuxnet APT attack. Critical
infrastructures using ICS systems and needs to raise the awareness and knowhow of how
to protect these systems as a priority when these systems get connected to the Internet.
Present:“Air Gap”
Future:The Internet
Human Machine Interface (HMI)
SCADA, PLCS
Speed: 500 r/min
Business networks, connected to the Internet
Industrial networks that runs on local area networks separated from the Internet, however still vulnerable to attacks
Stuxnet malware installed in USB
drive
External contractors’
laptop
Information Technology Operational Technology
Graphic source: Vector Open Stock 10Source: Frost & Sullivan
Operationalizing the 3C’s for Cyber Security
Cyber ResilienceRisks & Business
Impacts
Cyber IntelligenceKnowledge and correlation of all
threats in the organization
Cyber ProtectionBuilding the right prevention base
“Security by Design”
11Source: Frost & Sullivan
Threat Response Adaptive Core Ecosystem (TRACE): Identifying the essentials
Frost & Sullivan believes that adopting a platform approach can operationalize
the vision of a holistic security strategy, comprising the right balance between
security mindsets, tools and skill sets.
Access Management Endpoints Web Assets Cloud App Security
Content
Integrated Security Appliances
Advanced Threat Prevention
Human Factor Mitigation
Vulnerability Management
Security Analytics
T R A C E
12
Source: Frost & Sullivan
Projected growth of security solutions in ASEAN, CY2015 (CAGR=20.8%)
Managed Security Services Market Forecast Analysis
-
5.0
10.0
15.0
20.0
25.0
30.0
0.0
100.0
200.0
300.0
400.0
500.0
600.0
2014 2015 2016 2017 2018 2019 2020
Re
ve
nu
e (
$ M
illi
on
)
Gro
wth
Ra
te (
%)
Note: All figures are rounded. The base year is 2013. Source: Frost & Sullivan analysis.
Projected growth of security solutions in Indonesia, CY2015 (CAGR=27.1%)
Managed Security Services Market Forecast Analysis
-
5.0
10.0
15.0
20.0
25.0
30.0
35.0
40.0
0.0
10.0
20.0
30.0
40.0
50.0
60.0
70.0
2014 2015 2016 2017 2018 2019 2020
Re
ve
nu
e (
$ M
illi
on
)
Gro
wth
Ra
te (
%)
Note: All figures are rounded. The base year is 2013. Source: Frost & Sullivan analysis.
Network security adoption in Southeast Asia
0.0 20.0 40.0 60.0 80.0 100.0 120.0
Rest ofASEAN
Philippines
Vietnam
Thailand
Indonesia
Malaysia
Singapore
CY2015 Q3 YTD
CY2014 Total
Network Security Tracker, 2015 QTD Market Size (US$, M)
Indonesia achieved one of the highest growth rates at 30% YoY (Q3 QTD)
Indonesia
Network Security, Indonesia (US$, M)
2014 Q3 QTD 2015 Q3 QTD
N = 13,930 qualified information security professionals globally. 10% of
respondents are Asia Pacific
44%
49%
52%
72%
75%
Automated identity managementsoftware
Web security applications
Policy management and audit tools
Improved intrusion detection andprevention technologies
Network monitoring and intelligence
Top 5 Technologies that Significantly Improve Security(Percent of Survey Respondents)
18%
23%
35%
Use of Advanced Analytics for Detection of Advanced Malware
(Percent of Survey Respondents)
No Plans
Evaluating or Selecting a Solution(s)
Implemented or Implementing
2015 (ISC)2 Global information Security Workforce Study
by Frost & Sullivan
17
“How do you really handle all these… big data?”
- VP for Security Infrastructure, leading telco provider, Indonesia
“We have figured out using using our own designed algorithms across collected logs, to decipher insider threats”
- Chief Security Officer, leading technology vendor
Opinions from the ground
Observation of trends in Security Analytics market
Observations in the security analytics players in APAC
Sold off their IPS offerings, may focus
in other enterprise security products
such as SIEM tools
Integration with endpoint security,
correlation of packets and logs
Launch of X-force exchange,
integration of product and services
business units
Observation of trends in Security Analytics market
Observations in the security analytics / threat intelligence players in APAC
Focus on forensics and incident
response capabilities
User behavior analytics using
machine learning systems and
algorithms to identify fraud
Correlation of business and
security intelligence. Position to
block against APT attacks
Empowering the cyber defenses in Indonesia
Frost & Sullivan’s End User Research and Advisory Practice
Circular, 4G LTE Vulnerability
Research papers – Frost Industry Quotient (FIQ) and
Market insights
Threat Intelligence Alerts Cyber Security Threats and Solutions Briefings
Cyber Security Outlook for 2016Building the required capabilities for Cyber Resiliency
21
Improve Cyber Defense in Critical
Infrastructures
1
Human expertise and foster
collaboration
2
• Increase of Cyber Security Operation Centers in
the Critical infrastructures.
• Compliance guidelines to ensure cyber resiliency
in both business (IT) and operations (OT)
3
How companies are respondingHow companies are responding
• Cyber security training
• Sharing of intelligence amongst industries
• Setting up cyber security committees
Build a holistic defense beyond the
organization
• Vendors/contractors to meet security
standards in the process of mitigating chain-
of-trust attacks.
Cyber Security Outlook for 2016Building the required capabilities for Cyber Resiliency
22
Investments into analytics to improve accuracy and speed
4
5
• Big data analytics for multiple sources of threat
feeds will become the common concern and
more accurate judgment through automated
algorithms will be needed.
6
How companies are respondingHow companies are responding
• Enterprises will switch from ‘adopting cyber
security for their cloud setup’ to ‘adopting
cloud as part of their cyber security strategy’.
Convergence security concepts to
be introduced
• Convergence of threats & detection of fraud
between physical and cyber systems
• Developments of convergence security in
smart cities.
Adopting cloud security as a
strategy
Frost & Sullivan, the Growth Partnership Company, works in collaboration with
clients to leverage visionary innovation that addresses the global challenges and
related growth opportunities that will make or break today’s market participants.
For more than 50 years, we have been developing growth strategies for the
Global 1000, emerging businesses, the public sector and the investment
community. Is your organization prepared for the next profound wave of industry
convergence, disruptive technologies, increasing competitive intensity, Mega
Trends, breakthrough best practices, changing customer dynamics and emerging
economies?
www.frost.com