Crim cybersecurity_jarno_limnéll
47
We ´ re living in the Cyber Era and New Security Actions are needed for blurring security Jarno Limnéll Professor of Cyber Security, Aalto University Director of Cyber Security, McAfee Doctor of Military Science Twitter: @JarnoLim
-
Upload
jarno-limnell -
Category
Technology
-
view
95 -
download
1
Transcript of Crim cybersecurity_jarno_limnéll
We´re living in the Cyber Era and New Security
Actions are needed for blurring security
Jarno Limnéll Professor of Cyber Security, Aalto UniversityDirector of Cyber Security, McAfeeDoctor of Military ScienceTwitter: @JarnoLim
.
McAfee Confidential
DIGITAL AND PHYSICAL BLUR
“THE FUTURE OF… SECURITY
IS IN THIS ROOM”
Resources are needed, but in cyber big brains are more important than big brawn…
What are the right and needed skills?
Challenge for Universities.
“The most important thing to us is human capital. Everything within the cyber domain relies upon the strength of our personnel. Therefore, we must restructure our education system. The main tools of cyber defense are not the switches, routers, or operating systems, but rather the cyber defenders themselves.”
Israel Defense Forces
SECURITY ENVIRONMENT –PHYSICAL AND DIGITAL
– IS MORE UNCERTAIN, DYNAMIC AND MORE DEMANDING THAN EVER
Power is the ability to affect other people and countries to get the outcomes one wants.
Cyber PowerHow cyber power will be distributed in the world?
.
McAfee Confidential
The importance of combining technological and strategic thinking -both are needed in order to have comprehensive approach to cybersecurity,its threats and solutions
Strategic Intellectual challenge
.
McAfee Confidential
.
McAfee Confidential
The Digital Domain has become a domain where
strategic advantage (national, industrial or military)
can be lost or won.
1. Cyberattacks, cyber-espionage2. Counterintelligence3. Terrorism4. WMD Profiliferation5. Counterspace
We’re living the Cyber Era
.
McAfee Confidential
NATO – Cyber – Article 5
.
McAfee Confidential
Cyber is already and will be an element of all crisis we’re going to see in the future
Continuation of politics by other means,
incl. cyber means in ”policy toolbox”
IN THE SHADOWS,
3 levels of cyber activities
Lower level cyber activitiesDigital information operationsStrategic cyber attacks
“The supreme art of war is to subdue the enemy
without fighting.”Sun Tzu, The Art of War
Beginning – End
Our side – Their side
Military – Civilian
Involved – Not-involved
Win – Lose
Violence – Non-violence
Hardware – Software
26
Lack of precedents, Cyber conflict playbook is pretty empty (at the moment)
The world is moving towards a greater strategic use of cyber
activities to persuade others to change their behavior.
Capability and will.
.
McAfee Confidential
Trendsto Follow
Level of Cyber capabilities?
SUSPICION,STATE-CENTRISISM
OutsourcingWorrying trend
It’s difficult to know exactly who’s doing what to whom
I don’t think anyone’s hands are clean
“Skilled team of developers and operators collecting intelligence on defense and geopolitical issues –intelligence that would only be useful to a government.”
“Operations that indicate agovernment sponsor –specifically, a government based in Moscow. “
“APT28 targets insider information related to governments, militaries, and security organizations that would likely benefit the Russian government.”
“…since at least 2007.”
“Axiom is responsible for directing highly sophisticated cyber espionage operations against numerous Fortune 500 companies, journalists, environmental groups… for at least the last six years.”
“…the most sophisticated of any publicly known Chinese hacker unit and targets not only U.S. and Western government agencies but also dissidents inside and outside China.”
Does intelligence collection or cyber reconnaissance become an act of war?
Intelligence collection that involves the theft of terabytes of classified information may eventually be interpreted as an act of war.
This is what the grey space between war and peace looks like, and we are in it .
.
McAfee Confidential
World and security changes -unpredictably
?
.
McAfee Confidential
(Cyber) Resiliency
Smart players in thefield are moving from a traditional framework of defense to an approach of resilience.
.
McAfee Confidential
Instead of (only) building walls,”Defense in depth”
I am waiting to see a disruptive innovation in Cyber Security within next 2-3 years.
A disruptive innovation is an innovation that disrupts an existing market.
.
McAfee Confidential
TRUST
Survata survey, October 2014.
.
McAfee Confidential
.
McAfee Confidential
The dawn of the Cyber era
2001 2002 2003 2004 2006 2007 2008 2009 2010 2011 2012 2013
Wikipedia
Georgia
Conficker
Stuxnet Flame
Gauss
Saudi Aramco
Anonymous
Manning
Skype
Gmail
Tumblr
Android
Dropbox
iPadiPhone
Estonia
Google+
LulZSEc Snowden
2005
YouTube
WEB 2.0
Wikileaks
