Protecting our Cyber Space Staying Ahead of the Game Basel Alomair National Center for Cybersecurity Technology (C4C) King Abdulaziz City for Science and.

Slides:



Advertisements
Similar presentations
A Local Mean Field Analysis of Security Investments in Networks Marc Lelarge (INRIA-ENS) Jean Bolot (SPRINT) NetEcon 2008.
Advertisements

James D. Brown Chief Engineer and Senior Fellow Information Resource Management L-3 Communications.
UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.
Challenge of Nuclear Weapons
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Brian Connett, LCDR, USN US NAVAL ACADEMY
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): "cyber warfare" is "actions by.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Network Security of The United States of America By: Jeffery T. Pelletier.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
DuWayne Aikins Information Security Forum May 21, 2015 Cyber, A Militarized Domain: What is Means to Texas.
Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.
Geneva, Switzerland, September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.
Economics of Malware: Epidemic Risk Model, Network Externalities and Incentives. Marc Lelarge (INRIA-ENS) WEIS, University College London, June 2009.
What is Smart Grid/Metering for electric distribution? Should they be implemented in the US? Presented by: Jeffrey Grodzki, April Romanishan, Cameron Hinkel,
Disaster & Smart City in Aging Society – Designing a secure and resilient smart city Smart City and Resiliency Jirapon Sunkpho College of Innovation Thammasat.
Securing Information Systems
A First Course in Information Security
Mobil e 65% of companies are deploying at least one social software tool. SocialClou d Digital content grew to Over 80% of new apps were distributed or.
International Peace and Security Vladimir Radunović Director, Cybersecurity and E-diplomacy 20 March 2015 WEBINAR.
Energy and Industry Trends Dave Molin VP & General Manager Honeywell Building Control Systems.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Jackie Phahlamohlaka Mapule Modise Nthumeni Nengovhela
Fostering worldwide interoperability ICT & Environment Activities in Korea Byoung Moon Chin Vice President, TTA Global Standards Collaboration (GSC) 14.
Mobile Technology and Cyber Threats Deon Woods Bell Office of International Affairs The Fifth Annual African Consumer Protection Dialogue Conference Livingstone,
I n t e g r i t y - S e r v i c e - E x c e l l e n c e Headquarters U.S. Air Force 1 Lt Gen Bill Lord, SAF/CIO A6 Chief of Warfighting Integration and.
Akamai Technologies - Overview RSA ® Conference 2013.
Information Warfare Playgrounds to Battlegrounds.
Cyber Security Nevada Businesses Overview June, 2014.
MALWARE : STUXNET CPSC 420 : COMPUTER SECURITY PRINCIPLES Somya Verma Sharad Sharma Somya Verma Sharad Sharma.
Toward a Culture of Cybersecurity Research Aaron Burstein TRUST & ACCURATE Research Fellow Samuelson Clinic & BCLT, Boalt Hall UC Berkeley.
PACIFIC RIM SECURITY CONFERENCE CYBERATTACK: A NEW STRATEGIC WEAPON David Elliott February 24, 2010.
Geneva, Switzerland, September 2014 Considerations for implementing secure enterprise mobility Eileen Bridges Aetna GIS Director.
Kaspersky Labs 6 ht Annual Partner Conference · Turkey, June Kaspersky Labs 6 th Annual Partner Conference · Turkey, 2-6 June 2004 November 16.
Ali Alhamdan, PhD National Information Center Ministry of Interior
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
The information contained in this document is confidential, for internal use only, and may not be distributed outside Ministry of Transport and Communications.
CyberPatriot: Introduction to Cyber Security 9/10/10 Joshua White Director of CyOON R&D Everis Inc (315)
Information Warfare Playgrounds to Battlegrounds.
By, CA K RAGHU, PAST PRESIDENT – INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA.
WHAT IS CYBER SECURITY? Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great.
Striving to achieve Cristina Bueti Advisor. What does the future hold? 2.
BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.
The Current State of Cyber Security and How to Defend Your Data.
DHS Publishes Report Saying Low but Persistent Risk of Cyber Attack on Energy Sector DHS REPORT ON ENERGY CYBERSECURITY April 6, 2016 | Ben Booker Source:
A Layered Solution to Cybersecurity Dr. Erfan Ibrahim Cyber-Physical Systems Security & Resilience Center National Renewable Energy Laboratory.
Information Management System Ali Saeed Khan 29 th April, 2016.
Brian Marks COSC 380. Cyber War  What is Cyber War?  What attacks have happened?  Could this happen to us?  What defenses are in place to stop it?
U.S. NATIONAL CYBERSECURITY BY: SEIF ABOU NAR. WHY ARE WE TALKING ABOUT CYBERSECURITY? Attacks received the attention of president Clinton and Attorney.
Cybersecurity as a Business Differentiator
EE5900 Cyber-Physical Systems Smart Home CPS
GOVT Module 16 Defense Policy.
International Conflict & Cyber Security
Information Security – Current Challenges
Stuxnet By Shane Serafin.
ICT & Environment Activities in Korea
Leverage What’s Out There
Cybersecurity Case Study STUXNET worm
بهترین راهکار را انتخاب کنید...
CYBER SECURITY MARKET Global Cyber Security Market, Size, Share, Market Intelligence, Company Profiles, Market Trends, Strategy, Analysis, Forecast
Object Oriented Programming and Software Engineering CIS016-2
Prepared By : Binay Tiwari
Cyber Security Trends and Challenges
Protect Your Ecommerce Site From Hacking and Fraud
Dominic DeSoto, Jay Jackson IA 455 Oct. 23, 2017
Keeping the Lights on in a Dangerous World
Group Discussion Benefits and Challenges of Adoption of Electronic data collection Technologies.
Presentation transcript:

Protecting our Cyber Space Staying Ahead of the Game Basel Alomair National Center for Cybersecurity Technology (C4C) King Abdulaziz City for Science and Technology (KACST)

What is Cybersecurity? N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY A very wide-ranging term with no standard definition Cybersecurity is the science of protecting networks, computers, programs and data from attack, damage or unauthorized access. Cybersecurity is the availability, integrity and secrecy of information systems and networks in the face of attacks, accidents and failures. We can divide it into knowing what to do—science of cybersecurity Knowing how to do—engineering of cybersecurity 4/29/20152

Types of Attacks N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Man-in-the-middle Malware Denial-of-Service (DoS) Unpatched software Socially engineered attacks … 4/29/20153

Cost of Cyber Attacks N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY The UK suffered 44 million cyber attacks in 2011 – the equivalent of 120,000 a day – and such attacks are estimated to cost the country up to £27 billion a year. A global price tag of $338 billion in 2011–Symantec When theft of intellectual property is factored in, the figure soars past $1 trillion-former head of the NSA, General Michael Hayden 4/29/20154

Attacks on the Rise N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY CERT-In: 23 in 2004 vs. 22,060 in 2012 Ponemon Institute: 18% increase in successful attacks Ponemon Institute: 26% increase in average cost 4/29/20155

Cyber Attacks to Cyber Warfare N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY In the 2006 war against Hezbollah, Israel alleges that cyber warfare was part of the conflict, targeting the Israel Defense Forces (IDF) In September 2007, Israel carried out an airstrike on Syria. U.S. military sources speculated that the Israelis may have used cyber warfare to allow their planes to pass undetected by radar into Syria In September 2010, Iran was attacked by the Stuxnet worm targeting its nuclear facility. May 2013, US DoD accused China’s military of launching cyber attacks against US computer systems Over 120 countries developed strategies to use the Internet as a weapon 4/29/20156

HOW MANY ATTACKS? 4/29/20157 N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY  1,385 Defacement  26 in April

HOW MANY ATTACKS? 4/29/20158 N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY

Tip of the Iceberg N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY 4/29/20159

Regin N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Regin is a multi-purpose data collection tool. Multiple versions were found in the wild. Targets: several corporations, institutions, academics, and individuals At least since /29/201510

Challenges N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Cyber Attacks can be launched at any time and from anywhere Attacks cost next to nothing Successful attacks can be catastrophic Changing Environment: Technology adoption is moving faster than security implementation Shifting Strategies: data in transit (66%) vs. stored data (26.5%) No metrics to measure (in)security 4/29/201511

Threats N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Any device that has an IP could be a target to cyber attacks Nation states have the potential to disrupt an enemy’s economy and perhaps reach their strategic objectives without risk to their armed forces “If you want to hit a country severely you hit its power and water supplies. Cyber technology can do this without shooting a single bullet.” Isaac Ben-Israel (Major General Israeli Air Force) 4/29/201512

Internet of Things N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Objects and people will be equipped with identifiers Managed and inventoried by computers IBA Research: more than 30 Billion devices by /29/201513

Internet of Things N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Security firm: Global cyberattack was launched from more than 100,000 everyday appliances Gadgets included routers, televisions and at least one "smart" refrigerator Poorly protected "smart" devices may be easier to infect and control than PC, laptops, or tablets 4/29/201514

Internet of Things N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY 4/29/201515

Good News N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Tremendous research attention Research Labs Dedicated conferences and workshops Encouraging results * Alomair and Poovendran, U.S. Patent 20,130,145,169, entitled EFFICIENT AUTHENTICATION FOR MOBILE AND PERVASIVE COMPUTING, (IEEE Transactions on Mobile Computing). Speed cycles/byte Energy consumption µJ/bit SHA-like Our results* /29/201516

Conclusion N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Cyber threats are increasing Attackers are changing strategies continuously Must stay ahead of the game Research, research, and more research 4/29/201517

Thank You!