Evolutionary predictions for cybersecurity 2016 and beyond

Matthew RosenquistCybersecurity Strategist,Intel CorpJanuary 2016

BiographyMatthew RosenquistCybersecurity StrategistIntel Security Group

Matthew benefits from 20 years in the field of security, specializing in strategy, threats, operations, crisis management, measuring value, communicating industry changes, and developing cost effective capabilities which deliver the optimal level of security. As a cybersecurity strategist, he works to understand and communicate the future of security and drive industry collaboration to tackle challenges and uncover opportunities to significantly improve global computing security.

Mr. Rosenquist built and managed Intel’s first global 24x7 Security Operations Center, overseen internal platform security products and services, was the first Incident Commander for Intel’s worldwide IT emergency response team, and managed security for Intel’s multi-billion dollar worldwide mergers and acquisitions activities. He has conducted investigations, defended corporate assets, established policies, developed strategies to protect Intel’s global manufacturing, and owned the security playbook for the PC strategic planning group. Most recently, Matthew worked to identify the synergies of Intel and McAfee as part of the creation of the Intel Security Group, one of the largest security product organizations in the world.

Twitter @Matt_RosenquistBlogs Intel IT Peer Network

Chain Reactions Drive Cybersecurity Evolution…

1. Government’s roles expand

2. Advances in nation-state cyber-

offense affects everyone

3. Life safety and cybersecurity

intersect in products

4. The rise of cyber litigation

5. Realistic costs of cybersecurity are

better understood and shocking!

6. Cybersecurity expectations increase across enterprises and consumers

7. Attackers evolve, adapt, and accelerate

8. Trust and Integrity are targeted and undermined

9. Security technologies improve but remain outpaced and outmaneuvered

10. Lack of security talent hinders the industry

The Top 10 Cybersecurity Predictions for 2016

Government’s roles expand1.

Government’s roles expand

Public will demand their governments be more actively

involved in preventing and responding to major hacking

events. Governments move to protect citizens from

cyber threats, privacy infractions, fraud, and digital

crimes.

Result:

1. More regulations to raise standards

2. Better policing and collaboration

3. More laws for prosecution actions

1.

Advances in nation-state cyber-offenseaffects everyone

2.

Advances in nation-state cyber-offenseaffects everyone

Broad adoption by many nation states for cyber-

offense capabilities. Large governments incorporate

cyber roles into all 4 defense domains (land, sea, air,

space) with clear objectives and deployable systems.

Result:

1. Trickle down effect gives some tech to cyber criminals and attackers

2. Reverse engineered code is reused by other threats

3. Attackers don’t have to invest in developing high-end exploits, instead they can just harvest what governments create

2.

Life safety and cybersecurity intersect in products

3.

Life safety and cybersecurity intersect in products

Industrial and consumer products are being connected

to the internet and to each other. Appliances, cars,

power stations, medical devices, wearables, and others

are both gathering data and exerting control over our

activities. Such data and control can have catastrophic

impacts as our reliance and trust increase.

Result:

1. A slow burn wake-up call for the transportation (auto, air, trains) industry as risks emerge

2. IoT devices will explode in number and function, but so will the vulnerabilities and potential misuse

3. Drones are of interesting concern to safety and privacy. Expect more regulations

3.

The rise of cyber litigation4.

The rise of cyber litigation

Lack of best security practices will create liability. The

barrier to sue is contested in the digital world and

decreases for data breaches and device/service security.

The litigation field is preparing to pounce on emerging

opportunities.

Result:

1. Overall legal costs increase and the limits for compensatory and punitive damage are challenged

2. Firms begin to specialize (ex. breach defense and breach class-action, privacy, product security)

3. Companies will have to contend with litigation as well as regulatory actions

4.

Cyber Attorney

Privacy violations

Reputation impacts

Fraud & mismanagement

Insecure Products

Poor business partner

Realistic costs of cybersecurity are better understood and shocking!

5.

Realistic costs of cybersecurity are better understood and shocking!

Industry currently fails to see the overall impact and long

term trends. How do we prioritize investments if we don’t

know the costs?

New emphasis will emerge to understand the systemic

costs of cybersecurity risks to include: Products & services spending, staffing, audit, compliance, and insurance Incident response, regulatory, and recovery costs Opportunity costs, product dev/test, release delays, hindrance to

innovation and investment

Result:

1. Overall costs may exceed $100 trillion by 20302. The industry shift-of-perspective begins. From tactical

treatment of recurring symptoms to the strategic interdiction of the systemic condition

5.

Cybersecurity expectations increase across enterprises and consumers

6.

Cybersecurity expectations increase across enterprises and consumers

Enterprise perspectives shift to accept the reputation and

market impacts of digital security.

Consumers expect security “their way” with access

anywhere to anything, while keeping them safe.

Market demands for more connectivity, devices,

architectures, and applications.

Result:

1. Expectations will rise, but the resources and capabilities will not keep pace, causing friction.

2. Leadership will be key. Organizations and market players will strategic insight will stand out and seize opportunities.

6.

Attackers evolve, adapt, and accelerate7.

Attackers evolve, adapt, and accelerate

Attackers are nimble, opportunistic, cooperative, and

skilled. Their motivation, resiliency and creativity drives

great adaptability. We will see acceleration in their

methods, tools, and targets.

Result:

1. Ransomware rises to become a serious problem2. Dark and grey markets grow and services mature3. New data breach targets are added to the mix4. Personal, health, biometric and ID data is explored

by attackers5. Integrity attacks expand by professionals6. Reconnaissance and research follows quickly into

new technology growth areas

7.

Trust and Integrity are targeted and undermined

8.

Trust and Integrity are targeted and underminedAttackers leverage trust mechanisms for their goals:

Digital certs, Identity and Authentication, Encryption

standards and implementation, HW/FW/code

vulnerabilities.

Integrity attacks continue to escalate, altering data

instead of stealing it. This begins a whole new game.

Result:

1. Digital certs misuse allows access and malicious sites/software to proliferate

2. Vulnerabilities in devices, encryption, and code force changes in product design

3. Integrity attacks emerge as a devastating new strategy. Financial, communications, and authentication transactions will be targeted first

8.

Security technologies improve but remain outpaced and outmaneuvered

9.

Security technologies improve but remain outpaced and outmaneuvered

Holistic and strategic views take hold. Executives get

serious on managing cyber risks

Cloud gets more secure

Malware detection and forensics improves

Attack Attribution proficiency increases

Incident Response capabilities and services achieves

professional standing

Result:

1. Availability/Denial of Service protection (GREAT) 2. Confidentiality/Data Breach protection (GOOD) 3. Integrity and trust protection (LACKING)

9.

Lack of security talent hinders the industry10.

Lack of security talent hinders the industry

The lack of qualified cybersecurity talent will greatly

restrict the growth and effectiveness of security teams.

Academia is working to satiate demand, an estimated 2

million unfilled cybersecurity positions by 2017, but it will

take time.

Result:

1. Salaries will continue to rise until demand is met2. Headhunting and retention of top talent becomes

ruthlessly competitive3. Leadership and technical roles in greatest demand4. Outsourcing to MSSP’s and security firms will

increase

10.

Conclusion

As always, cybersecurity represents risks

and opportunities

Much of what was seen in 2015 will

continue, but new vectors will emerge and

supplant legacy tactics

The fundamentals remain but the details

and specifics remain chaotic and

unpredictable

Those with insights to the future have the

best opportunity to be prepared

Intel, the Intel logo, and McAfee are trademarks of Intel Corporation in the United States and other countries.

*Other names and brands may be claimed as the property of others.

Copyright © 2015 Intel Corporation. All Rights Reserved