The Top 10 Cybersecurity Predictions for 2015

ISACAFebruary 12th 2015, Sacramento CA

Matthew RosenquistCybersecurity Strategist, Intel Corp

Abstract

2

Peering into the future of cybersecurity provides valuable insights for security

professionals. The industry is changing rapidly and attackers seem to always be

one step ahead. Organizations must not only address what is ongoing, but also

prepare for how cyber-threats will maneuver in the future. Come listen to the

2015 Cybersecurity Predictions and join the discussion of the forthcoming

challenges the industry is likely to face and how we can be better prepared for

it.

Biography

3

Matthew RosenquistCybersecurity StrategistIntel Security Group

Matthew benefits from 20 years in the field of security, specializing in strategy, threats, operations, crisis management, measuring value, communicating industry changes, and developing cost effective capabilities which deliver the optimal level of security. As a cybersecurity strategist, he works to understand and communicate the future of security and drive industry collaboration to tackle challenges and uncover opportunities to significantly improve global computing security.

Mr. Rosenquist built and managed Intel’s first global 24x7 Security Operations Center, overseen internal platform security products and services, was the first Incident Commander for Intel’s worldwide IT emergency response team, and managed security for Intel’s multi-billion dollar worldwide mergers and acquisitions activities. He has conducted investigations, defended corporate assets, established policies, developed strategies to protect Intel’s global manufacturing, and owned the security playbook for the PC strategic planning group. Most recently, Matthew worked to identify the synergies of Intel and McAfee as part of the creation of the Intel Security Group, one of the largest security product organizations in the world.

Twitter @Matt_RosenquistBlogs Intel IT Peer Network

Our Cybersecurity Future

4

Why look forward?

To understand the challenges we face

Why does it matter?

Allows us to prepare and make good choices

What can we do?

Think ahead, plan, and lead

Let’s explore and discuss…

Chain Reactions Drive Cybersecurity Evolution…

5

Cybersecurity Predictions for 2015

6

Top 10 Cybersecurity Predictions for 2015

7

Cyber Warfare Becomes Legitimate

• A tool for government policy

• Investments coming to fruition

• Discretion, but no apologies

• Innovation leaks to other hackers

• State sponsored attacks

• Intelligence gathering & surveillance

Expect collateral damage and more

sophisticated attack technology

• Update your threat agent risk profiles

• Invest more in advanced detection

8

1.

9

2. Active Government Intervention

• Active role in defending their citizens

• Investigate, respond, and prosecute

• Improved law enforcement

• Public advocacy and attribution

• International cooperation

• Politicians seek to punish nation-states

More politics & better law enforcement

to meet public expectations

• More regulations and specificity

• Government voice representing enterprise victims

10

3. Security Talent in Great Demand

• Pool of qualified workers is dry

• Higher salaries for cyber professions

• Will take 2-3 years to refresh the pool

• Need a generation of security leaders

• Opportunities abound for talent

Hiring of technical and leadership

cybersecurity staff will be difficult

• Plan accordingly to hire qualified candidates

• Hold on to the good ones you have

• Outsource services if necessary

11

4. Big names will continue to fall victim

• Nobody is immune

• Attackers seek easy and valuabletargets

• Financial, well-known, & political targets will be victimized

• More business data theft, forgery, impersonation, and hijacking

Re-evaluate your position as a victim

• Understand the types of attackers interested in your organization

• Don’t be an easy target, stay stronger

• Secure products, operations, and data

• Reconsider what is valuable and how to protect it

12

5. Attacks put individuals directly at risk

• Feeling of being personally attacked

• Ransomware, spearphishing, personal threats and embarrassment

• Executives, politicians, government officials, famous, and the wealthy

• Cyber affecting physical world risks

Prepare mentally to deal with rigors

• Expect everyday people to be targeted

• Prepare executives & DRBC response

• Expand crisis plans for special cases of employees & customers notifications

• Evaluate links to physical-harm

13

Enterprises overhaul the view of risk

• Board level discussions focus on awareness and responsibility

• Product and service security

• Privacy of customer data > availability

• Less tolerance of mistakes

Refine how risk is evaluated

• Threat and Likelihood increase

• Understand attackers (the Who & Why, not just How)

• Attack velocity and scope increasing

• Seek an optimal security posture

• Drive focus, accountability, funding, and visibility to the board

6.

14

7. Attack & Defense Innovation Improve

• Attackers maintain the initiative

• Success encourages more attacks

• Both leverage the power of cloud resources, services, and software

• Cloud storage and web ad networks to deliver malware

• Certificate theft rises

Leverage New Controls and Services

• Attack detection & attribution, threat intelligence, DC/VM/IoT/POC, and contextual security factors

• Security industry vendor consolidation

• Cross-technology alliances for tool collaboration

15

8. Malware Becomes More Problematic

• Rise in complexity, tougher to detect, analyze and remove

• Signed malware 100% growth, ~100m

• Numbers grow 50%+ annually, ~500m

• Expansion beyond PC’s

• Ransomware and bank credential theft

Prepare for Malware Getting Through

• Layered defense for prevention

• Rapid detection of compromise

• Prepare for complex ransomware

• Cultivate savvy employees

16

9. Attackers Seize Upon Tech Growth

• More users, devices, data, and infrastructures

• Data and services more valuable

• Threats lured to value and power

• IoT, Bitcoin, ATM, and online services

• State sponsored communications, intelligence gathering, industrial controls and critical infrastructures

With Growth Comes Risk

• Careful what you buy and from whom

• Upgrade infrastructures with security

• Vet your products and services prior to release for vulnerability/privacy issues

17

10. Next Evolution of Attacks

• From DoS and Data Theft to sophisticated campaigns of Monitoring and Manipulation – Undermine Trust

• Access is a beachhead for long term surveillance and exploitation

• Shifts from smash-n-grab to Data Tampering and service control

• Altering financial transactions, modify ICS safety, control of communication infrastructures of trusted entities

Prepare for the Next Types of Attacks

• Improve detection and response processes

• Think, Plan, and Prepare!

Common Themes…

18

• Threat agents advance

• Greater infusion of resources

• More professional threats

• Advanced technical and behavioral capabilities

• Attacks expand and are more impactful

• Breadth follows technology growth

• Sophistication goes deeper

• Impacts rise and expand to new areas

• Defenders must keep pace to survive

• Optimize and prioritize resources

• Adapt to shifts in attacks and impacts

• Don’t be the easy target and protect what is most valuable

1. Leadership is essential

2. Know your Threats, Assets, and Controls

3. Prepare for new attacks

4. Don’t be the easy target

5. Seek the ‘Optimal’ balance of security

6. Leverage layers of security

7. Apply a strategic cybersecurity capability process

7 Keys to Cybersecurity Success

Question and Answer Discussion

20

21

Intel, the Intel logo, and McAfee are trademarks of Intel Corporation in the United States and other countries.

*Other names and brands may be claimed as the property of others.

Copyright © 2015 Intel Corporation. All Rights Reserved

22