Post on 28-Jan-2015
description
CLOUD
S U P E RSECURE
Peter Cochraneformicio.com
Thursday, 12 July 12
Security is always a cat and mouse game...
Thursday, 12 July 12
And we are always trying to tilt the odds in our favour...
Thursday, 12 July 12
But we cannot leave anything to chance, we cannot afford to gamble, the stakes are far too high..
Thursday, 12 July 12
We have to think like the enemy, war game, test and probe, & constantly keep ahead technically and strategically...
Thursday, 12 July 12
1) There is always a threat
2) It is always in a direction you’re not looking
3) Perceived risk/threat never equals reality
4) Nothing is 100% secure
5) People are always the primary risk
6) Resources are deployed inversely proportional to actual risk
Laws of security...
Thursday, 12 July 12
Laws of security...
7) You need two security groups - defenders & attackers
8) Security & operational requirements are mutually exclusive
9) Legislation is always > X years behind
10) Security standards are an oxymoron
11) Security people are never their own customer
12) Cracking systems is far more fun than defending them
Thursday, 12 July 12
Laws of security...
13) Hackers are smarter than you - they are younger!
14) Hackers are not the biggest threat - governments are!
15) As life becomes faster it becomes less secure
16) Connectivity and data half lives are getting shorter too
17) We are most at risk during a time of transition
18) The weakest link generally defines the outcome
Thursday, 12 July 12
If we continue to do what we’ve always done our Cloud exposure will accelerate..
Thursday, 12 July 12
In The Cloud - the attack surface is the entire planet...
Thursday, 12 July 12
We w i l l n e e d more and smarter firewalls...
Thursday, 12 July 12
All forms of malware protection will have to become evolutionary...
Thursday, 12 July 12
Has to become far more sophisticated...
Thursday, 12 July 12
Enhancing login vectors...Something you:
- Do- Are- Know- Possess- Deduce- Relate to- Recognise- Remember- Understand
A concatenation of weak vectors rapidly becomes very strong...
Thursday, 12 July 12
Concatenating numerous low cost biometrics is a good example...
- Eye- Face- Hand- Voice- Typing- Habits- Devices- Locations- ++++
Thursday, 12 July 12
Automated & stronger encryption...
...but only where needed !Thursday, 12 July 12
More anonymity applications...
Thursday, 12 July 12
More url hopping, identity, & location cloaking applications...
Thursday, 12 July 12
What does The Cloud offer beyond all this ?
Thursday, 12 July 12
So what are the extras The Cloud brings to the party ?
It will destroy dominant mono-cultures of:- Devices- Browsers- eMail clients- Application sets- Operating modes- Operating systems
Hackers love mono-cultures - it makes their lives so very
much easier...
Thursday, 12 July 12
More variety, dynamism, and faster change...
Thursday, 12 July 12
Clouds of all sizes will form and dissipate by demand . . .w i t h t h e clustering of people and devices +++
Thursday, 12 July 12
Connectivity will be less static, comms between Clouds sporadic and far more varied...
Movie
Thursday, 12 July 12
Moving targets are very hard to hit
Thursday, 12 July 12
Thin clients offer very limited processing and memory, making it far harder for malware to be effective...
Thursday, 12 July 12
Cloud services now a v a i l a b l e f r o m multiple suppliers...
- Infrastructure- Platform- Software
Thursday, 12 July 12
Use multiple suppliers for connectivity, apps, storage, security et al and employ in a randomised fashion...
Thursday, 12 July 12
...seamlessly flip between devices...Thursday, 12 July 12
Why
Thursday, 12 July 12
To make it incredibly difficult for the dark side:
- No single log-on device- No single log-on location- Variable log-on routine- Distributed applications- Distributed filing system- Parsed and distributed data- Multiple clouds and providers- Dynamic creation of clouds- Dynamic cloud interconnection- Inter-cloud encryption and coding- Corporate strength security for all
Thursday, 12 July 12
App
App App
App
App Storage
Storage Corporate
Corporate
Corporate
Personal Personal Storage
One of manyConnection
Clouds
SurroundedBy
Clouds
Thursday, 12 July 12
Parsed data flows to/frommultiple destinations...
...are incredibly difficult to intercept and decode...
Thursday, 12 July 12
Parsed, encrypted & distributed folders over multiple global ser vers . . . i s even harder!
Thursday, 12 July 12
Parsed, encrypted and distributed data folders over multiple global servers...is even worse!
The biggest threat is still people laxity and the insider...
Thursday, 12 July 12
Behavioural monitoring and analysis will become an essential cloud service for SMEs, corporations & .gov...
Thursday, 12 July 12
Half lives of connections, data, info and knowledge...are going to get much shorter!
Thursday, 12 July 12
We have toreduce theopportunityand the time available forThe Dark Sideto infiltrate and take action...
Thursday, 12 July 12
And should they break in we confront them with partial access and a very confusing picture...
Which door to choose, and to which cloud, for how long, with access to what ?
Thursday, 12 July 12
How many layers, combinations,connections, locks,types ?
How long will they be open,
and what is in each of the many clouds ?
Thursday, 12 July 12
The Dark S i d e w i l l thus have far less time to infiltrate a n d t a k e action...
The day of the lone hacker is coming to an end...
Thursday, 12 July 12
The New Dark Side are gov agencies and criminal organisations with huge budgets, people & tech resources...
Thursday, 12 July 12
The sophistication of StuxNet and Flame surprised industry and governments .. .and they mark the start of a new era...
Thursday, 12 July 12
We may be transiting to‘Cyber Warfare’...
Thursday, 12 July 12
Fending off such threats
demands more capability
than individual corps can
muster
Thursday, 12 July 12
Global cooperation will be required, to develop military grade solutions ...
Thursday, 12 July 12
To survive and prosper we have to think and act differently whilst leverag ing new technology, and techniques...
Thursday, 12 July 12
The DIYcompanies
will not survive...
Thursday, 12 July 12
Malware is now open code for free or a modest price f r o m m u l t i p l e sources...
...it is also breeding by the hand of man and by a digital life force we created...
Thursday, 12 July 12
The Art of War by Sun Tzu, 600 BC
“Speed is the essence of war. Take advantage of the enemy's unpreparedness ; t rave l by unexpected routes and strike him where he has taken no precautions”
Thursday, 12 July 12
Be prepared !Thursday, 12 July 12
Thank You
formicio.com
Thursday, 12 July 12