INTERNATIONAL CYBER WARFARE AND SECURITYCONFERENCE

ANKARA, 27 NOVEMBER 2014

THE EVOLUTION OF THE CYBER ECOSYSTEMWILL PROFOUNDLY CHANGE THE WAY WE LIVE

DEFENCE AGAINST CYBER THREATS WILL BECOME INCREASINGLY COMPLEX

MARKET FORCES ALONE ARE NOT SUFFICIENT TO ENSURE THE PROTECTION OF THE CYBER ECOSYSTEM

EUROPE MUST IMPLEMENT INFRASTRUCTURAL PROGRAMS WITH IMPORTANT CYBER SECURITY COMPONENTS

SUCCESSFUL IMPLEMENTATION OF THE PROGRAMS WE NEED A WELL FUNCTIONING PARTNERSHIP AMONG GOVERNMENT, ACADEMIA AND

INDUSTRY

EOS Vision

EOS is a non-profit organization representing the interests and expertise of 41 Members involved in Security .

European Organization for Security - EOS

EOS members provide technology solutions and services from 13 different countries of the European Economic Area, representing more than 65% of the European Security Market and 2 million employees in Europe.

EOS’ main objective is the development of a harmonised European Security Market in close cooperation with users from the public and private sector.

Policy priorities:- Cybersecurity (including cybercrime & cyberdefence)- Border Control (Surveillance and Smart Borders)- Civil Protection and Crisis Management- Urban Security- Transport Security (Civil Aviation, Supply Chain, Land Transport)- Security Industrial Policy (standardisation, certification, EU R&D, EU funds,

…)- EU strategic (technology) autonomy- EU Internal Security Strategy

European Organization for Security - EOS

EOS’ projects in cybersecurity:

CYSPA (2012 – 2015):Aims at delivering a cyber risk assessment and impact methodology tested across five sectors: e-government, energy, finance, TLC, and transport. CYSPA is working toward the establishment of a self-sustaining alliance to provide services in the critical infrastructure protection domain.

COURAGE (2014 – 2016):Aims at delivering a research agenda for Cyber Crime and Cyber Terrorism. The purpose of COURAGE is to significantly improve the security of citizens and critical infrastructures and support crime investigators.

CAPITAL (2013 – 2015): Complements CYSPA. The main objective is to deliver an integrated research and innovation agenda for cybersecurity and privacy, identifying future trends and challenges. Close link with the NIS Platform (DG CONNECT).

European Organization for Security - EOS

We are moving toward a data-driven hyper-connected world where interdependence will become pervasive.

Three game changers: Internet of Things , Big Data, and Cloud.

The Internet of Things: “With the development of the Internet of Things alongside current networks we are talking about the possibility that in the future every person and every thing could be connected to each other wirelessly, from virtually any position on earth”. (Neelie Kroes, 1 June 2010)

Big Data: “Big data is not just a new sector, but a new asset class. One that sits as a pillar of our economy, like human resources or financial capital”. (Neelie Kroes, 7 November 2013)

Cloud: “Cloud Computing will change our economy. It can bring significant productivity benefits to all, right through to the smallest companies, and also to individuals”. (Neelie Kroes, 26 January 2012)

Future digital ecosystem

“The advent of IoT is taking place in an ICT environment affected by several major trends. ‘Scale’ is one of them: the number of connected devices is increasing, while their size is reduced. ‘Mobility’ is another: objects are ever more wirelessly connected. ‘Heterogeneity and complexity’ is a third trend: IoT will be deployed in an environment already crowded with applications that generate a growing number of challenges in terms of interoperability” . (EC COM 2009 /278)

The Internet of Things (Internet of Everything)

“A new generation of technologies and architectures designed to extract value economically from very large volumes of a wide variety of data by enabling high-velocity capture, discovery, and/or analysis”. (IDC Market Analysis, March 2012)

Big Data

“Cloud computing, being born global, calls for a reinforced international dialogue on safe and seamless cross-border use. For example, the international dialogues on trade, law enforcement, security and cybercrime all need to fully reflect the new challenges raised by cloud computing”. (EC COM 2012/529)

Cloud Computing

ECP

Critical Infrastructure Protection:

Data from the US Industrial Control Systems CERT provide a snapshot of patterns of attacks to critical infrastructure.

“Common initial infection vectors were unauthorized access of Internet facing devices, scanning and probing of publicly accessible assets, malware transfer via removable media, exploitation of software/hardware vulnerabilities, and spear phishing attacks” (ICS-CERT Monitor, December 2013)

The threat landscape

Critical Infrastructure Protection:

In 2013, ICS-CERT responded to 256 reported incidents. The majority (59%) occurred in the Energy sector.

The threat landscape

Internet of Things: Threats are real and threats vector will be multiplicating

“If we thought that doing cybersecurity in a world of wired desktops was hard, now we’re going to do it in a world where your coffee maker, your car and your refrigerator are also a threat vector”. (Michael Daniel – White House Cybersecurity Coordinator, 29 January 2014)

“Interconnected devices and smart environments provide an ideal environment for all threat agent groups to perform malicious activities ranging from data collection and data manipulation up to fooling home appliances of their victims, thus creating harm even to their lives”. (ENISA Threat landscape 2013)

“Symantec has discovered a new Linux worm that appears to be engineered to target the Internet of Things. The worm is capable of attacking a range of small, Internet-enabled devices in addition to traditional computers. Variants exist for chip architectures usually found in devices such as home routers, set-top boxes, and security cameras”. (Symantec , 27 November 2013)

“PhD candidate Ang Cui and Professor Salvatore Stolfo have found serious vulnerabilities in Cisco VoIP telephones. Cui and Stolfo are particularly concerned with embedded systems that are widely used and networked on the Internet, including VoIP phones, routers, and printers”. (Columbia University School of Engineering, 4 January 2013)

The threat landscape

Big Data: data protection, profiling

“A number of challenges have been identified for big data security. Indicatively, these challenges address data protection, data access control and data filtering issues for huge data amount that are beyond the processing power of contemporary Security Information and Event Management (SIEM) products”. (ENISA, Threat Landscape 2013)

“User data collected by large organizations is constantly accessed by inside analysts as well as outside contractors and business partners. A malicious insider or untrusted partner can abuse these data sets and extract private information from customers”. (CSA Big Data Security and Privacy Challenges, April 2013)

“It is really very nearly within our grasp to be able to compute on all human generated information”. (CIA CTO Ira “Gus” Hunt, March 2013)

The threat landscape

“The twenty-first century will be the century of complexity” (Stephen Hawking).

Economic, technological, and social factors have led to a new infrastructural key paradigm: INTERDEPENDENCY

Need for a holistic approach

Blurring dividing lines:

Interdependence and complexity of the cyber ecosystem will grow exponentially in the near future.

Infrastructures interdependence makes it impossible to see civil and military systems in isolation.

Military networks depend for their functioning also on civilian infrastructure.

Air-gaps between military and civil domain will become thinner.

Cyber civ-mil issues

The EU cybersecurity strategy includes among its priorities the development of industrial and technological resources.

The strategy recognizes the need for incentives to the private sector to ensure higher levels of security.

The strategy points to the necessity to stimulate the European demand for secure products .

The strategy underlines the importance of R&D to fill the technology gaps in ICT security.

The Commission invites Member States to develop good practices to use public administrations procurement to stimulate the development and deployment of security features in ICT products and services.

EU Cybersecurity strategy

A Cybersecurity Investment Program:

EOS calls for the implementation of a specific Cybersecurity Industrial Policy complemented by an EU Cybersecurity Investment Program.

The policy should encourage the development of a strong European cyber industrial base, should facilitate the implementation of a coordinated R&I roadmap, and it should provide the framework for a Cybersecurity Investment Program.

A Cybersecurity Investment Program will allow to strengthen the European cyber industry and R&D base, granting at the same time the necessary level of strategic autonomy to Europe.

Program’s topics could be security of critical infrastructure, security of space systems, IoT, …

A cybersecurity investment program needs a partnership among Government, Academia and Industry.

Partnership