Stiennon Keynote at Trusted Computing Conference 2013, Orlando
-
Upload
richard-stiennon -
Category
Technology
-
view
1.055 -
download
2
description
Transcript of Stiennon Keynote at Trusted Computing Conference 2013, Orlando
Trust: The Lynchpin of Society
Thursday, September 12, 13
June 6, 2013. It begins
2
Thursday, September 12, 13
Why SIGINT Matters
3
Thursday, September 12, 13
Scenarios
• Member of Congress contacts with stock brokers
• Volume of calls between acquirer and target
• CEO-CFO interactions
• Journalist-whistleblower interactions
• Petraeus-Broadwell
4
Guardian image
Thursday, September 12, 13
If Only It Were Just Meta Data
5
...the Justice Department has secretly interpreted federal surveillance law to permit thousands of low-
ranking analysts to eavesdrop on phone calls.
Thursday, September 12, 13
“Collect everything”
6
Thursday, September 12, 13
PRISM’s Rogue Gallery
7
Thursday, September 12, 13
Fall out
8
Thursday, September 12, 13
Trust eroding
9
Thursday, September 12, 13
Industry Responding
10
Thursday, September 12, 13
Too Late
11
Thursday, September 12, 13
Summing Up The Reactions
12
Thursday, September 12, 13
The Old Threat Hierarchy
• Information Warfare
• CyberCrime
• Hactivism
• Vandalism
• Experimentation13
Thursday, September 12, 13
The New Threat Hierarchy
• Surveillance State
• Information Warfare
• CyberCrime
• Hactivism
• Vandalism
• Experimentation14
Thursday, September 12, 13
GENIE is Out Of the Bottle
Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that
they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed "covert implants," sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers
into the millions. -Washington Post
15
Thursday, September 12, 13
Implications for the IT Industry
• The state as threat actor
• Researching NSA malware
• Defending against NSA surveillance
16
Thursday, September 12, 13
The Enterprise Is Compromised
• If every employee’s email and phone conversations are captured what are breach notification requirements?
• HIPPA?
• GLB?
• SOX?17
Thursday, September 12, 13
Good Times For Trusted Computing?
• A universal threat must be met with universal security
• Spending on encryption set to double within a year
• Protecting keys will lead to massive investment in security
18
Thursday, September 12, 13
Look For a Ten Fold Increase in Spending
19
0
175
350
525
700
2003 2013 2023
cyber crime
cyber espionage
surveillance state$639 Billion
Thursday, September 12, 13
A Call To Arms
This new threat to Confidentiality, Integrity, Availability, Privacy, Commerce, Democracy, and Stability, greater than all others, is what Trusted Computing was built to counter. Let’s fix this, before it is too late.
20
Thursday, September 12, 13