Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security – An Existential Threat? (IIC, Singapore)

Published byAriel Small Modified over 6 years ago

Similar presentations

Presentation on theme: "Cyber Security – An Existential Threat? (IIC, Singapore)"— Presentation transcript:

1 Cyber Security – An Existential Threat? (IIC, Singapore)
Andrew J Haire Cyber Security – An Existential Threat? (IIC, Singapore)

2 IIC, Singapore - 4 October 2016
Agenda Need? The Delicate Balance Public Policy Tools Stakeholder Interactions Way Forward Wrap – recommended reading The four days of these meetings deals with Smart Sustainable Cities & the next two sessions this morning will focus on the tools that bring the word “Smart” in that phrase. Secondly, many in the audience will be quite familiar with the individual points, but what I hope to accomplish But before starting what will we discuss over first hour. TO START: the focus of my remarks will center around ICT Policy and Strategy, and will leave political, technical and systems discussions for other presentations. Too often in ‘tech’ discussions we are not clear what words or things mean; SO we will define what is meant by the four areas of discussion. We will then address where we are, and why: why now, what are the parts of this tech landscape, what are the opportunities for the 3rd part of the phrase – “Cities” And finally are are the implications that ICT imposes on: Existing Models Policy – both public policy, and the governance of that policy. At end end of our sessions I would hope that we: IIC, Singapore - 4 October 2016

3 Need Crossroads Pervasiveness of ICT Breaches. Attack surface
Is it real, is there a need for public policy oversight or involvement Crossroads Can we predict if threats are growing? Pervasiveness of ICT Breaches. Uniqueness of them; they happen fast Attack surface Increased vulnerabilities The inclusion of public impact devices The ability to penetrate Complexity of networks; pressure to contain costs at an industry level Payoff opportunities. New Needs Sustain and improved a Trusted Environment To build Public Policy protections IIC, Singapore - 4 October 2016

4 Need Crossroads Pervasiveness of ICT Breaches. Attack surface
Is it real, is there a need for public policy oversight or involvement Crossroads Can we predict if any threat is growing? Pervasiveness of ICT Breaches. Uniqueness of them; they happen fast Attack surface Increased vulnerabilities The inclusion of public impact devices The ability to penetrate Complexity of networks; pressure to contain costs at an industry level Payoff opportunities. New Needs Sustain and improved a Trusted Environment To build Public Policy protections IIC, Singapore - 4 October 2016

5 Need Crossroads Pervasiveness of ICT Breaches. Attack surface
Is it real, is there a need for public policy oversight or involvement Crossroads Can we predict if any threat is growing? Pervasiveness of ICT Breaches. Uniqueness of them; they happen fast Attack surface Increased vulnerabilities The inclusion of public impact devices The ability to penetrate Complexity of networks; pressure to contain costs at an industry level Payoff opportunities. New Needs Sustain and improve the Trusted Environment To build Public Policy protections IIC, Singapore - 4 October 2016

6 Need Crossroads Pervasiveness of ICT Breaches. Attack surface
Is it real, is there a need for public policy oversight or involvement Crossroads Can we predict if any threat is growing? Pervasiveness of ICT Breaches. Uniqueness of them; they happen fast Attack surface Increased vulnerabilities The inclusion of public impact devices The ability to penetrate Complexity of networks; pressure to contain costs at an industry level Payoff opportunities. New Needs Sustain and improved a Trusted Environment To build Public Policy protections IIC, Singapore - 4 October 2016

7 Balance The balance between societal and economic :: progress and protection Another balance: Cybersecurity and privacy and user convenience Full Lockdown? Laissez Faire? Profile of cyber incidents Industry Motivation Trends Fingerprints. We need a look at the policy interested parties: Obligations/Responsibilities of each stakeholder IIC, Singapore - 4 October 2016

8 Balance The balance between societal and economic :: progress and protection Another balance: Cybersecurity and privacy and user convenience Full Lockdown? Laissez Faire? Profile of cyber incidents Industry Motivation Trends Fingerprints. We need a look at the policy interested parties: Obligations/Responsibilities of each stakeholder IIC, Singapore - 4 October 2016

9 Balance The balance between societal and economic :: progress and protection Another balance: Cybersecurity and privacy and user convenience Full Lockdown? Laissez Faire? Profile of cyber incidents Industry Motivation Trends Fingerprints. We need a look at the policy interested parties: Obligations/Responsibilities of each stakeholder IIC, Singapore - 4 October 2016

10 Balance The balance between societal and economic :: progress and protection Another balance: Cybersecurity and privacy and user convenience Full Lockdown? Laissez Faire? Profile of cyber incidents Industry Motivation Trends Fingerprints. We need a look at the policy interested parties: Obligations/Responsibilities of each stakeholder IIC, Singapore - 4 October 2016

11 Balance The balance between societal and economic :: progress and protection Another balance: Cybersecurity and privacy and user convenience Full Lockdown? Laissez Faire? Profile of cyber incidents Industry Motivation Trends Fingerprints. We need a look at the policy interested parties: Obligations/Responsibilities of each stakeholder IIC, Singapore - 4 October 2016

12 Balance The balance between societal and economic :: progress and protection Another balance: Cybersecurity and privacy and user convenience Full Lockdown? Laissez Faire? Profile of cyber incidents Industry Motivation Trends Fingerprints. We need a look at the policy interested parties: Obligations/Responsibilities of each stakeholder IIC, Singapore - 4 October 2016

13 Balance The balance between societal and economic :: progress and protection Another balance: Cybersecurity and privacy and user convenience Full Lockdown? Laissez Faire? Profile of cyber incidents Industry Motivation Trends Fingerprints. We need a look at the policy interested parties: Obligations/Responsibilities of each stakeholder IIC, Singapore - 4 October 2016

14 Tools What are these? What are universal norms for cybersecurity
Additional tools or actions of gov’t What are these? At a Policy level At an operational level What are universal norms for cybersecurity IIC, Singapore - 4 October 2016

15 Tools What are these? What are universal norms for cybersecurity
Additional tools or actions of gov’t What are these? At a Policy level At an operational level What are universal norms for cybersecurity IIC, Singapore - 4 October 2016

16 Interactions Offence. Law Defense. Tech solutions. Hampered by:
The condition of governance, oversight , stakeholder engagements Offence. Law Skills shortage. Obsolete frameworks. Defense. Tech solutions. Hampered by: A skills shortage among tech support; Key findings Education is deficient High value skills are in critically short supply, mostly with Intrusion detection, secure software development, attack mitigation IIC, Singapore - 4 October 2016

17 Way Forward Remove regulatory uncertainties Education / Training
What should be primary focal points Remove regulatory uncertainties Form of regulation and ensure enforcement Promote cybersecurity elements in international law Need for a more formal legal framework Education / Training Promote cybersecurity education Promote cybersecurity R&D Broad stakeholder participation building framework Overcome lack of standardizations efforts Promote counter cybercrime policy Tactical participation Ensure ongoing risk assessment, offensively and defensively IIC, Singapore - 4 October 2016

18 Learn More Center for Strategic and International Studies & Intel© Security; Hacking the Skills Shortage, 2016 WEF; The future of financial infrastructure, August 2016 Verizon; Data Breech Investigations Report, 2016 Harold Abelson, et al; Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications; MIT Report, 6 July 2015 Professors Crabb & Stern, Technology Traps: Who is Responsible? International Journal of Technoethics, April-June 2010 Jason Healy, Comparing Norms for National Conduct in Cyberspace, Atlantic Council, 20 June 2011 United States Cybersecurity National Action Plan, 9 February 2016 C Timberg, Washington Post, The Internet’s Founders Saw Its Promise Bud Didn’t Foresee Users Attacking One Another, 30 May 2015 Garrett M Graff, Washington Post, Government lawyers don’t understand the Internet, 23 September 2016. IIC, Singapore - 4 October 2016

19 IIC, Singapore - 4 October 2016
Thank You Andrew J Haire IIC, Singapore - 4 October 2016

Download ppt "Cyber Security – An Existential Threat? (IIC, Singapore)"

Similar presentations

A strategy for a Secure Information Society –

A strategy for a Secure Information Society –
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Global Cyber Security Capacity Maturity Model - CMM WSIS Forum 2015 – Geneva Dr Maria Bada 25/05/2015.

Global Cyber Security Capacity Maturity Model - CMM WSIS Forum 2015 – Geneva Dr Maria Bada 25/05/2015.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
A National approach to Cyber security/CIIP: Raising awareness.

A National approach to Cyber security/CIIP: Raising awareness.
Cyber Security Nevada Businesses Overview June, 2014.

Cyber Security Nevada Businesses Overview June, 2014.
Jerry Cochran Principal Security Strategist Trustworthy Computing Group Microsoft Corporation.

Jerry Cochran Principal Security Strategist Trustworthy Computing Group Microsoft Corporation.
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
GSC Global Standards Collaboration GSC-10 28 August – 2 September 2005 Sophia Antipolis, France August 28 – September 2, 2005 1 ISACC Opening Plenary Presentation.

GSC Global Standards Collaboration GSC August – 2 September 2005 Sophia Antipolis, France August 28 – September 2, ISACC Opening Plenary Presentation.
DRAFT 1 Belfast 2015 5 th World Cyber Security Technology Research Summit Suren Gupta Allstate Corporation Executive Vice President Allstate Technology.

DRAFT 1 Belfast th World Cyber Security Technology Research Summit Suren Gupta Allstate Corporation Executive Vice President Allstate Technology.
UNCLASSIFIED 1 National Security in Cyberspace: It Takes a Nation Sandra Stanar-Johnson NSA/CSS Representative to the Department of Homeland Security February.

UNCLASSIFIED 1 National Security in Cyberspace: It Takes a Nation Sandra Stanar-Johnson NSA/CSS Representative to the Department of Homeland Security February.
Responsive Innovation for Disaster Mitigation Gordon A. Gow University of Alberta.

Responsive Innovation for Disaster Mitigation Gordon A. Gow University of Alberta.
IS3220 Information Technology Infrastructure Security

IS3220 Information Technology Infrastructure Security
HHS Security and Improvement Recommendations Insert Name CSIA 412 Final Project Final Project.

HHS Security and Improvement Recommendations Insert Name CSIA 412 Final Project Final Project.
Advanced Planning Brief to Industry Jerry L. Davis DAS, Office of Information Security June 9, 2011.

Advanced Planning Brief to Industry Jerry L. Davis DAS, Office of Information Security June 9, 2011.

Similar presentations

Ads by Google