SlideShare a Scribd company logo

An Impending Security CrisisSecurity crisis

University of Hertfordshire
University of Hertfordshire

At most conferences it is acknowledged that the insider threat is the biggest risk in the cyber catalogue, but no one, or at least precious few, are addressing the problem. Perhaps even more surprising is that the IoT appears to be entirely omitted from the thinking. But these are the two biggest pending risks in the spectrum of our cyber planet. The good news is that the tools we need to develop for both are readily described, defined and dimensioned. The bad news is that whilst behavioural modelling is reasonably advanced and could be progressed rapidly, that is not the case for the IoT which stands to magnify the attack surface of the planet by 100s - 1000s over a very few years. An even more worrying aspect is the fact the the very early IoT devices are going live sans any form of pre engineered security features. The present the ultimate ‘easy/wide-open/unprotected’ target. It almost looks as though the IoT has been designed and manufactured by ‘The Dark Side’ so they can make an easy killing! In this presentation we therefore what we can do quickly to fend off the insider threat, and then move on to examine a biologically inspired auto-immune system for the IoT.

Technology
1 of 41
Download to read offline
An impending Security Crisis Prof Peter Cochrane OBE, DSc petercochrane.com Annual Alumni Network Event London, Docklands, 28 Nov 19
A f t e r T h o u g H t Security is rarely designed into any system from Day 1 and it is almost never a fully integrated component. It mostly comes in the form of a last minute kluge! - engineered in a panic demanding constant updates… S e c u r i t y Elements
A f t e r T h o u g H t Security is rarely designed into any system from Day 1 and it is almost never a fully integrated component. It mostly comes in the form of a last minute kluge! - engineered in a panic demanding constant updates… S e c u r i t y Elements
A L W Ay s O u t o f s y n c Security funding tends to be in ant-phase to reported attacks and sees a cycle of under resources and increased exposure at exactly the wrong time!
Security Depts are always reactive to yesterdays threats and never anticipate the new developments of the Dark Side. They are also engaged in a war where they never strike back…we therefore present a soft target-rich environment W r o n g f o o t e d
To be a good Defender you have to have been a good Attacker. Anticipating attacks and new modes means thinking and acting like the enemy. BUT evil thinking is so very h a r d f o r e s s e n t i a l l y g o o d , ethical, honest people! R I G H T f o o t e d BTW: Not all hackers are young white males wearing jeans, T-Shirt, and a Hoodie!
s tat e s p o n s o r e d Amongst the best educated/trained & funded/supported/motivated groups on the planet often under-rated but perhaps presenting the biggest clear and present danger Discounted to feared in <5 years
P o p u l a r At ta c k M o d e s https://www.helpnetsecurity.com/2016/02/12/know-your-enemy-the-most-popular-hacking-methods/
At ta c k s c e n a r i o 2 0 1 9 https://pagely.com/blog/cyber-attacks-in-2018/
A generally accepted industry conference wide perspective T h r e at s c a p e
A generally accepted industry conference wide perspective The IOTISMissing Insider threat Recognised But NOT YET A PRIORITY T h r e at s c a p e
B e h av i o u r a l A n a ly s i s ( 1 )
B e h av i o u r a l A n a ly s i s ( 1 )People, Devices, Routers, Networks, Computers, Systems etc are all habitual! Deviations from the ‘normal’ pattern of behaviours indicates an exception to the working day. Comparisons with co-workers can reveal some nuances, but modern working sees distinctly different styles/patterns. The job of the Security Monitoring system is to trigger a deep dive - to check legitimacy - and to ask why, what, for whom…
B e h av i o u r a l A n a ly s i s T he N SA we re d e f i c i e n t i n t h e i r i n t e r n a l s e c u r i t y … h e was actually very easy to catch! Sno wde n was smarter depicted in the 2016 Mo v ie b ut not by a big margin! Massive Block Downloads in a short time period is a big flag! An open screen showing the downloads in action is far too risky and a dummy cover is needed Hiding things in plain sight, but hading the Rubik’s Cube to the security guard was far too chancy! The security check on the ion/out gate was weak and needed beefing up significantly!
A h e a d o f t h e g a m e ? C a s i n o s a n d b e h a v i o u r a l a n a l y s i s To d a t e h u m a n o b s e r v e r s o n l y w i t h a g r o w i n g n e e d f o r a u t o m a t i o n a n d A I - p r o b a b l y l e s s t h a n a d e c a d e a w a y !
S e e n a s a 1 9 8 4 D y s t o p i a n F u t u r e i n t h e W e s t ! G o v e r n a n c e & P o l i c i n g o f e n t i r e C i t i e s , T o w n s a n d C o u n t r y C h i n a l e a d i n g B u t t h i s i s l i k e l y t o b e a p r e c u r s o r t o w o r k p l a c e , o f p e o p l e , m a c h i n e s , d e v i c e s a n d t h e n e t w o r k m o n i t o r i n g r e q u i r e d t o n e g a t e t h e i n s i d e r t h r e a t ! I t i s o u r c h o i c e …
BIO-TECH nano-TECH AIRoboticsMulti-Disciplinary hot spot for the 21C New materials New industries New processes New capabilities Lower energy Lower waste Less friction The IoT Industry 4.0 The nervous system of the planet and all we produce and uses Our only tractable model for a future sustainable for all peoples and the planet!
T h e At tac k S u r fac e Magnifying the Dark Side opportunity >200 fold An IoT connecting almost everything from food to clothing, appliances to office equipment, industrial production lines to fitness and health devices, through to vehicles buildings, highways, bridges and other infrastructures to achieve a sustainable world economy using far less material and energy whilst realising high-efficiency recovery, reuse and repurposing…
S p e e d o f G r o w t h Exponentially magnifying attack opportunities https://www.comparitech.com/vpn/cybersecurity-cyber-crime-statistics-facts-trends/
S p e e d o f G r o w t h E x p o n e n t i a l l y g r o w i n g a t t a c k b u d g e t ! https://www.thesslstore.com/blog/2018-cybercrime-statistics/ CyberCrime will soon be able to join the G7 It is expected to overtake the UK economy in 2023
I o T D e v i c e s Mostly produced in China ? No integral security in the early years ? Open/weak portal’ opportunities await the attackers
SystemVue W1906EP 5G Baseband X-Series MXG/EXG89600 PNA and ENA N9038A MXEE7515A UXMN6705B CX3300A Series T3111A NFC System T4000S RCT & RRM Systems M9420A VXT X-Series E6640A EXM i3070 Test Systems ManufacturingComplianceDesign ValidationR & D Deployment KEYSIGHT SERVICES Accelerate Technology Adoption. Lower costs. Consulting Training Product Purchase Alternatives One-Stop Calibration Repair Asset Management Technology Refresh Cellular Wireless Wide Area Network (WWAN) 1 Low Power Wide Area Network (LPWAN) 1 Low Power Wide Area Network (LPWAN) 2 Wireless Neighborhood Area Network (WNAN) 2 Wireless Local Area Network (WLAN) 2 Wireless Field (or Factory) Area Network (WFAN) 2 Wireless Home Area Network (WHAN) 2 Wireless Personal Area Network (WPAN) 2 Proximity 2 Technology LTE MTC Cat 0 LTE eMTC Cat M EC-GPRS NB-IoT LoRaWAN SIGFOX Telensa OnRamp / Ingenu Positive Train Con- trol (PTC) Weightless-W Weightless-N Weightless-P ZigBee NAN Wi-SUN Wireless M-Bus WiFi WiGig WiFi HaLow WiFi WAVE TV White Space Wireless HART ISA100.11a ZigBee Thread Z-Wave EnOcean Bluetooth 4.0/4.1/4.2 Low Energy ANT+ MiWi NFC Governing body/Standards 3GPP Rel 12 3GPP Rel 13 3GPP Rel 13 3GPP Rel 13 LoRa Alliance SIGFOX Wireless Internet of Things Forum (WIoTF) Ingenu (formerly OnRamp) IEEE 802.15.4p Weightless Special Interest Group (SIG) Weightless SIG Weightless SIG ZigBee Alliance IEEE 802.15.4g Wi-SUN Alliance IEEE 802.15.4g European Norm: EN 13757 WiFi Alliance IEEE 802.11a/b/g/n/ac WiFi Alliance IEEE 802.11ad WiFi Alliance IEEE 802.11ah WiFi Alliance IEEE 802.11p WiFi Alliance IEEE 802.11af FieldComm Group IEEE 802.15.4e ISA100 Committee IEEE 802.15.4e ZigBee Alliance IEEE 802.15.4 Thread Group IEEE 802.15.4 Z-Wave Alliance ITU G.9959 EnOcean Alliance ISO/IEC 14543-3-1x Bluetooth special interest group (SIG) ANT+ Alliance IEEE 802.15.4 Microchip Technology NFC Forum, ISO/IEC 14443 & 18000-3 Frequency (MHz) Uses LTE technology and frequency bands GSM bands In-band LTE carrier, or within LTE guard bands, or standalone in re-farmed GSM spectrum Regional sub-GHz bands Regional sub-GHz bands Regional sub-GHz bands Global band: 2.4 GHz 220 MHz TV White Space (TVWS) Regional sub-GHz bands Regional sub-GHz bands Regional sub-GHz bands Regional sub-GHz and global 2.4 GHz bands Regional sub-GHz bands Global bands: 2.4, 5.8 GHz 60 GHz band: 57 - 66 GHz Regional sub-GHz bands Global (5.8 GHz) and regional (5.9 GHz) bands 54-790 MHz Global band: 2.4 GHz Global band: 2.4 GHz Regional sub-GHz and global 2.4 GHz bands Global band: 2.4 GHz Regional sub-GHz bands Regional sub-GHz bands Global band: 2.4 GHz Global band: 2.4 GHz Regional sub-GHz and global 2.4 GHz bands Global band: 13.56 MHz DL bandwidth 20 MHz 1.4 MHz 200 kHz 180 kHz (15 kHz sub-carrier spacing) 125 kHz, 500 kHz Base station listening bandwidth: 200 kHz, 100 Hz UL channels; 600 Hz DL channels 1 MHz 12.5, 25 kHz 5 MHz 200 Hz 12.5 kHz 600 kHz, 1.2 MHz, 2 MHz 200 kHz to 1.2 MHz 5.5 to 6 kHz ,12.5 kHz, 40 to 80 kHz 20, 21, 22, 23, 24, 40, 80, 160 MHz 2.16 GHz 1,2,4,8 and 16 MHz 10 MHz 6- to 8- MHz-wide channels 3 MHz 5 MHz Channel Spacing 600 kHz, 1.2 MHz, 2 MHz 5 MHz 200 kHz 62.5 kHz 2 MHz 1 MHz Proprietary 1 MHz UL bandwidth 20 MHz 1.4 MHz 200 kHz Single-tone: 180 kHz (3.75 kHz or 15 kHz spacing) or Multitone: 180 kHz (15 kHz sub-carrier spacing) 125, 250, 500 kHz Multiple access DL OFDMA OFDMA TDMA OFDMA Proprietary Chirp Spread Spectrum (CSS) Proprietary UNB/FHSS Proprietary UNB/FHSS Random Phase Multiple Access (RPMA) TDMA FDMA + TDMA UNB FDMA + TDMA Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) OFDM, DSSS, OFDMA Single carrier with spread spectrum OFDM OFDM OFDM TDMA TDMA with collision avoidance Carrier Sense Multiple Access with Collision avoidance (CSMA/CA) Carrier Sense Multiple Access with Collision avoidance (CSMA/CA) TDMA TDMA TDMA TDMA TDMA Electromagnetic coupling Multiple access UL SC-FDMA SC-FDMA TDMA Single-tone FDMA or multitone SC-FDMA Modulation DL QPSK, 16QAM, 64QAM QPSK, 16QAM, 64QAM GMSK, optional 8PSK BPSK, QPSK, optional 16QAM LoRa; (G)FSK GFSK 2FSK BPSK, OQPSK,FSK, GFSK, P-FSK, P-GFSK GMSK, C4FM, QPSK, BPSK/QPSK/16QAM DBPSK GMSK, OQPSK DSSS (Direct Sequence Spread Spectrum), BPSK, O-QPSK MR-FSK/MR-OFDM/ MR-O-QPSK FSK/GFSK/GMSK/4GFSK CCK, BPSK, QPSK, 16-QAM, 64-QAM, 256-QAM QAM16, SQPSK, QAM64 BPSK, QPSK, 16-QAM, 64-QAM, 256-QAM BPSK, QPSK, 16QAM, 64QAM BPSK, QPSK, 16-QAM, 64-QAM, 256-QAM DSSS based O-QPSK DSSS based O-QPSK DSSS based BPSK, O-QPSK DSSS based O-QPSK FSK, GFSK ASK, FSK FHSS based GFSK GFSK GFSK ASK, FSK Modulation UL QPSK, 16QAM QPSK, 16QAM GMSK, optional 8PSK BPSK, QPSK, 8PSK optional 16QAM DBPSK Peak data rate 1 Mbps 1 Mbps 10 kbps to 240 kbps DL up to 250 kbps; UL single tone up to 20 kbps, multitone up to 250 kbps 0.3 kbps - 50 kbps 100 bps up, 600 bps down 62.5 bps up, 500 bps down 20 kbps 9.6/16/19.2/ 32/36/38.4 kbps 1 kbps to 10 Mbps 100 bps 200 bps to 100 kbps 250 kbps 50 kbps to 1 Mbps 2.4 kbps b: 11 Mbps a/g/h/j: 54 Mbps n: 600 Mbps ac: 86.7 Mbps to 6.9 Gbps 6.76 Gbps 100 kbps to 40 Mbps 6 Mbps to 54 Mbps 26.7 Mbps to 568.9 Mbps 250 kbps 250 kbps 20 kbps, 40 kbps, 250 kbps 40 kbps to 250 kbps 9.6, 40 and 100 kbps 125 kbps 1 Mbps 1 Mbps 250 kbps 106, 212, 424, 848 kbps Maximum Range/Coverage (link budget) ~141 dB ~156 dB ~164 dB ~164 dB ~150-157 dB 3 ~146-162 dB 3 ~3 km (urban) ~4 km (urban) ~5 km (urban) ~3 km (urban) ~2 km (urban) ~1 km ~1 km ~200 m ~10 m ~1 km ~1 km ~1 km ~200 m ~200 m ~100 m ~30 m ~30 m ~300 m ~50 m ~50 m ~20-50 m ~20 cm Description LTE enhancements for MTC with new power saving mode Further LTE enhancements for MTC building on the work started in Cat-0, long battery life, low device cost, extended coverage compared to LTE MTC Cat-0 Low device cost, long battery life and extended coverage compared to GPRS/GSM devices Clean-slate technology added to the LTE platform optimized for the low end of the IoT market; provides lower cost, extended coverage and long battery life compared to eMTC Cat M Long-range, low-power connectivity application that needs to send small, infrequent burst of data such as alarm systems or simple metering Aimed at smart cities - wireless lighting, smart parking Long range connectivity for smart grid, intelligent lighting, advanced metering infrastructure, oil and gas automation plus more and rail transit 2-way communication; ideal for use in the smart oil and gas sector because there is likely TVWS available 1-way communication (no downlink transmission); ideal for sensor-based networks, temperature readings, tank level monitoring, metering 2-way communication; ideal for private networks and things where both uplink data and downlink control are important to the utility last-mile, outdoor access network that connects smart meters and distribution automation devices to WAN gateways. Utility last-mile,outdoor access network that connects smart meters and distribution automation devices Remote meter reading Evolving family of wireless local area networks Extending 802.11 standards to enable high performance wireless data, display and audio applications Large scale sensor networks and meters, extended range hotspot, outdoor WiFi for cellular Wireless Access in Vehicular Environment (WAVE) WLAN operation in TV white space spectrum with focus on sensor networks For industrial applications - multiplexed protocol for accessing multiple nodes of sensors and actuators For industrial applications Provides the higher layers including the application layer on top of 802.14.4 PHY/MAC; used for home automation, smart meter, light link plus more for the home; built on existing standards including 802.15.4 IETF IPv6 and 6LoWPAN For home monitoring and control for energy harvesting applications that are extremely low power Well suited for sensors, actuators and other small devices that require extremely low power consumption Focus on sport, wellness management and home health monitoring Designed by Microchip Technology for low data transmission rates and short distance Near Field Communiation/ Smart Payment Cards Mobile and contactless payment brought in close proximity Comments Also referred to as Cat M1 Also referred to as Cat M2 LoRa physical layer LoRaWAN is the MAC layer. The intellectual property (IP) for LoRa is owned by Semtech. SIGFOX is LPWAN dedicated to IoT. Solution includes machine network, management platform and chipset/modules; OnRamp wireless rebranded to Ingenu in September 2015 PTC is GPS-based technology to prevent train-to-train collisions, over-speed derailments, unautho- rized incursion into work zones and train movement through switches left in the wrong position. ZigBee IP over 802.15.4g 6LoWPAN WLAN) is enhancement of existing WiFi targeting 5-10x throughput improvement; will operate in frequency bands between 1 GHz and 6 GHz; standard to 802.11ay is next generation 60 GHz (NG60) standard with up to 20 Gbps data rate for license-exempt bands above 45 GHz; standard H2 2019 Standard to be HART - Highway Addressable Remote Transducer 6LoWPAN ZigBee 3.0 added standard green power feature to ZigBee PRO network layer 6LoWPAN In December 2015, ZigBee and EnOcean alliances agree to collaborate to offer a 2.4 GHz energy harvesting wireless solution. 2016 roadmap for Bluetooth includes 4x increase in range, 100% increase in speed and support for mesh networking 1. Licensed Spectrum 2. Unlicensed and Lightly Licensed Spectrum 3. Sources differ on SIGFOX and LoRAWAN link budgets Cloud storage, intelligence and analytics Cable/fiber ADSL WiFiAP Bluetooth® NFC WiFi Cellular e.g. LTE WiFi Thread, ZigBee, Z-Wave WiFi Ethernet Satellite e.g. Iridium Industrial, vehicle, maritime, aviation, gateways e.g. LTE e.g.ISA100.11a e.g.Wi-SUN e.g. WiFi e.g.Telensa e.g. SIGFOX e.g. LoRa Sensors and actuators Consumer gateway – 3GPP LTE-MTC, eMTC/CAT M, LTE-V – 3GPP GSM, WCDMA, EC-GPRS – 3GPP2 Cdma2000 – WiMAX – NFC – EMV – ZigBee – Z-Wave – Thread (6LoWPAN) – EnOcean – Many others – ISA100.11a (6LoWPAN) – WirelessHART – Many others – 802.11a/b/g/n/ac (WiFi) – 802.11ah (WiFi HaLow, 1 km) – 802.11p (V2X) – 802.11af (white space) – Wi-SUN (6LoWPAN) – ZigBee NAN (6LoWPAN) – Wireless M-bus – Many others – SIGFOX – LoRa – Telensa – OnRamp/Ingenu – Weightless P – Many others Proximity WPAN WHAN WFAN WLAN WNAN WWAN LPWAN (licensed) LPWAN (un-licensed) Cellular (licensed) – 3GPP NB-IoT <10 cm <5 km <100 km Terms not precise – Bluetooth/LE – ANT+ – MiWi WPAN: Wireless Personal Area Network WHAN: Wireless Home Area Network WFAN: Wireless Field (or Factory) Area Network WLAN: Wireless Local Area Network WNAN: Wireless Neighborhood Area Network WWAN: Wireless Wide Area Network LPWAN: Low Power Wide Area Network : > Billion units/year now : Emerging 54-698 MHz (TVWS) Usually called 13.56 169 220 315 426 433 470 779 868 915 920 2400 5800 5900 MHz Aliasses NFC/EMV ISO14443 Wireless M-Bus EN13757 China WMRNET WMRNET I, II, III. IV LoRa SIGFOX Telensa OnRamp 802.15 4k Wi-SUN 802.15.4g/e/6LoWPAN ZigBee 802.15.4-2003, c d Thread 802.15.4-2003/6LoWPAN WirelessHART 802.15.4e ISA100.11a 802.15.4e/6LoWPAN Z-Wave ITU G9959 EnOcean ISO14543-3-10 ANT+ Bluetooth 802.15.1 802.11/a/b/g/n/ac WiFi 802.11ah (HaLow) WiFi HaLow 802.11p V2X 802.11af White Space Positive Train Ctrl 802.15.4p Sub-GHz IC families “802.15.4” family The red diamonds indicate the intersection of frequency band and IoT technology. IEEE802.15.4 Application layer Network Transport MAC PHY IEEE802.15.4 IEEE802.15.4ZigBee IEEE802.15.4Thread IEEE802.15.4WirelessHART ISA100.11a Smart be used. Smart Smart City Smart Car Care Industry Smart 5992-1217EN Internet of Things (IoT) Bluetooth and the Bluetooth logos are trademarks owned by Bluetooth SIG, Inc., U.S.A. and licensed to Keysight Technologies, Inc.
I o T M o d e l s The vast majority of things will not connect directly the IoT (if at all) but form clusters (clouds of aggregation) for sporadic connection
P r e c u r s o r I o T M o d e l s
P r e c u r s o r I o T M o d e l s
Things that think w ant to link things that link w ant to think P r e c u r s o r I o T M o d e l s
P o s t c u r s o r o u t c o m e s ?
P o s t c u r s o r o u t c o m e s ? life and intelligence are emergent properties of complexity Mother nature optimises nothing ! She goes for near enough is good enough - ie evolution tops out! Humans are the only life form that optimises performance - nature goes for minimal energy(ish) Mother nature employs simple mechanism to realise complex behaviours Humans employ complex mechanisms to realise simple outcomes!
E m e r g e n t B e h av i o u r s T h e r e i s l i t t l e d o u b t that the IoT will reveal m a n y n e w i n t e ra c t i ve relationships with some more ‘intelligent’ than others… A n e t w o r k g e n e r a l l y beyond design and one with associations and c o m m u n i c a t i o n s t o come that will remain a mystery to us!
P r e c u r s o r E X P E R I E N C E I thin k w e ca n sa fely sa y n o on e un dersta n ds Socia l N etw ork s
Broadcasting MalwareResponding quarantine alert Wider Network Updated Latest Solution Update Dynamic isolation of infected devices and components leading to repairA mix of clean and infected Auto-immunity
Mirrors biological forebears Applied everywhere 24 x 7 ICs ISPs WiFi Hubs LANs Cards Traffic Servers Circuits Devices Internet Networks Organisations Companies Platforms Groups People Mobile Fixed the real thing
Auto-immunity Mirrors biological forebears Applied everywhere 24 x 7 ICs ISPs WiFi Hubs LANs Cards Traffic Servers Circuits Devices Internet Networks Organisations Companies Platforms Groups People Mobile Fixed Auto-immunity Slow-Motion Simulation
Auto-immunity Mirrors biological forebears Applied everywhere 24 x 7 ICs ISPs WiFi Hubs LANs Cards Traffic Servers Circuits Devices Internet Networks Organisations Companies Platforms Groups People Mobile Fixed Auto-immunity Slow-Motion Simulation Network people travel device vehicle Movement
T H E B I G G e r P I C T U R E The Dark Side are winning because they are 100% committed and see this war as total; a much wider conflict than CYBER alone… They are far more integrated and sharing - than we are and operate as a virtualised workforce driven by money and evil intent… We do not anticipate their innovation, tactics, tools, attacks, and we don’t think as they do…we are always on the back foot! Develop Dark Side technology Start thinking like the enemy Develop better radar systems Build automatic react systems Cooperate on developments War game attack scenarios Anticipate the next attack Share all data & solutions We need to:
Sociology of Things Sociology of People D o m i n a n t M o d e T o C o m e
Sociology of Things Sociology of People D o m i n a n t M o d e T o C o m e People Devices Computers THINGS AI+Robots +Computers +Smart Nets Devices People
Sociology of Things Sociology of People D o m i n a n t M o d e T o C o m e People Devices Computers THINGS AI+Robots +Computers +Smart Nets Devices People W e have no models only simulations and aw ait emergent properties/behaviours
A new model ? Aping the aircraft industry Sharing all incident information, alerts, and solution across the entire cybersphere WE have to join forces a n d s h a r e r e s o u r c e s , o r ‘ T h e D a r k S i d e ’ will continue to grow and prosper….. The Dark Side is winning They have a far better business model ! An open market Resource sharing Info sharing Dedicated No constraints: NO legal, ethical, moral, societal, regulatory or any other frames of reference…all crimes admisible with well funded R&D - a flexible, dynamic, driven by greed, money and power.. They operate as ‘one’ - share knowledge and experience with info as collateral… A (modern) globally virtualised operation sans any identifiable core!
Organisations Companies Platforms Groups People Mobile Fixed Mirrorsbiologicalforebears ANewModelA new model ? Aping the aircraft industry Sharing all incident information, alerts, and solution across the entire cybersphere WE have to join forces a n d s h a r e r e s o u r c e s , o r ‘ T h e D a r k S i d e ’ will continue to grow and prosper…..
petercochrane.com thank you The future of our global security demands far more sharing and collaboration between peoples and AI + machines, networks & later - QC

Recommended

The Philosophy of Science
The Philosophy of ScienceThe Philosophy of Science
The Philosophy of ScienceUniversity of Hertfordshire
 
Future Telecoms Challenges & Opportunities
Future Telecoms Challenges & OpportunitiesFuture Telecoms Challenges & Opportunities
Future Telecoms Challenges & OpportunitiesUniversity of Hertfordshire
 
Thermodynamics - Laws Embracing Our Universe
Thermodynamics - Laws Embracing Our UniverseThermodynamics - Laws Embracing Our Universe
Thermodynamics - Laws Embracing Our UniverseUniversity of Hertfordshire
 
Applied Science - Engineering Systems
Applied Science - Engineering SystemsApplied Science - Engineering Systems
Applied Science - Engineering SystemsUniversity of Hertfordshire
 
IoT Yet to Come
IoT Yet to ComeIoT Yet to Come
IoT Yet to ComeUniversity of Hertfordshire
 
The Scientific Meme
The Scientific Meme The Scientific Meme
The Scientific Meme University of Hertfordshire
 
Uncanny Valley and Human Destiny
Uncanny Valley and Human DestinyUncanny Valley and Human Destiny
Uncanny Valley and Human DestinyUniversity of Hertfordshire
 
Resurgence of Technology Driven Change
Resurgence of Technology Driven ChangeResurgence of Technology Driven Change
Resurgence of Technology Driven ChangeUniversity of Hertfordshire
 

Recommended

The Philosophy of Science
The Philosophy of ScienceThe Philosophy of Science
The Philosophy of ScienceUniversity of Hertfordshire
 
Future Telecoms Challenges & Opportunities
Future Telecoms Challenges & OpportunitiesFuture Telecoms Challenges & Opportunities
Future Telecoms Challenges & OpportunitiesUniversity of Hertfordshire
 
Thermodynamics - Laws Embracing Our Universe
Thermodynamics - Laws Embracing Our UniverseThermodynamics - Laws Embracing Our Universe
Thermodynamics - Laws Embracing Our UniverseUniversity of Hertfordshire
 
Applied Science - Engineering Systems
Applied Science - Engineering SystemsApplied Science - Engineering Systems
Applied Science - Engineering SystemsUniversity of Hertfordshire
 
IoT Yet to Come
IoT Yet to ComeIoT Yet to Come
IoT Yet to ComeUniversity of Hertfordshire
 
The Scientific Meme
The Scientific Meme The Scientific Meme
The Scientific Meme University of Hertfordshire
 
Uncanny Valley and Human Destiny
Uncanny Valley and Human DestinyUncanny Valley and Human Destiny
Uncanny Valley and Human DestinyUniversity of Hertfordshire
 
Resurgence of Technology Driven Change
Resurgence of Technology Driven ChangeResurgence of Technology Driven Change
Resurgence of Technology Driven ChangeUniversity of Hertfordshire
 
Society 5.0: A Vital Symbiosis
Society 5.0: A Vital SymbiosisSociety 5.0: A Vital Symbiosis
Society 5.0: A Vital SymbiosisUniversity of Hertfordshire
 
Cyber Portents and Precursors
Cyber Portents and PrecursorsCyber Portents and Precursors
Cyber Portents and PrecursorsUniversity of Hertfordshire
 
Technology Overlords Or A Symbiosis ?
Technology Overlords Or A Symbiosis ?Technology Overlords Or A Symbiosis ?
Technology Overlords Or A Symbiosis ?University of Hertfordshire
 
THE FUTURE OF MOBILE NETWORKS
THE FUTURE OF MOBILE NETWORKS THE FUTURE OF MOBILE NETWORKS
THE FUTURE OF MOBILE NETWORKS University of Hertfordshire
 
Quantifying Machine Intelligence Mathematically
Quantifying Machine Intelligence MathematicallyQuantifying Machine Intelligence Mathematically
Quantifying Machine Intelligence MathematicallyUniversity of Hertfordshire
 
Technologies That Will Change Everything
Technologies That Will Change EverythingTechnologies That Will Change Everything
Technologies That Will Change EverythingUniversity of Hertfordshire
 
Cyber Security - Thinking Like The Enemy
Cyber Security - Thinking Like The EnemyCyber Security - Thinking Like The Enemy
Cyber Security - Thinking Like The EnemyUniversity of Hertfordshire
 
Society 5.0 Redefined
Society 5.0 RedefinedSociety 5.0 Redefined
Society 5.0 RedefinedUniversity of Hertfordshire
 
The Future WorkScape
The Future WorkScapeThe Future WorkScape
The Future WorkScapeUniversity of Hertfordshire
 
Engineering Reliability and Resilience
Engineering Reliability and ResilienceEngineering Reliability and Resilience
Engineering Reliability and ResilienceUniversity of Hertfordshire
 
Smart Materials and Structures
Smart Materials and StructuresSmart Materials and Structures
Smart Materials and StructuresUniversity of Hertfordshire
 
TRUTH, SITUATION, & CONTEXT AWARENESS
TRUTH, SITUATION, & CONTEXT AWARENESSTRUTH, SITUATION, & CONTEXT AWARENESS
TRUTH, SITUATION, & CONTEXT AWARENESSUniversity of Hertfordshire
 
The Scientific Method
The Scientific MethodThe Scientific Method
The Scientific MethodUniversity of Hertfordshire
 
Its My Data Not Yours!
Its My Data Not Yours!Its My Data Not Yours!
Its My Data Not Yours!University of Hertfordshire
 
Cyber Security - Becoming Evil
Cyber Security - Becoming EvilCyber Security - Becoming Evil
Cyber Security - Becoming EvilUniversity of Hertfordshire
 
Wireless Past Present Future
Wireless Past Present FutureWireless Past Present Future
Wireless Past Present FutureUniversity of Hertfordshire
 
QUANTUM COMPUTING REALITY CHECK
QUANTUM COMPUTING REALITY CHECKQUANTUM COMPUTING REALITY CHECK
QUANTUM COMPUTING REALITY CHECKUniversity of Hertfordshire
 
Cyber Security in a Fully Mobile World
Cyber Security in a Fully Mobile WorldCyber Security in a Fully Mobile World
Cyber Security in a Fully Mobile WorldUniversity of Hertfordshire
 
MSP Automation - Application and Execution
MSP Automation - Application and ExecutionMSP Automation - Application and Execution
MSP Automation - Application and ExecutionUniversity of Hertfordshire
 
ICTON 2020 KeyNote: Evolving Network Security & Resilience
ICTON 2020 KeyNote: Evolving Network Security & ResilienceICTON 2020 KeyNote: Evolving Network Security & Resilience
ICTON 2020 KeyNote: Evolving Network Security & ResilienceUniversity of Hertfordshire
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

More Related Content

More from University of Hertfordshire

ICTON 2020 KeyNote: Evolving Network Security & Resilience
ICTON 2020 KeyNote: Evolving Network Security & ResilienceICTON 2020 KeyNote: Evolving Network Security & Resilience
ICTON 2020 KeyNote: Evolving Network Security & ResilienceUniversity of Hertfordshire
 

More from University of Hertfordshire (20)

Society 5.0: A Vital Symbiosis
Society 5.0: A Vital SymbiosisSociety 5.0: A Vital Symbiosis
Society 5.0: A Vital Symbiosis
 
Cyber Portents and Precursors
Cyber Portents and PrecursorsCyber Portents and Precursors
Cyber Portents and Precursors
 
Technology Overlords Or A Symbiosis ?
Technology Overlords Or A Symbiosis ?Technology Overlords Or A Symbiosis ?
Technology Overlords Or A Symbiosis ?
 
THE FUTURE OF MOBILE NETWORKS
THE FUTURE OF MOBILE NETWORKS THE FUTURE OF MOBILE NETWORKS
THE FUTURE OF MOBILE NETWORKS
 
Quantifying Machine Intelligence Mathematically
Quantifying Machine Intelligence MathematicallyQuantifying Machine Intelligence Mathematically
Quantifying Machine Intelligence Mathematically
 
Technologies That Will Change Everything
Technologies That Will Change EverythingTechnologies That Will Change Everything
Technologies That Will Change Everything
 
Cyber Security - Thinking Like The Enemy
Cyber Security - Thinking Like The EnemyCyber Security - Thinking Like The Enemy
Cyber Security - Thinking Like The Enemy
 
Society 5.0 Redefined
Society 5.0 RedefinedSociety 5.0 Redefined
Society 5.0 Redefined
 
The Future WorkScape
The Future WorkScapeThe Future WorkScape
The Future WorkScape
 
Engineering Reliability and Resilience
Engineering Reliability and ResilienceEngineering Reliability and Resilience
Engineering Reliability and Resilience
 
Smart Materials and Structures
Smart Materials and StructuresSmart Materials and Structures
Smart Materials and Structures
 
TRUTH, SITUATION, & CONTEXT AWARENESS
TRUTH, SITUATION, & CONTEXT AWARENESSTRUTH, SITUATION, & CONTEXT AWARENESS
TRUTH, SITUATION, & CONTEXT AWARENESS
 
The Scientific Method
The Scientific MethodThe Scientific Method
The Scientific Method
 
Its My Data Not Yours!
Its My Data Not Yours!Its My Data Not Yours!
Its My Data Not Yours!
 
Cyber Security - Becoming Evil
Cyber Security - Becoming EvilCyber Security - Becoming Evil
Cyber Security - Becoming Evil
 
Wireless Past Present Future
Wireless Past Present FutureWireless Past Present Future
Wireless Past Present Future
 
QUANTUM COMPUTING REALITY CHECK
QUANTUM COMPUTING REALITY CHECKQUANTUM COMPUTING REALITY CHECK
QUANTUM COMPUTING REALITY CHECK
 
Cyber Security in a Fully Mobile World
Cyber Security in a Fully Mobile WorldCyber Security in a Fully Mobile World
Cyber Security in a Fully Mobile World
 
MSP Automation - Application and Execution
MSP Automation - Application and ExecutionMSP Automation - Application and Execution
MSP Automation - Application and Execution
 
ICTON 2020 KeyNote: Evolving Network Security & Resilience
ICTON 2020 KeyNote: Evolving Network Security & ResilienceICTON 2020 KeyNote: Evolving Network Security & Resilience
ICTON 2020 KeyNote: Evolving Network Security & Resilience
 

Recently uploaded

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Recently uploaded (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

An Impending Security CrisisSecurity crisis

  • 1. An impending Security Crisis Prof Peter Cochrane OBE, DSc petercochrane.com Annual Alumni Network Event London, Docklands, 28 Nov 19
  • 2. A f t e r T h o u g H t Security is rarely designed into any system from Day 1 and it is almost never a fully integrated component. It mostly comes in the form of a last minute kluge! - engineered in a panic demanding constant updates… S e c u r i t y Elements
  • 3. A f t e r T h o u g H t Security is rarely designed into any system from Day 1 and it is almost never a fully integrated component. It mostly comes in the form of a last minute kluge! - engineered in a panic demanding constant updates… S e c u r i t y Elements
  • 4. A L W Ay s O u t o f s y n c Security funding tends to be in ant-phase to reported attacks and sees a cycle of under resources and increased exposure at exactly the wrong time!
  • 5. Security Depts are always reactive to yesterdays threats and never anticipate the new developments of the Dark Side. They are also engaged in a war where they never strike back…we therefore present a soft target-rich environment W r o n g f o o t e d
  • 6. To be a good Defender you have to have been a good Attacker. Anticipating attacks and new modes means thinking and acting like the enemy. BUT evil thinking is so very h a r d f o r e s s e n t i a l l y g o o d , ethical, honest people! R I G H T f o o t e d BTW: Not all hackers are young white males wearing jeans, T-Shirt, and a Hoodie!
  • 7. s tat e s p o n s o r e d Amongst the best educated/trained & funded/supported/motivated groups on the planet often under-rated but perhaps presenting the biggest clear and present danger Discounted to feared in <5 years
  • 8. P o p u l a r At ta c k M o d e s https://www.helpnetsecurity.com/2016/02/12/know-your-enemy-the-most-popular-hacking-methods/
  • 9. At ta c k s c e n a r i o 2 0 1 9 https://pagely.com/blog/cyber-attacks-in-2018/
  • 10. A generally accepted industry conference wide perspective T h r e at s c a p e
  • 11. A generally accepted industry conference wide perspective The IOTISMissing Insider threat Recognised But NOT YET A PRIORITY T h r e at s c a p e
  • 12. B e h av i o u r a l A n a ly s i s ( 1 )
  • 13. B e h av i o u r a l A n a ly s i s ( 1 )People, Devices, Routers, Networks, Computers, Systems etc are all habitual! Deviations from the ‘normal’ pattern of behaviours indicates an exception to the working day. Comparisons with co-workers can reveal some nuances, but modern working sees distinctly different styles/patterns. The job of the Security Monitoring system is to trigger a deep dive - to check legitimacy - and to ask why, what, for whom…
  • 14. B e h av i o u r a l A n a ly s i s T he N SA we re d e f i c i e n t i n t h e i r i n t e r n a l s e c u r i t y … h e was actually very easy to catch! Sno wde n was smarter depicted in the 2016 Mo v ie b ut not by a big margin! Massive Block Downloads in a short time period is a big flag! An open screen showing the downloads in action is far too risky and a dummy cover is needed Hiding things in plain sight, but hading the Rubik’s Cube to the security guard was far too chancy! The security check on the ion/out gate was weak and needed beefing up significantly!
  • 15. A h e a d o f t h e g a m e ? C a s i n o s a n d b e h a v i o u r a l a n a l y s i s To d a t e h u m a n o b s e r v e r s o n l y w i t h a g r o w i n g n e e d f o r a u t o m a t i o n a n d A I - p r o b a b l y l e s s t h a n a d e c a d e a w a y !
  • 16. S e e n a s a 1 9 8 4 D y s t o p i a n F u t u r e i n t h e W e s t ! G o v e r n a n c e & P o l i c i n g o f e n t i r e C i t i e s , T o w n s a n d C o u n t r y C h i n a l e a d i n g B u t t h i s i s l i k e l y t o b e a p r e c u r s o r t o w o r k p l a c e , o f p e o p l e , m a c h i n e s , d e v i c e s a n d t h e n e t w o r k m o n i t o r i n g r e q u i r e d t o n e g a t e t h e i n s i d e r t h r e a t ! I t i s o u r c h o i c e …
  • 17. BIO-TECH nano-TECH AIRoboticsMulti-Disciplinary hot spot for the 21C New materials New industries New processes New capabilities Lower energy Lower waste Less friction The IoT Industry 4.0 The nervous system of the planet and all we produce and uses Our only tractable model for a future sustainable for all peoples and the planet!
  • 18. T h e At tac k S u r fac e Magnifying the Dark Side opportunity >200 fold An IoT connecting almost everything from food to clothing, appliances to office equipment, industrial production lines to fitness and health devices, through to vehicles buildings, highways, bridges and other infrastructures to achieve a sustainable world economy using far less material and energy whilst realising high-efficiency recovery, reuse and repurposing…
  • 19. S p e e d o f G r o w t h Exponentially magnifying attack opportunities https://www.comparitech.com/vpn/cybersecurity-cyber-crime-statistics-facts-trends/
  • 20. S p e e d o f G r o w t h E x p o n e n t i a l l y g r o w i n g a t t a c k b u d g e t ! https://www.thesslstore.com/blog/2018-cybercrime-statistics/ CyberCrime will soon be able to join the G7 It is expected to overtake the UK economy in 2023
  • 21. I o T D e v i c e s Mostly produced in China ? No integral security in the early years ? Open/weak portal’ opportunities await the attackers
  • 22. SystemVue W1906EP 5G Baseband X-Series MXG/EXG89600 PNA and ENA N9038A MXEE7515A UXMN6705B CX3300A Series T3111A NFC System T4000S RCT & RRM Systems M9420A VXT X-Series E6640A EXM i3070 Test Systems ManufacturingComplianceDesign ValidationR & D Deployment KEYSIGHT SERVICES Accelerate Technology Adoption. Lower costs. Consulting Training Product Purchase Alternatives One-Stop Calibration Repair Asset Management Technology Refresh Cellular Wireless Wide Area Network (WWAN) 1 Low Power Wide Area Network (LPWAN) 1 Low Power Wide Area Network (LPWAN) 2 Wireless Neighborhood Area Network (WNAN) 2 Wireless Local Area Network (WLAN) 2 Wireless Field (or Factory) Area Network (WFAN) 2 Wireless Home Area Network (WHAN) 2 Wireless Personal Area Network (WPAN) 2 Proximity 2 Technology LTE MTC Cat 0 LTE eMTC Cat M EC-GPRS NB-IoT LoRaWAN SIGFOX Telensa OnRamp / Ingenu Positive Train Con- trol (PTC) Weightless-W Weightless-N Weightless-P ZigBee NAN Wi-SUN Wireless M-Bus WiFi WiGig WiFi HaLow WiFi WAVE TV White Space Wireless HART ISA100.11a ZigBee Thread Z-Wave EnOcean Bluetooth 4.0/4.1/4.2 Low Energy ANT+ MiWi NFC Governing body/Standards 3GPP Rel 12 3GPP Rel 13 3GPP Rel 13 3GPP Rel 13 LoRa Alliance SIGFOX Wireless Internet of Things Forum (WIoTF) Ingenu (formerly OnRamp) IEEE 802.15.4p Weightless Special Interest Group (SIG) Weightless SIG Weightless SIG ZigBee Alliance IEEE 802.15.4g Wi-SUN Alliance IEEE 802.15.4g European Norm: EN 13757 WiFi Alliance IEEE 802.11a/b/g/n/ac WiFi Alliance IEEE 802.11ad WiFi Alliance IEEE 802.11ah WiFi Alliance IEEE 802.11p WiFi Alliance IEEE 802.11af FieldComm Group IEEE 802.15.4e ISA100 Committee IEEE 802.15.4e ZigBee Alliance IEEE 802.15.4 Thread Group IEEE 802.15.4 Z-Wave Alliance ITU G.9959 EnOcean Alliance ISO/IEC 14543-3-1x Bluetooth special interest group (SIG) ANT+ Alliance IEEE 802.15.4 Microchip Technology NFC Forum, ISO/IEC 14443 & 18000-3 Frequency (MHz) Uses LTE technology and frequency bands GSM bands In-band LTE carrier, or within LTE guard bands, or standalone in re-farmed GSM spectrum Regional sub-GHz bands Regional sub-GHz bands Regional sub-GHz bands Global band: 2.4 GHz 220 MHz TV White Space (TVWS) Regional sub-GHz bands Regional sub-GHz bands Regional sub-GHz bands Regional sub-GHz and global 2.4 GHz bands Regional sub-GHz bands Global bands: 2.4, 5.8 GHz 60 GHz band: 57 - 66 GHz Regional sub-GHz bands Global (5.8 GHz) and regional (5.9 GHz) bands 54-790 MHz Global band: 2.4 GHz Global band: 2.4 GHz Regional sub-GHz and global 2.4 GHz bands Global band: 2.4 GHz Regional sub-GHz bands Regional sub-GHz bands Global band: 2.4 GHz Global band: 2.4 GHz Regional sub-GHz and global 2.4 GHz bands Global band: 13.56 MHz DL bandwidth 20 MHz 1.4 MHz 200 kHz 180 kHz (15 kHz sub-carrier spacing) 125 kHz, 500 kHz Base station listening bandwidth: 200 kHz, 100 Hz UL channels; 600 Hz DL channels 1 MHz 12.5, 25 kHz 5 MHz 200 Hz 12.5 kHz 600 kHz, 1.2 MHz, 2 MHz 200 kHz to 1.2 MHz 5.5 to 6 kHz ,12.5 kHz, 40 to 80 kHz 20, 21, 22, 23, 24, 40, 80, 160 MHz 2.16 GHz 1,2,4,8 and 16 MHz 10 MHz 6- to 8- MHz-wide channels 3 MHz 5 MHz Channel Spacing 600 kHz, 1.2 MHz, 2 MHz 5 MHz 200 kHz 62.5 kHz 2 MHz 1 MHz Proprietary 1 MHz UL bandwidth 20 MHz 1.4 MHz 200 kHz Single-tone: 180 kHz (3.75 kHz or 15 kHz spacing) or Multitone: 180 kHz (15 kHz sub-carrier spacing) 125, 250, 500 kHz Multiple access DL OFDMA OFDMA TDMA OFDMA Proprietary Chirp Spread Spectrum (CSS) Proprietary UNB/FHSS Proprietary UNB/FHSS Random Phase Multiple Access (RPMA) TDMA FDMA + TDMA UNB FDMA + TDMA Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) OFDM, DSSS, OFDMA Single carrier with spread spectrum OFDM OFDM OFDM TDMA TDMA with collision avoidance Carrier Sense Multiple Access with Collision avoidance (CSMA/CA) Carrier Sense Multiple Access with Collision avoidance (CSMA/CA) TDMA TDMA TDMA TDMA TDMA Electromagnetic coupling Multiple access UL SC-FDMA SC-FDMA TDMA Single-tone FDMA or multitone SC-FDMA Modulation DL QPSK, 16QAM, 64QAM QPSK, 16QAM, 64QAM GMSK, optional 8PSK BPSK, QPSK, optional 16QAM LoRa; (G)FSK GFSK 2FSK BPSK, OQPSK,FSK, GFSK, P-FSK, P-GFSK GMSK, C4FM, QPSK, BPSK/QPSK/16QAM DBPSK GMSK, OQPSK DSSS (Direct Sequence Spread Spectrum), BPSK, O-QPSK MR-FSK/MR-OFDM/ MR-O-QPSK FSK/GFSK/GMSK/4GFSK CCK, BPSK, QPSK, 16-QAM, 64-QAM, 256-QAM QAM16, SQPSK, QAM64 BPSK, QPSK, 16-QAM, 64-QAM, 256-QAM BPSK, QPSK, 16QAM, 64QAM BPSK, QPSK, 16-QAM, 64-QAM, 256-QAM DSSS based O-QPSK DSSS based O-QPSK DSSS based BPSK, O-QPSK DSSS based O-QPSK FSK, GFSK ASK, FSK FHSS based GFSK GFSK GFSK ASK, FSK Modulation UL QPSK, 16QAM QPSK, 16QAM GMSK, optional 8PSK BPSK, QPSK, 8PSK optional 16QAM DBPSK Peak data rate 1 Mbps 1 Mbps 10 kbps to 240 kbps DL up to 250 kbps; UL single tone up to 20 kbps, multitone up to 250 kbps 0.3 kbps - 50 kbps 100 bps up, 600 bps down 62.5 bps up, 500 bps down 20 kbps 9.6/16/19.2/ 32/36/38.4 kbps 1 kbps to 10 Mbps 100 bps 200 bps to 100 kbps 250 kbps 50 kbps to 1 Mbps 2.4 kbps b: 11 Mbps a/g/h/j: 54 Mbps n: 600 Mbps ac: 86.7 Mbps to 6.9 Gbps 6.76 Gbps 100 kbps to 40 Mbps 6 Mbps to 54 Mbps 26.7 Mbps to 568.9 Mbps 250 kbps 250 kbps 20 kbps, 40 kbps, 250 kbps 40 kbps to 250 kbps 9.6, 40 and 100 kbps 125 kbps 1 Mbps 1 Mbps 250 kbps 106, 212, 424, 848 kbps Maximum Range/Coverage (link budget) ~141 dB ~156 dB ~164 dB ~164 dB ~150-157 dB 3 ~146-162 dB 3 ~3 km (urban) ~4 km (urban) ~5 km (urban) ~3 km (urban) ~2 km (urban) ~1 km ~1 km ~200 m ~10 m ~1 km ~1 km ~1 km ~200 m ~200 m ~100 m ~30 m ~30 m ~300 m ~50 m ~50 m ~20-50 m ~20 cm Description LTE enhancements for MTC with new power saving mode Further LTE enhancements for MTC building on the work started in Cat-0, long battery life, low device cost, extended coverage compared to LTE MTC Cat-0 Low device cost, long battery life and extended coverage compared to GPRS/GSM devices Clean-slate technology added to the LTE platform optimized for the low end of the IoT market; provides lower cost, extended coverage and long battery life compared to eMTC Cat M Long-range, low-power connectivity application that needs to send small, infrequent burst of data such as alarm systems or simple metering Aimed at smart cities - wireless lighting, smart parking Long range connectivity for smart grid, intelligent lighting, advanced metering infrastructure, oil and gas automation plus more and rail transit 2-way communication; ideal for use in the smart oil and gas sector because there is likely TVWS available 1-way communication (no downlink transmission); ideal for sensor-based networks, temperature readings, tank level monitoring, metering 2-way communication; ideal for private networks and things where both uplink data and downlink control are important to the utility last-mile, outdoor access network that connects smart meters and distribution automation devices to WAN gateways. Utility last-mile,outdoor access network that connects smart meters and distribution automation devices Remote meter reading Evolving family of wireless local area networks Extending 802.11 standards to enable high performance wireless data, display and audio applications Large scale sensor networks and meters, extended range hotspot, outdoor WiFi for cellular Wireless Access in Vehicular Environment (WAVE) WLAN operation in TV white space spectrum with focus on sensor networks For industrial applications - multiplexed protocol for accessing multiple nodes of sensors and actuators For industrial applications Provides the higher layers including the application layer on top of 802.14.4 PHY/MAC; used for home automation, smart meter, light link plus more for the home; built on existing standards including 802.15.4 IETF IPv6 and 6LoWPAN For home monitoring and control for energy harvesting applications that are extremely low power Well suited for sensors, actuators and other small devices that require extremely low power consumption Focus on sport, wellness management and home health monitoring Designed by Microchip Technology for low data transmission rates and short distance Near Field Communiation/ Smart Payment Cards Mobile and contactless payment brought in close proximity Comments Also referred to as Cat M1 Also referred to as Cat M2 LoRa physical layer LoRaWAN is the MAC layer. The intellectual property (IP) for LoRa is owned by Semtech. SIGFOX is LPWAN dedicated to IoT. Solution includes machine network, management platform and chipset/modules; OnRamp wireless rebranded to Ingenu in September 2015 PTC is GPS-based technology to prevent train-to-train collisions, over-speed derailments, unautho- rized incursion into work zones and train movement through switches left in the wrong position. ZigBee IP over 802.15.4g 6LoWPAN WLAN) is enhancement of existing WiFi targeting 5-10x throughput improvement; will operate in frequency bands between 1 GHz and 6 GHz; standard to 802.11ay is next generation 60 GHz (NG60) standard with up to 20 Gbps data rate for license-exempt bands above 45 GHz; standard H2 2019 Standard to be HART - Highway Addressable Remote Transducer 6LoWPAN ZigBee 3.0 added standard green power feature to ZigBee PRO network layer 6LoWPAN In December 2015, ZigBee and EnOcean alliances agree to collaborate to offer a 2.4 GHz energy harvesting wireless solution. 2016 roadmap for Bluetooth includes 4x increase in range, 100% increase in speed and support for mesh networking 1. Licensed Spectrum 2. Unlicensed and Lightly Licensed Spectrum 3. Sources differ on SIGFOX and LoRAWAN link budgets Cloud storage, intelligence and analytics Cable/fiber ADSL WiFiAP Bluetooth® NFC WiFi Cellular e.g. LTE WiFi Thread, ZigBee, Z-Wave WiFi Ethernet Satellite e.g. Iridium Industrial, vehicle, maritime, aviation, gateways e.g. LTE e.g.ISA100.11a e.g.Wi-SUN e.g. WiFi e.g.Telensa e.g. SIGFOX e.g. LoRa Sensors and actuators Consumer gateway – 3GPP LTE-MTC, eMTC/CAT M, LTE-V – 3GPP GSM, WCDMA, EC-GPRS – 3GPP2 Cdma2000 – WiMAX – NFC – EMV – ZigBee – Z-Wave – Thread (6LoWPAN) – EnOcean – Many others – ISA100.11a (6LoWPAN) – WirelessHART – Many others – 802.11a/b/g/n/ac (WiFi) – 802.11ah (WiFi HaLow, 1 km) – 802.11p (V2X) – 802.11af (white space) – Wi-SUN (6LoWPAN) – ZigBee NAN (6LoWPAN) – Wireless M-bus – Many others – SIGFOX – LoRa – Telensa – OnRamp/Ingenu – Weightless P – Many others Proximity WPAN WHAN WFAN WLAN WNAN WWAN LPWAN (licensed) LPWAN (un-licensed) Cellular (licensed) – 3GPP NB-IoT <10 cm <5 km <100 km Terms not precise – Bluetooth/LE – ANT+ – MiWi WPAN: Wireless Personal Area Network WHAN: Wireless Home Area Network WFAN: Wireless Field (or Factory) Area Network WLAN: Wireless Local Area Network WNAN: Wireless Neighborhood Area Network WWAN: Wireless Wide Area Network LPWAN: Low Power Wide Area Network : > Billion units/year now : Emerging 54-698 MHz (TVWS) Usually called 13.56 169 220 315 426 433 470 779 868 915 920 2400 5800 5900 MHz Aliasses NFC/EMV ISO14443 Wireless M-Bus EN13757 China WMRNET WMRNET I, II, III. IV LoRa SIGFOX Telensa OnRamp 802.15 4k Wi-SUN 802.15.4g/e/6LoWPAN ZigBee 802.15.4-2003, c d Thread 802.15.4-2003/6LoWPAN WirelessHART 802.15.4e ISA100.11a 802.15.4e/6LoWPAN Z-Wave ITU G9959 EnOcean ISO14543-3-10 ANT+ Bluetooth 802.15.1 802.11/a/b/g/n/ac WiFi 802.11ah (HaLow) WiFi HaLow 802.11p V2X 802.11af White Space Positive Train Ctrl 802.15.4p Sub-GHz IC families “802.15.4” family The red diamonds indicate the intersection of frequency band and IoT technology. IEEE802.15.4 Application layer Network Transport MAC PHY IEEE802.15.4 IEEE802.15.4ZigBee IEEE802.15.4Thread IEEE802.15.4WirelessHART ISA100.11a Smart be used. Smart Smart City Smart Car Care Industry Smart 5992-1217EN Internet of Things (IoT) Bluetooth and the Bluetooth logos are trademarks owned by Bluetooth SIG, Inc., U.S.A. and licensed to Keysight Technologies, Inc.
  • 23. I o T M o d e l s The vast majority of things will not connect directly the IoT (if at all) but form clusters (clouds of aggregation) for sporadic connection
  • 24. P r e c u r s o r I o T M o d e l s
  • 25. P r e c u r s o r I o T M o d e l s
  • 26. Things that think w ant to link things that link w ant to think P r e c u r s o r I o T M o d e l s
  • 27. P o s t c u r s o r o u t c o m e s ?
  • 28. P o s t c u r s o r o u t c o m e s ? life and intelligence are emergent properties of complexity Mother nature optimises nothing ! She goes for near enough is good enough - ie evolution tops out! Humans are the only life form that optimises performance - nature goes for minimal energy(ish) Mother nature employs simple mechanism to realise complex behaviours Humans employ complex mechanisms to realise simple outcomes!
  • 29. E m e r g e n t B e h av i o u r s T h e r e i s l i t t l e d o u b t that the IoT will reveal m a n y n e w i n t e ra c t i ve relationships with some more ‘intelligent’ than others… A n e t w o r k g e n e r a l l y beyond design and one with associations and c o m m u n i c a t i o n s t o come that will remain a mystery to us!
  • 30. P r e c u r s o r E X P E R I E N C E I thin k w e ca n sa fely sa y n o on e un dersta n ds Socia l N etw ork s
  • 31. Broadcasting MalwareResponding quarantine alert Wider Network Updated Latest Solution Update Dynamic isolation of infected devices and components leading to repairA mix of clean and infected Auto-immunity
  • 32. Mirrors biological forebears Applied everywhere 24 x 7 ICs ISPs WiFi Hubs LANs Cards Traffic Servers Circuits Devices Internet Networks Organisations Companies Platforms Groups People Mobile Fixed the real thing
  • 33. Auto-immunity Mirrors biological forebears Applied everywhere 24 x 7 ICs ISPs WiFi Hubs LANs Cards Traffic Servers Circuits Devices Internet Networks Organisations Companies Platforms Groups People Mobile Fixed Auto-immunity Slow-Motion Simulation
  • 34. Auto-immunity Mirrors biological forebears Applied everywhere 24 x 7 ICs ISPs WiFi Hubs LANs Cards Traffic Servers Circuits Devices Internet Networks Organisations Companies Platforms Groups People Mobile Fixed Auto-immunity Slow-Motion Simulation Network people travel device vehicle Movement
  • 35. T H E B I G G e r P I C T U R E The Dark Side are winning because they are 100% committed and see this war as total; a much wider conflict than CYBER alone… They are far more integrated and sharing - than we are and operate as a virtualised workforce driven by money and evil intent… We do not anticipate their innovation, tactics, tools, attacks, and we don’t think as they do…we are always on the back foot! Develop Dark Side technology Start thinking like the enemy Develop better radar systems Build automatic react systems Cooperate on developments War game attack scenarios Anticipate the next attack Share all data & solutions We need to:
  • 36. Sociology of Things Sociology of People D o m i n a n t M o d e T o C o m e
  • 37. Sociology of Things Sociology of People D o m i n a n t M o d e T o C o m e People Devices Computers THINGS AI+Robots +Computers +Smart Nets Devices People
  • 38. Sociology of Things Sociology of People D o m i n a n t M o d e T o C o m e People Devices Computers THINGS AI+Robots +Computers +Smart Nets Devices People W e have no models only simulations and aw ait emergent properties/behaviours
  • 39. A new model ? Aping the aircraft industry Sharing all incident information, alerts, and solution across the entire cybersphere WE have to join forces a n d s h a r e r e s o u r c e s , o r ‘ T h e D a r k S i d e ’ will continue to grow and prosper….. The Dark Side is winning They have a far better business model ! An open market Resource sharing Info sharing Dedicated No constraints: NO legal, ethical, moral, societal, regulatory or any other frames of reference…all crimes admisible with well funded R&D - a flexible, dynamic, driven by greed, money and power.. They operate as ‘one’ - share knowledge and experience with info as collateral… A (modern) globally virtualised operation sans any identifiable core!
  • 40. Organisations Companies Platforms Groups People Mobile Fixed Mirrorsbiologicalforebears ANewModelA new model ? Aping the aircraft industry Sharing all incident information, alerts, and solution across the entire cybersphere WE have to join forces a n d s h a r e r e s o u r c e s , o r ‘ T h e D a r k S i d e ’ will continue to grow and prosper…..
  • 41. petercochrane.com thank you The future of our global security demands far more sharing and collaboration between peoples and AI + machines, networks & later - QC