Más contenido relacionado La actualidad más candente (20) Similar a neXt Curve reThink: What Meltdown & Spectre Mean for IoT Past, Present & Future? (20) neXt Curve reThink: What Meltdown & Spectre Mean for IoT Past, Present & Future?1. Inspiring Our Digital FutureCONFIDENTIAL AND PROPRIETARY
This presentation, including any supporting materials, is owned by neXt Curve and/or its affiliates and is for the sole use of the intended
neXt Curve audience or other intended recipients. This presentation may contain information that is confidential, proprietary or otherwise
legally protected, and it may not be further copied, distributed or publicly displayed without the express written permission of neXt Curve or
its affiliates.
© 2018 neXt Curve and/or its affiliates. All rights reserved.
reThink Webinar
What Do Meltdown & Spectre Mean for IoT Past,
Present & Future?
February 6, 2018
Version 1.0
2. © 2018 neXt Curve and/or its affiliates. All rights reserved.
Introducing neXt Curve
Leonard Lee
Managing Director &
Founder of neXt Curve
neXt Curve is a San Diego-based
boutique consulting and venture
capital firm focused on advising
entrepreneurs, enterprises and
governments in the building of a
better digital future for all.
“We believe that a better
future requires the proactive
incubation and funding of
transformative ideas and the
businesses that will make
those ideas happen.”
An executive consultant with
23-years of experience with
leading tech and strategy firms.
3. © 2018 neXt Curve and/or its affiliates. All rights reserved.
neXt Curve Principal Panel
4. © 2018 neXt Curve and/or its affiliates. All rights reserved.
Meltdown & Spectre: The Threat We Don’t Want To Talk About
Beyond Apple: The Internet Of Security Risk
Tackling The Great Digital Risk Of Our Time
1
2
3
Discussion Agenda
5. © 2018 neXt Curve and/or its affiliates. All rights reserved.
Meltdown & Spectre: The Threat
We Don’t Want To Talk About1
Agenda Topic 1
6. © 2018 neXt Curve and/or its affiliates. All rights reserved.
Both Spectre & Meltdown exploit a device-level CPU side
channel vulnerability in processors
Meltdown takes advantage of out of order execution
capabilities of certain CPUs
Spectre takes advantage of branch prediction capabilities
of certain CPUs
Meltdown & Spectre impact a wide range of devices with
affected processors produced since 1995
Not all devices are affected. There are processors such as
StrongARM, Raspberry Pi that are deemed to be immune
What Do We Know?
Network
Device
Data & Content
Business Applications
You or Your Customer
Processor
Threat
7. © 2018 neXt Curve and/or its affiliates. All rights reserved.
AV-TEST identified over 139
malware samples between
January 7 and January 31
which sought to exploit the
Meltdown & Spectre security
vulnerabilities.
We can only expect growing
number of attempts to exploit
Meltdown & Spectre, which
will keep consumers and
enterprises vigilant for the
foreseeable future.
Now We Know, And So Do Bad Actors!
Source: AV-TEST
8. © 2018 neXt Curve and/or its affiliates. All rights reserved.
Agenda Topic 2
Beyond Apple: The Internet of
Security Risk2
9. © 2018 neXt Curve and/or its affiliates. All rights reserved.
The Problem Is Bigger Than Your iPhone
Consumer Devices Business Devices
Industrial Devices
The Internet
of Things
10. © 2018 neXt Curve and/or its affiliates. All rights reserved.
The IoT Security Threat Landscape
Industrial Enterprise
Consumer
Digital,
Connected Devices
Digital Service
Providers
Data Center/
Edge Computing
Your Internet
of Things
11. © 2018 neXt Curve and/or its affiliates. All rights reserved.
Agenda Topic 3
Tackling The Great Security
Risk Of Our Time3
12. © 2018 neXt Curve and/or its affiliates. All rights reserved.
How Do You Get Started And What Will The
Journey To Remediation Look Like?
REMEDIATEPLANPRIORITIZEASSESSProcess
Tools
Risk Assessment
Framework
Remediation & Invest
Decision Model
Remediation
Strategy & Plan
Remediation
Implementation
Governance &
Program Model
Govern &
Manage
Vendors Service
Providers
Corporate
Tech
Business
Stakeholders
13. © 2018 neXt Curve and/or its affiliates. All rights reserved.
Recommendations for Business Leaders
Take a holistic, multi-layered approach to security risk assessment
Quickly qualify and communicate the Meltdown/Spectre-related risk
Establish a decision framework to prioritize remediation investments
Establish PMO to manage vendors and service providers
1
2
3
4
Continue to assess the threats coming into your IoT portfolio5
14. © 2018 neXt Curve and/or its affiliates. All rights reserved.
Where can I find more information?
Go to our website at www.next-curve.com
Download our reThink research note
Set up an inquiry call with neXt Curve
15. © 2018 neXt Curve and/or its affiliates. All rights reserved.
How can neXt Curve help?
neXt Curve offers services that can help your
team and organization conceptualize and
design new products and business models
against critical trends in digital technology that
will shape the market and competitive
landscapes of your industry.
neXt Curve works with you through four basic
formats that can get our extensive network of
executive-level consultants and renowned
industry analysts engaged with you in
addressing your most critical challenges.
16. © 2018 neXt Curve and/or its affiliates. All rights reserved.
neXt Curve Risk Assessment & Remediation
Strategy Workshop
neXt Curve designs and moderates a 2 to 3 Day Executive Workshop program to help you and your
team develop a strategy and plan to address the Meltdown & Spectre threat to your business.
Key Outcomes
High-Level Security Posture
Assessment
Environment Risk Profile
Prioritization Criteria &
Decision Model Framework
Remediation Strategy
Remediation Action Plan
Draft Governance & Program
Framework
17. © 2018 neXt Curve and/or its affiliates. All rights reserved.
Contacts
Leonard Lee
Managing Director
neXt Curve
leonard.lee@next-curve.com
(619) 405-8329
www.next-curve.com