SlideShare una empresa de Scribd logo

Cross Border Cyber Attacks: Impact on Digital Sovereignty

Saumil Shah
Saumil Shah

This document summarizes Saumil Shah's presentation on cross-border cyber attacks and their impact on digital sovereignty. The presentation discusses major cyber attacks since 2010, how cyber defense remains reactive, and the evolving global cyber landscape. It notes India's growing digital presence and vulnerabilities to mass-scale financial theft, sabotage, and psychological manipulation via cross-border cyber attacks. The presentation calls for realigning India's digital posture through developing an "IndigenOS" based on open standards, strengthening the role of CERT-IN, implementing stronger protections for Aadhaar data privacy, and establishing indigenous cryptography standards to bolster India's digital sovereignty.

Software
1 de 34
NETSQUARE CROSS BORDER CYBER ATTACKS: IMPACT ON DIGITAL SOVEREIGNTY Saumil Shah - CEO Net Square 24th All India Forensics Science Conference 10 February 2018, Ahmedabad
NETSQUARE # whoami - Saumil Shah CEO Net Square. •  Hacker, Speaker, Trainer, Entrepreneur, Author. •  20 years in Infosec. •  M.S. Computer Science Purdue University. •  LinkedIn: saumilshah •  Twitter: @therealsaumil
NETSQUARE Agenda •  2010-2018: A little bit of "history". •  Cyber Security – Attacks and Defense. •  Evolving Global Landscape. •  India's Emerging Digital Presence. •  Cross Border Cyber Threats. •  Realigning India's Digital Posture. •  Four Areas of Focus.
NETSQUARE Landmark Incidents since 2010 •  Operation Aurora (2010) [1] •  Stuxnet (2010) •  WannaCry (2017) •  Petya/NotPetya (2017) [1] JR03-2010 "Shadows in the Cloud" - Information Warfare Monitor & Shadowserver.org
NETSQUARE Lessons Learned from "History" •  Cost of Attacks << Cost of Defense •  Cyber Attacks/Campaigns work on a MASS SCALE ... Secondary Primary Initial Attack
NETSQUARE Lessons Learned from "History" •  Cyber Security is still REACTIVE – Stuck in "RULES, SIGNATURES, UPDATES" – Security by Audit COMPLIANCE •  Every large organisation breached in the past 5 years has been "100% Compliant"
NETSQUARE WannaCry/Petya: Reality Check •  Lots of Unpatched and EOL systems! •  DR was a Disaster! –  < 5% effective Backups. –  Average Recovery Time ~48hrs. •  Airgapped networks were reachable!
NETSQUARE Mass Attacks have succeeded where systems share the same GENETIC DEFECT
NETSQUARE Cyber Weapons Marketplace •  GOV •  PVT https://motherboard.vice.com/en_us/article/8xdayg/iphone-zero-days-inside-azimuth-security
NETSQUARE Cyber Defense in 2018 •  "MITIGATE AGAINST KNOWN ATTACKS" – Rules, Signatures, Updates, Patches •  Majority of the CISOs are stuck: – COMPLIANCE and FIREFIGHTING
NETSQUARE Cyber Defense in 2018 •  Response to Next-Gen Attacks: Rowhammer 2015 Stegosploit 2015 Meltdown 2018 Spectre 2018 ? ? ? ?
NETSQUARE Data Forensics in 2018 •  Trapped in CAUSALITY. •  Largely driven by TOOLS. •  End Results: – Recovery of lost/damaged data – Attribution •  Needs to EVOLVE.
NETSQUARE Schrödinger's HACK Computer Systems exist in both SECURE and HACKED states at the same time. Blackhat Asia 2017: https://www.slideshare.net/saumilshah/the-seven-axioms-of-security
NETSQUARE Global Power Shift 20th CENTURY 21st CENTURY
NETSQUARE A Brave New World
NETSQUARE If Information = Power, then... Information Generates More Information
NETSQUARE The Info Asymmetry Game Data Dominance •  Profiling, Analytics, Correlation •  Massive Interception, Exploitation capabilities Hardware Dominance •  Control of platform hardware and firmware – (desktop, mobile) •  Control of telecom back-end infrastructure
NETSQUARE The Info Asymmetry Game Society and Psy-Ops •  Industrialisation of social media manipulation •  Control over public opinion Financing Ops •  SWIFT attacks, Ransomware •  Cryptocurrency hacks
NETSQUARE India's Emerging Digital Presence
NETSQUARE Cross Border Cyber Threats Mass Scale Financial Theft Sabotage of Critical Agencies Recovery of State Sensitive Secrets Psychological Manipulation of large populaces
NETSQUARE Cross Border Cyber Threats Disruption of Infrastructure UPI, NPCI BSE, NSE Telecom Power Grid Transport
NETSQUARE Cross Border Cyber Threats Disruption of Day to Day Business Ransomware DDoS Mass ID Theft
NETSQUARE Realigning India's Digital Posture Reaction Resistance Resilience India's Digital DNA Critical Infrastructure AADHAR Digital Privacy Bharat Crypto Standards
NETSQUARE "IndigenOS" – New Digital DNA •  Move the computing base from PROPRIETARY to supported Open Standards. – No more closed source OSes. •  RESISTANCE and RESILIENCE against Mass Attacks/Cyber Campaigns. Nullcon '14: https://www.slideshare.net/saumilshah/nullcon2014-12yrs-andabakersdozen
NETSQUARE "IndigenOS" – New Digital DNA •  BOSS Linux (CDAC) is a good start. •  Subgraph OS, Qubes OS for higher security standards. •  Custom builds and distributions for various verticals. •  "Pays For Itself" – avoid astronomical Microsoft license costs.
NETSQUARE "IndigenOS" – New Digital DNA •  Government + Academia + Startups •  Publish Open Application Development Standards. •  Maintenance, Support and Update - commercial services. •  Create a new Software Ecosystem. •  Incentivise adoption via smart policies.
NETSQUARE Critical Infrastructure and Services •  Govt and PSUs to transition to "IndigenOS" based open platforms. •  Expansion of CERT-IN's role: – cross sector advisories, incident response, forensics and threat intelligence exchange on a commercial basis.
NETSQUARE Critical Infrastructure and Services •  Data Forensics and Incident Response evolved to a PROACTIVE approach. – Monitoring of emerging attacks – Malware Analysis – Active use of Honeypots, Shadowserver, etc •  DFIR to be turned into a CYBER EARLY WARNING SYSTEM.
NETSQUARE AADHAR and Digital Privacy Protection of Citizens' Digital Privacy is key to preserving India's Digital Sovereignty
NETSQUARE AADHAR Privacy Watchdog •  Government + Academia Collaboration •  Evolves regulations for use and access of AADHAR data. •  Reports violations of private data abuse. •  EU's GDPR is the GOLD STANDARD on citizen data privacy.
NETSQUARE AADHAR and Digital Privacy Indian Private Data should reside ON-SHORE!
NETSQUARE Bharat Cryptography Standards •  Indigenously developed PUBLIC KEY and SYMMETRIC KEY cryptosystems. – using "Made in India" Mathematics. •  Consumer/Commercial grade crypto •  Critical/Military grade crypto Nullcon '14: https://www.slideshare.net/saumilshah/nullcon2014-12yrs-andabakersdozen
NETSQUARE Bharat Cryptography Standards •  Publish as an Open Standard. •  Commercially supported Libraries and Cryptosystems. •  Integral part of "IndigenOS" platform and standards. •  Integral part of all of Digital India Initiatives.
NETSQUARE THANK YOU! saumil@net-square.com @therealsaumil

Recomendados

The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017
Saumil Shah
 
Redefining Defense - HITB2017AMS Keynote
Redefining Defense - HITB2017AMS KeynoteRedefining Defense - HITB2017AMS Keynote
Redefining Defense - HITB2017AMS Keynote
Saumil Shah
 
The Seven Axioms Of Security
The Seven Axioms Of SecurityThe Seven Axioms Of Security
The Seven Axioms Of Security
Saumil Shah
 
The Infosec Crossroads - 44CON 2016
The Infosec Crossroads - 44CON 2016The Infosec Crossroads - 44CON 2016
The Infosec Crossroads - 44CON 2016
Saumil Shah
 
Hack.LU - The Infosec Crossroads
Hack.LU - The Infosec CrossroadsHack.LU - The Infosec Crossroads
Hack.LU - The Infosec Crossroads
Saumil Shah
 
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober20152016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
Saumil Shah
 
SOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPONSOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPON
Sylvain Martinez
 
NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?
North Texas Chapter of the ISSA
 

Recomendados

The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017
Saumil Shah
 
Redefining Defense - HITB2017AMS Keynote
Redefining Defense - HITB2017AMS KeynoteRedefining Defense - HITB2017AMS Keynote
Redefining Defense - HITB2017AMS Keynote
Saumil Shah
 
The Seven Axioms Of Security
The Seven Axioms Of SecurityThe Seven Axioms Of Security
The Seven Axioms Of Security
Saumil Shah
 
The Infosec Crossroads - 44CON 2016
The Infosec Crossroads - 44CON 2016The Infosec Crossroads - 44CON 2016
The Infosec Crossroads - 44CON 2016
Saumil Shah
 
Hack.LU - The Infosec Crossroads
Hack.LU - The Infosec CrossroadsHack.LU - The Infosec Crossroads
Hack.LU - The Infosec Crossroads
Saumil Shah
 
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober20152016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
Saumil Shah
 
SOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPONSOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPON
Sylvain Martinez
 
NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?
North Texas Chapter of the ISSA
 
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
North Texas Chapter of the ISSA
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
CrowdStrike
 
Security and ethical hacking initiative first session
Security and ethical hacking initiative first sessionSecurity and ethical hacking initiative first session
Security and ethical hacking initiative first session
Sithira Pathirana
 
Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2
Sylvain Martinez
 
NTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic FailuresNTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic Failures
North Texas Chapter of the ISSA
 
The Ugly Cost of Cyber Crime
The Ugly Cost of Cyber CrimeThe Ugly Cost of Cyber Crime
The Ugly Cost of Cyber Crime
Rahul Neel Mani
 
Become a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza BeghalBecome a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza Beghal
Null Singapore
 
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
North Texas Chapter of the ISSA
 
The Perimeter Security Retreat: Fall Back, Fall Back to the Server
The Perimeter Security Retreat: Fall Back, Fall Back to the ServerThe Perimeter Security Retreat: Fall Back, Fall Back to the Server
The Perimeter Security Retreat: Fall Back, Fall Back to the Server
Rahul Neel Mani
 
Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!
Dr David Probert
 
Web hacking using Cyber range
Web hacking using Cyber rangeWeb hacking using Cyber range
Web hacking using Cyber range
Priyanka Aash
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
Sylvain Martinez
 
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & MitigationNTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
North Texas Chapter of the ISSA
 
Basi per la sicurezza in rete
Basi per la sicurezza in reteBasi per la sicurezza in rete
Basi per la sicurezza in rete
Alessandro Colla
 
CrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary ProblemCrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary Problem
CrowdStrike
 
From Mirai to Monero – One Year’s Worth of Honeypot Data
From Mirai to Monero – One Year’s Worth of Honeypot DataFrom Mirai to Monero – One Year’s Worth of Honeypot Data
From Mirai to Monero – One Year’s Worth of Honeypot Data
DefCamp
 
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
Dr David Probert
 
Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence OperationsBear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence Operations
CrowdStrike
 
Mobile Security Assessment
Mobile Security AssessmentMobile Security Assessment
Mobile Security Assessment
Sylvain Martinez
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
North Texas Chapter of the ISSA
 
Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018
aztechcouncil
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
STASH | Datacentric Security
 

Más contenido relacionado

La actualidad más candente

NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
North Texas Chapter of the ISSA
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
CrowdStrike
 
NTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic FailuresNTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic Failures
North Texas Chapter of the ISSA
 
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
North Texas Chapter of the ISSA
 
Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!
Dr David Probert
 
CrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary ProblemCrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary Problem
CrowdStrike
 
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
Dr David Probert
 
Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence OperationsBear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence Operations
CrowdStrike
 

La actualidad más candente (20)

NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
 
Security and ethical hacking initiative first session
Security and ethical hacking initiative first sessionSecurity and ethical hacking initiative first session
Security and ethical hacking initiative first session
 
Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2
 
NTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic FailuresNTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic Failures
 
The Ugly Cost of Cyber Crime
The Ugly Cost of Cyber CrimeThe Ugly Cost of Cyber Crime
The Ugly Cost of Cyber Crime
 
Become a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza BeghalBecome a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza Beghal
 
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
 
The Perimeter Security Retreat: Fall Back, Fall Back to the Server
The Perimeter Security Retreat: Fall Back, Fall Back to the ServerThe Perimeter Security Retreat: Fall Back, Fall Back to the Server
The Perimeter Security Retreat: Fall Back, Fall Back to the Server
 
Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!
 
Web hacking using Cyber range
Web hacking using Cyber rangeWeb hacking using Cyber range
Web hacking using Cyber range
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
 
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & MitigationNTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
 
Basi per la sicurezza in rete
Basi per la sicurezza in reteBasi per la sicurezza in rete
Basi per la sicurezza in rete
 
CrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary ProblemCrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary Problem
 
From Mirai to Monero – One Year’s Worth of Honeypot Data
From Mirai to Monero – One Year’s Worth of Honeypot DataFrom Mirai to Monero – One Year’s Worth of Honeypot Data
From Mirai to Monero – One Year’s Worth of Honeypot Data
 
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
CyberTerror-CyberCrime-CyberWar! - Crucial Role of CyberSecurity in "War on T...
 
Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence OperationsBear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence Operations
 
Mobile Security Assessment
Mobile Security AssessmentMobile Security Assessment
Mobile Security Assessment
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
 

Similar a Cross Border Cyber Attacks: Impact on Digital Sovereignty

Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
ClubHack
 
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
Keith Kraus
 
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaiFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
John Kingsley
 

Similar a Cross Border Cyber Attacks: Impact on Digital Sovereignty (20)

Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 
Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking
 
Cybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceCybersecurity and continuous intelligence
Cybersecurity and continuous intelligence
 
Overcoming the cybersecurity challenges of smart cities
Overcoming the cybersecurity challenges of smart citiesOvercoming the cybersecurity challenges of smart cities
Overcoming the cybersecurity challenges of smart cities
 
Security Chat 5.0
Security Chat 5.0Security Chat 5.0
Security Chat 5.0
 
SmartAmerica / Global City Teams Challenge
SmartAmerica / Global City Teams ChallengeSmartAmerica / Global City Teams Challenge
SmartAmerica / Global City Teams Challenge
 
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
 
[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf
[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf
[배포용_최종] CISSP협회 제72회 정보보호리더십세미나_Cybersecurity Mesh, Identity First_v1.0.pdf
 
Gartner: Top 10 Technology Trends 2015
Gartner: Top 10 Technology Trends 2015Gartner: Top 10 Technology Trends 2015
Gartner: Top 10 Technology Trends 2015
 
General introduction to IoTCrawler
General introduction to IoTCrawlerGeneral introduction to IoTCrawler
General introduction to IoTCrawler
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service
 
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
MongoDB IoT CITY Tour LONDON: How M2M and IoT are changing the playing field ...
MongoDB IoT CITY Tour LONDON: How M2M and IoT are changing the playing field ...MongoDB IoT CITY Tour LONDON: How M2M and IoT are changing the playing field ...
MongoDB IoT CITY Tour LONDON: How M2M and IoT are changing the playing field ...
 
MongoDB IoT CITY Tour STUTTGART: The IoT Market Landscape, Machina Research
MongoDB IoT CITY Tour STUTTGART: The IoT Market Landscape, Machina ResearchMongoDB IoT CITY Tour STUTTGART: The IoT Market Landscape, Machina Research
MongoDB IoT CITY Tour STUTTGART: The IoT Market Landscape, Machina Research
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and security
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series Breakfast
 
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaiFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
 

Más de Saumil Shah

The Hand That Strikes, Also Blocks
The Hand That Strikes, Also BlocksThe Hand That Strikes, Also Blocks
The Hand That Strikes, Also Blocks
Saumil Shah
 

Más de Saumil Shah (20)

The Hand That Strikes, Also Blocks
The Hand That Strikes, Also BlocksThe Hand That Strikes, Also Blocks
The Hand That Strikes, Also Blocks
 
Debugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPSDebugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPS
 
Unveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation FrameworkUnveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation Framework
 
Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332
 
Precise Presentations
Precise PresentationsPrecise Presentations
Precise Presentations
 
Effective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual AudienceEffective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual Audience
 
INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020
 
Cyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade AheadCyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade Ahead
 
Cybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In CyberspaceCybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
 
NSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade AheadNSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade Ahead
 
Cybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade AheadCybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade Ahead
 
INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019
 
Introducing ARM-X
Introducing ARM-XIntroducing ARM-X
Introducing ARM-X
 
The Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBDThe Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBD
 
The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019
 
The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019
 
Schrödinger's ARM Assembly
Schrödinger's ARM AssemblySchrödinger's ARM Assembly
Schrödinger's ARM Assembly
 
ARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMSARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMS
 
What Makes a Compelling Photograph
What Makes a Compelling PhotographWhat Makes a Compelling Photograph
What Makes a Compelling Photograph
 
Make ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKMake ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEK
 

Último

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
MyIntelliSource, Inc.
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
harshavardhanraghave
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 

Último (20)

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 

Cross Border Cyber Attacks: Impact on Digital Sovereignty

  • 1. NETSQUARE CROSS BORDER CYBER ATTACKS: IMPACT ON DIGITAL SOVEREIGNTY Saumil Shah - CEO Net Square 24th All India Forensics Science Conference 10 February 2018, Ahmedabad
  • 2. NETSQUARE # whoami - Saumil Shah CEO Net Square. •  Hacker, Speaker, Trainer, Entrepreneur, Author. •  20 years in Infosec. •  M.S. Computer Science Purdue University. •  LinkedIn: saumilshah •  Twitter: @therealsaumil
  • 3. NETSQUARE Agenda •  2010-2018: A little bit of "history". •  Cyber Security – Attacks and Defense. •  Evolving Global Landscape. •  India's Emerging Digital Presence. •  Cross Border Cyber Threats. •  Realigning India's Digital Posture. •  Four Areas of Focus.
  • 4. NETSQUARE Landmark Incidents since 2010 •  Operation Aurora (2010) [1] •  Stuxnet (2010) •  WannaCry (2017) •  Petya/NotPetya (2017) [1] JR03-2010 "Shadows in the Cloud" - Information Warfare Monitor & Shadowserver.org
  • 5. NETSQUARE Lessons Learned from "History" •  Cost of Attacks << Cost of Defense •  Cyber Attacks/Campaigns work on a MASS SCALE ... Secondary Primary Initial Attack
  • 6. NETSQUARE Lessons Learned from "History" •  Cyber Security is still REACTIVE – Stuck in "RULES, SIGNATURES, UPDATES" – Security by Audit COMPLIANCE •  Every large organisation breached in the past 5 years has been "100% Compliant"
  • 7. NETSQUARE WannaCry/Petya: Reality Check •  Lots of Unpatched and EOL systems! •  DR was a Disaster! –  < 5% effective Backups. –  Average Recovery Time ~48hrs. •  Airgapped networks were reachable!
  • 8. NETSQUARE Mass Attacks have succeeded where systems share the same GENETIC DEFECT
  • 9. NETSQUARE Cyber Weapons Marketplace •  GOV •  PVT https://motherboard.vice.com/en_us/article/8xdayg/iphone-zero-days-inside-azimuth-security
  • 10. NETSQUARE Cyber Defense in 2018 •  "MITIGATE AGAINST KNOWN ATTACKS" – Rules, Signatures, Updates, Patches •  Majority of the CISOs are stuck: – COMPLIANCE and FIREFIGHTING
  • 11. NETSQUARE Cyber Defense in 2018 •  Response to Next-Gen Attacks: Rowhammer 2015 Stegosploit 2015 Meltdown 2018 Spectre 2018 ? ? ? ?
  • 12. NETSQUARE Data Forensics in 2018 •  Trapped in CAUSALITY. •  Largely driven by TOOLS. •  End Results: – Recovery of lost/damaged data – Attribution •  Needs to EVOLVE.
  • 13. NETSQUARE Schrödinger's HACK Computer Systems exist in both SECURE and HACKED states at the same time. Blackhat Asia 2017: https://www.slideshare.net/saumilshah/the-seven-axioms-of-security
  • 14. NETSQUARE Global Power Shift 20th CENTURY 21st CENTURY
  • 16. NETSQUARE If Information = Power, then... Information Generates More Information
  • 17. NETSQUARE The Info Asymmetry Game Data Dominance •  Profiling, Analytics, Correlation •  Massive Interception, Exploitation capabilities Hardware Dominance •  Control of platform hardware and firmware – (desktop, mobile) •  Control of telecom back-end infrastructure
  • 18. NETSQUARE The Info Asymmetry Game Society and Psy-Ops •  Industrialisation of social media manipulation •  Control over public opinion Financing Ops •  SWIFT attacks, Ransomware •  Cryptocurrency hacks
  • 20. NETSQUARE Cross Border Cyber Threats Mass Scale Financial Theft Sabotage of Critical Agencies Recovery of State Sensitive Secrets Psychological Manipulation of large populaces
  • 21. NETSQUARE Cross Border Cyber Threats Disruption of Infrastructure UPI, NPCI BSE, NSE Telecom Power Grid Transport
  • 22. NETSQUARE Cross Border Cyber Threats Disruption of Day to Day Business Ransomware DDoS Mass ID Theft
  • 23. NETSQUARE Realigning India's Digital Posture Reaction Resistance Resilience India's Digital DNA Critical Infrastructure AADHAR Digital Privacy Bharat Crypto Standards
  • 24. NETSQUARE "IndigenOS" – New Digital DNA •  Move the computing base from PROPRIETARY to supported Open Standards. – No more closed source OSes. •  RESISTANCE and RESILIENCE against Mass Attacks/Cyber Campaigns. Nullcon '14: https://www.slideshare.net/saumilshah/nullcon2014-12yrs-andabakersdozen
  • 25. NETSQUARE "IndigenOS" – New Digital DNA •  BOSS Linux (CDAC) is a good start. •  Subgraph OS, Qubes OS for higher security standards. •  Custom builds and distributions for various verticals. •  "Pays For Itself" – avoid astronomical Microsoft license costs.
  • 26. NETSQUARE "IndigenOS" – New Digital DNA •  Government + Academia + Startups •  Publish Open Application Development Standards. •  Maintenance, Support and Update - commercial services. •  Create a new Software Ecosystem. •  Incentivise adoption via smart policies.
  • 27. NETSQUARE Critical Infrastructure and Services •  Govt and PSUs to transition to "IndigenOS" based open platforms. •  Expansion of CERT-IN's role: – cross sector advisories, incident response, forensics and threat intelligence exchange on a commercial basis.
  • 28. NETSQUARE Critical Infrastructure and Services •  Data Forensics and Incident Response evolved to a PROACTIVE approach. – Monitoring of emerging attacks – Malware Analysis – Active use of Honeypots, Shadowserver, etc •  DFIR to be turned into a CYBER EARLY WARNING SYSTEM.
  • 29. NETSQUARE AADHAR and Digital Privacy Protection of Citizens' Digital Privacy is key to preserving India's Digital Sovereignty
  • 30. NETSQUARE AADHAR Privacy Watchdog •  Government + Academia Collaboration •  Evolves regulations for use and access of AADHAR data. •  Reports violations of private data abuse. •  EU's GDPR is the GOLD STANDARD on citizen data privacy.
  • 31. NETSQUARE AADHAR and Digital Privacy Indian Private Data should reside ON-SHORE!
  • 32. NETSQUARE Bharat Cryptography Standards •  Indigenously developed PUBLIC KEY and SYMMETRIC KEY cryptosystems. – using "Made in India" Mathematics. •  Consumer/Commercial grade crypto •  Critical/Military grade crypto Nullcon '14: https://www.slideshare.net/saumilshah/nullcon2014-12yrs-andabakersdozen
  • 33. NETSQUARE Bharat Cryptography Standards •  Publish as an Open Standard. •  Commercially supported Libraries and Cryptosystems. •  Integral part of "IndigenOS" platform and standards. •  Integral part of all of Digital India Initiatives.