The document summarizes Matthew Rosenquist's predictions for the top 10 cybersecurity trends of 2015. These included:
1. Cyber warfare becoming a legitimate tool for governments and increasing sophistication of state-sponsored attacks.
2. Increased active government intervention in cybersecurity through law enforcement, international cooperation, and regulating critical infrastructure protection.
3. High demand and shortage of cybersecurity talent as attacks grow in scale and sophistication.
4. Continued targeting of high-profile organizations despite security improvements.
5. Attacks directly targeting individuals through ransomware and doxing of public figures.
6. Organizations overhauling their approach to risk management and increasing board involvement in security.
Take control of your SAP testing with UiPath Test Suite
Top 10 Cybersecurity Predictions for 2015
1. The Top 10 Cybersecurity Predictions for 2015
ISACA
February 12th 2015, Sacramento CA
Matthew Rosenquist
Cybersecurity Strategist, Intel Corp
2. Abstract
2
Peering into the future of cybersecurity provides valuable insights for security
professionals. The industry is changing rapidly and attackers seem to always be
one step ahead. Organizations must not only address what is ongoing, but also
prepare for how cyber-threats will maneuver in the future. Come listen to the
2015 Cybersecurity Predictions and join the discussion of the forthcoming
challenges the industry is likely to face and how we can be better prepared for
it.
3. Biography
3
Matthew Rosenquist
Cybersecurity Strategist
Intel Security Group
Matthew benefits from 20 years in the field of security, specializing in strategy, threats,
operations, crisis management, measuring value, communicating industry changes, and
developing cost effective capabilities which deliver the optimal level of security. As a
cybersecurity strategist, he works to understand and communicate the future of
security and drive industry collaboration to tackle challenges and uncover
opportunities to significantly improve global computing security.
Mr. Rosenquist built and managed Intel’s first global 24x7 Security Operations Center,
overseen internal platform security products and services, was the first Incident
Commander for Intel’s worldwide IT emergency response team, and managed security
for Intel’s multi-billion dollar worldwide mergers and acquisitions activities. He has
conducted investigations, defended corporate assets, established policies, developed
strategies to protect Intel’s global manufacturing, and owned the security playbook for
the PC strategic planning group. Most recently, Matthew worked to identify the
synergies of Intel and McAfee as part of the creation of the Intel Security Group, one of
the largest security product organizations in the world.
Twitter @Matt_Rosenquist
Blogs Intel IT Peer Network
4. Our Cybersecurity Future
4
Why look forward?
To understand the challenges we face
Why does it matter?
Allows us to prepare and make good choices
What can we do?
Think ahead, plan, and lead
Let’s explore and discuss…
8. Cyber Warfare Becomes Legitimate
• A tool for government policy
• Investments coming to fruition
• Discretion, but no apologies
• Innovation leaks to other hackers
• State sponsored attacks
• Intelligence gathering & surveillance
Expect collateral damage and more
sophisticated attack technology
• Update your threat agent risk profiles
• Invest more in advanced detection
8
1.
9. 9
2. Active Government Intervention
• Active role in defending their citizens
• Investigate, respond, and prosecute
• Improved law enforcement
• Public advocacy and attribution
• International cooperation
• Politicians seek to punish nation-states
More politics & better law enforcement
to meet public expectations
• More regulations and specificity
• Government voice representing
enterprise victims
10. 10
3. Security Talent in Great Demand
• Pool of qualified workers is dry
• Higher salaries for cyber professions
• Will take 2-3 years to refresh the pool
• Need a generation of security leaders
• Opportunities abound for talent
Hiring of technical and leadership
cybersecurity staff will be difficult
• Plan accordingly to hire qualified
candidates
• Hold on to the good ones you have
• Outsource services if necessary
11. 11
4. Big names will continue to fall victim
• Nobody is immune
• Attackers seek easy and valuable
targets
• Financial, well-known, & political
targets will be victimized
• More business data theft, forgery,
impersonation, and hijacking
Re-evaluate your position as a victim
• Understand the types of attackers
interested in your organization
• Don’t be an easy target, stay stronger
• Secure products, operations, and data
• Reconsider what is valuable and how
to protect it
12. 12
5. Attacks put individuals directly at risk
• Feeling of being personally attacked
• Ransomware, spearphishing, personal
threats and embarrassment
• Executives, politicians, government
officials, famous, and the wealthy
• Cyber affecting physical world risks
Prepare mentally to deal with rigors
• Expect everyday people to be targeted
• Prepare executives & DRBC response
• Expand crisis plans for special cases of
employees & customers notifications
• Evaluate links to physical-harm
13. 13
Enterprises overhaul the view of risk
• Board level discussions focus on
awareness and responsibility
• Product and service security
• Privacy of customer data > availability
• Less tolerance of mistakes
Refine how risk is evaluated
• Threat and Likelihood increase
• Understand attackers (the Who & Why,
not just How)
• Attack velocity and scope increasing
• Seek an optimal security posture
• Drive focus, accountability, funding,
and visibility to the board
6.
14. 14
7. Attack & Defense Innovation Improve
• Attackers maintain the initiative
• Success encourages more attacks
• Both leverage the power of cloud
resources, services, and software
• Cloud storage and web ad networks to
deliver malware
• Certificate theft rises
Leverage New Controls and Services
• Attack detection & attribution, threat
intelligence, DC/VM/IoT/POC, and
contextual security factors
• Security industry vendor consolidation
• Cross-technology alliances for tool
collaboration
15. 15
8. Malware Becomes More Problematic
• Rise in complexity, tougher to detect,
analyze and remove
• Signed malware 100% growth, ~100m
• Numbers grow 50%+ annually, ~500m
• Expansion beyond PC’s
• Ransomware and bank credential theft
Prepare for Malware Getting Through
• Layered defense for prevention
• Rapid detection of compromise
• Prepare for complex ransomware
• Cultivate savvy employees
16. 16
9. Attackers Seize Upon Tech Growth
• More users, devices, data, and
infrastructures
• Data and services more valuable
• Threats lured to value and power
• IoT, Bitcoin, ATM, and online services
• State sponsored communications,
intelligence gathering, industrial
controls and critical infrastructures
With Growth Comes Risk
• Careful what you buy and from whom
• Upgrade infrastructures with security
• Vet your products and services prior to
release for vulnerability/privacy issues
17. 17
10. Next Evolution of Attacks
• From DoS and Data Theft to
sophisticated campaigns of Monitoring
and Manipulation – Undermine Trust
• Access is a beachhead for long term
surveillance and exploitation
• Shifts from smash-n-grab to Data
Tampering and service control
• Altering financial transactions, modify
ICS safety, control of communication
infrastructures of trusted entities
Prepare for the Next Types of Attacks
• Improve detection and response
processes
• Think, Plan, and Prepare!
18. Common Themes…
18
• Threat agents advance
• Greater infusion of resources
• More professional threats
• Advanced technical and behavioral capabilities
• Attacks expand and are more impactful
• Breadth follows technology growth
• Sophistication goes deeper
• Impacts rise and expand to new areas
• Defenders must keep pace to survive
• Optimize and prioritize resources
• Adapt to shifts in attacks and impacts
• Don’t be the easy target and protect what is most valuable
19. 1. Leadership is essential
2. Know your Threats, Assets, and Controls
3. Prepare for new attacks
4. Don’t be the easy target
5. Seek the ‘Optimal’ balance of security
6. Leverage layers of security
7. Apply a strategic cybersecurity capability
process
7 Keys to Cybersecurity Success