Super Secure Cloud
description
Transcript of Super Secure Cloud
![Page 1: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/1.jpg)
CLOUD
S U P E RSECURE
Peter Cochraneformicio.com
Thursday, 12 July 12
![Page 2: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/2.jpg)
Security is always a cat and mouse game...
Thursday, 12 July 12
![Page 3: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/3.jpg)
And we are always trying to tilt the odds in our favour...
Thursday, 12 July 12
![Page 4: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/4.jpg)
But we cannot leave anything to chance, we cannot afford to gamble, the stakes are far too high..
Thursday, 12 July 12
![Page 5: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/5.jpg)
We have to think like the enemy, war game, test and probe, & constantly keep ahead technically and strategically...
Thursday, 12 July 12
![Page 6: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/6.jpg)
1) There is always a threat
2) It is always in a direction you’re not looking
3) Perceived risk/threat never equals reality
4) Nothing is 100% secure
5) People are always the primary risk
6) Resources are deployed inversely proportional to actual risk
Laws of security...
Thursday, 12 July 12
![Page 7: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/7.jpg)
Laws of security...
7) You need two security groups - defenders & attackers
8) Security & operational requirements are mutually exclusive
9) Legislation is always > X years behind
10) Security standards are an oxymoron
11) Security people are never their own customer
12) Cracking systems is far more fun than defending them
Thursday, 12 July 12
![Page 8: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/8.jpg)
Laws of security...
13) Hackers are smarter than you - they are younger!
14) Hackers are not the biggest threat - governments are!
15) As life becomes faster it becomes less secure
16) Connectivity and data half lives are getting shorter too
17) We are most at risk during a time of transition
18) The weakest link generally defines the outcome
Thursday, 12 July 12
![Page 9: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/9.jpg)
If we continue to do what we’ve always done our Cloud exposure will accelerate..
Thursday, 12 July 12
![Page 10: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/10.jpg)
In The Cloud - the attack surface is the entire planet...
Thursday, 12 July 12
![Page 11: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/11.jpg)
We w i l l n e e d more and smarter firewalls...
Thursday, 12 July 12
![Page 12: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/12.jpg)
All forms of malware protection will have to become evolutionary...
Thursday, 12 July 12
![Page 13: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/13.jpg)
Has to become far more sophisticated...
Thursday, 12 July 12
![Page 14: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/14.jpg)
Enhancing login vectors...Something you:
- Do- Are- Know- Possess- Deduce- Relate to- Recognise- Remember- Understand
A concatenation of weak vectors rapidly becomes very strong...
Thursday, 12 July 12
![Page 15: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/15.jpg)
Concatenating numerous low cost biometrics is a good example...
- Eye- Face- Hand- Voice- Typing- Habits- Devices- Locations- ++++
Thursday, 12 July 12
![Page 16: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/16.jpg)
Automated & stronger encryption...
...but only where needed !Thursday, 12 July 12
![Page 17: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/17.jpg)
More anonymity applications...
Thursday, 12 July 12
![Page 18: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/18.jpg)
More url hopping, identity, & location cloaking applications...
Thursday, 12 July 12
![Page 19: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/19.jpg)
What does The Cloud offer beyond all this ?
Thursday, 12 July 12
![Page 20: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/20.jpg)
So what are the extras The Cloud brings to the party ?
It will destroy dominant mono-cultures of:- Devices- Browsers- eMail clients- Application sets- Operating modes- Operating systems
Hackers love mono-cultures - it makes their lives so very
much easier...
Thursday, 12 July 12
![Page 21: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/21.jpg)
More variety, dynamism, and faster change...
Thursday, 12 July 12
![Page 22: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/22.jpg)
Clouds of all sizes will form and dissipate by demand . . .w i t h t h e clustering of people and devices +++
Thursday, 12 July 12
![Page 23: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/23.jpg)
Connectivity will be less static, comms between Clouds sporadic and far more varied...
Movie
Thursday, 12 July 12
![Page 24: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/24.jpg)
Moving targets are very hard to hit
Thursday, 12 July 12
![Page 25: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/25.jpg)
Thin clients offer very limited processing and memory, making it far harder for malware to be effective...
Thursday, 12 July 12
![Page 26: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/26.jpg)
Cloud services now a v a i l a b l e f r o m multiple suppliers...
- Infrastructure- Platform- Software
Thursday, 12 July 12
![Page 27: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/27.jpg)
Use multiple suppliers for connectivity, apps, storage, security et al and employ in a randomised fashion...
Thursday, 12 July 12
![Page 28: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/28.jpg)
...seamlessly flip between devices...Thursday, 12 July 12
![Page 29: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/29.jpg)
Why
Thursday, 12 July 12
![Page 30: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/30.jpg)
To make it incredibly difficult for the dark side:
- No single log-on device- No single log-on location- Variable log-on routine- Distributed applications- Distributed filing system- Parsed and distributed data- Multiple clouds and providers- Dynamic creation of clouds- Dynamic cloud interconnection- Inter-cloud encryption and coding- Corporate strength security for all
Thursday, 12 July 12
![Page 31: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/31.jpg)
App
App App
App
App Storage
Storage Corporate
Corporate
Corporate
Personal Personal Storage
One of manyConnection
Clouds
SurroundedBy
Clouds
Thursday, 12 July 12
![Page 32: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/32.jpg)
Parsed data flows to/frommultiple destinations...
...are incredibly difficult to intercept and decode...
Thursday, 12 July 12
![Page 33: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/33.jpg)
Parsed, encrypted & distributed folders over multiple global ser vers . . . i s even harder!
Thursday, 12 July 12
![Page 34: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/34.jpg)
Parsed, encrypted and distributed data folders over multiple global servers...is even worse!
The biggest threat is still people laxity and the insider...
Thursday, 12 July 12
![Page 35: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/35.jpg)
Behavioural monitoring and analysis will become an essential cloud service for SMEs, corporations & .gov...
Thursday, 12 July 12
![Page 36: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/36.jpg)
Half lives of connections, data, info and knowledge...are going to get much shorter!
Thursday, 12 July 12
![Page 37: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/37.jpg)
We have toreduce theopportunityand the time available forThe Dark Sideto infiltrate and take action...
Thursday, 12 July 12
![Page 38: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/38.jpg)
And should they break in we confront them with partial access and a very confusing picture...
Which door to choose, and to which cloud, for how long, with access to what ?
Thursday, 12 July 12
![Page 39: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/39.jpg)
How many layers, combinations,connections, locks,types ?
How long will they be open,
and what is in each of the many clouds ?
Thursday, 12 July 12
![Page 40: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/40.jpg)
The Dark S i d e w i l l thus have far less time to infiltrate a n d t a k e action...
The day of the lone hacker is coming to an end...
Thursday, 12 July 12
![Page 41: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/41.jpg)
The New Dark Side are gov agencies and criminal organisations with huge budgets, people & tech resources...
Thursday, 12 July 12
![Page 42: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/42.jpg)
The sophistication of StuxNet and Flame surprised industry and governments .. .and they mark the start of a new era...
Thursday, 12 July 12
![Page 43: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/43.jpg)
We may be transiting to‘Cyber Warfare’...
Thursday, 12 July 12
![Page 44: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/44.jpg)
Fending off such threats
demands more capability
than individual corps can
muster
Thursday, 12 July 12
![Page 45: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/45.jpg)
Global cooperation will be required, to develop military grade solutions ...
Thursday, 12 July 12
![Page 46: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/46.jpg)
To survive and prosper we have to think and act differently whilst leverag ing new technology, and techniques...
Thursday, 12 July 12
![Page 47: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/47.jpg)
The DIYcompanies
will not survive...
Thursday, 12 July 12
![Page 48: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/48.jpg)
Malware is now open code for free or a modest price f r o m m u l t i p l e sources...
...it is also breeding by the hand of man and by a digital life force we created...
Thursday, 12 July 12
![Page 49: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/49.jpg)
The Art of War by Sun Tzu, 600 BC
“Speed is the essence of war. Take advantage of the enemy's unpreparedness ; t rave l by unexpected routes and strike him where he has taken no precautions”
Thursday, 12 July 12
![Page 50: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/50.jpg)
Be prepared !Thursday, 12 July 12
![Page 51: Super Secure Cloud](https://reader033.fdocuments.net/reader033/viewer/2022051613/54c8d1234a7959e37c8b4576/html5/thumbnails/51.jpg)
Thank You
formicio.com
Thursday, 12 July 12