Future cybersecurity threats and research needs. - CNRS

www.thalesgroup.com

Future cybersecurity threats and research needs.

3rd Franco-American Workshop on CybersecurityLyon

Kreshnik [email protected]

December 9. 2014

2 /2 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s

Future cyber-security threats and research needs

Challengesu Overall increasing volume and/or complexity of cyber-attacks, as well as

decreasing capabilities to act upon the attackers.

u Difficulty to deal with all the feedback provided by existing securitytechnologies and solutions.

u Human knowledge exploitation in the cyber defence and cyber detectionbranches is limited.

u Progress rate of attack techniques VS progress rate of defensive measures.

Current and future cyber security researchu Cross-combination of monitoring data sources

£ Heterogenity data issues

£ Semi-automatic data processingobstacles

u Attack knowledge extraction and interpretation;

£ What do really mean the security alerts that I receive?

£ How can I make use of the collected expertise?

u Real-time surveillance of the « big picture »

u APT: can they be really be addressed ?!

3 /3 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s

Current (and future) cyber security threatsu Scalability and distribution of attacks. It is now common to

observe intense threat activity even under normal circumstances, and for non-critical targets.

u Evasive techniques. What was intended to represent defensivemeasures, has become the common solution to avoid protective barriers.

u Data leakage issues. Current technologies remain limited to simple and medium scenarios.

u Beware of noise! Too many alerts and events, used by almostno one, to detect nothing.

u The human factor. Technology is not the main solution, it stillremains an accessory. Compliance cannot replace it either.


4 /4 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s What market conditions to satisfy?u Capabilities to marketing

u Market growth

u Market Potential

u Customer acceptance

u ROI

u Employment Growth

u Positive Impact on domains/sector

u Positive Impact on economy

What are the research needs?u The entire ecosystem needs to be heard

u Research actions are needed in order to face current voids: TRIVIAL(?)!

u Priorities need to be defined, and the business and research community needs to have its stake in the game

u Account for different viewpoints: threat relevance, business impact, future projections of threats’ increase in size, complexity, and nature.


5 /5 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s

Facts and figures

u 9 Partners across Europe: European Organisation for Security, TNO, Engineering, Atos, Thales, Fraunhofer, Ecorys, University of Trento, Conceptivity

u Coordinator: European Organisation for Security

u CAPITAL selects key societal and technological domains whose future is at risk due to potential cybersecurity and privacy threats

u CAPITAL identifies how ICT could address these threats and can contribute to decreasing their impact or completely removing them

u CAPITAL works closely with the European Commission Public-Private Platform for Network and Information Security (NIS Platform) WG 3 on Secure ICT Research & Innovation


6 /6 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s


7 /7 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s

ANALYSIS OF THE STATE OF THE ART AND FUTURE THREATS

u CAPITAL will identify:

£ emerging current and future threats

£ a list of solutions per emerging area

£ impacted areas of information technology

ANALYSIS OF RESEARCH NEEDS

u CAPITAL will conduct a gap analysis between current and future cybersecurity threats

u CAPITAL will review other research agendas and conduct a market study


8 /8 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s

RESEARCH ACTIVITIES

u Identification and authentication

£ Development of rich identification and authentication techniques to ensure privacy, and handle identities securely.

u Security of cloud computing

£ Study virtualization architectures to enable full security/performance isolation at all levels (e.g., I/O, memory, cache) as well as data flow analysis in hypervisors applying statistical machine learning to detect attacks.

u Mobile devices and emerging technologies

£ Given the fact that through mobile and wearable devices highly sensitive personal and enterprise data is communicated, confidentiality, privacy and integrity seem to be the most important property to guarantee.

£ Exploring highly scalable technologies for efficient monitoring and analysis of security events that have the potential to compromise mobile devices.


9 /9 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s

RESEARCH ACTIVITIES

u Critical infrastructure security

£ Most of the critical infrastructures (e.g. water supply, electricity, healthcare, telecommunication) highly depend on Industrial Control Systems (ICS).

£ Current EU projects need to be followed by additional research efforts, research should be carried out on ICS identity, privacy and trust management.

u Internet of things

£ Development, convergence and interoperability of technologies for secure identification and authentication that can operate at a global scale.

£ Increasing security assurance by developing risk and cost assessment methods adapted to the IoT (early security verification) and to enable assurance in the development of software based services.


10 /10 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s

RESEARCH ACTIVITIES

u Security and privacy by design

£ Economic research should aim to gain more insight into the costs of a secure design, which may be initially higher and may require a trade-off between risks and expenses.

£ A key problem is the impossibility to design completely secure system, which will stimulate cybercriminals to find ways to benefit from flaws. The challenge for researchers will be to explore the conditions under which developers stay ahead of cybercriminals.

u End-user awareness and usable security

£ The development of useable security systems which are simple to understand for end-users. Currently methods for securing a system or device are often very complicated and therefore insufficiently used by the majority of end-users.

£ The strengthening of the knowledge of end-users on cybersecurity and privacy risks.


11 /11 /

Thi

s do

cum

ent i

s th

e pr

oper

ty o

f Tha

les

Gro

up a

nd m

ay n

ot b

e co

pied

or c

omm

unic

ated

with

out w

ritte

n co

nsen

t of T

hale

s

FUTURE SOCIETAL NEEDS

u CAPITAL will identify promising solution concepts to found challenges in emerging areas

u Drafting and validation of the final Research Agenda

For all these, substantial input is collected from experts and professionals in the cybersecurity field, based on a questionnaire.

Actual conclusion: Determining future research topics in cybersecurity, and assessing their impact and relevance on future trends is a complex and error-prone task, but a mandatory one.


Future cybersecurity threats and research needs. - CNRS

Documents

Transcript of Future cybersecurity threats and research needs. - CNRS