1 / 19

Trends in Cyber Security: The Need for Privacy and Security

Explore the main drivers for increased investment in cyber defense, such as cybercrime, cyberwarfare, laws and regulations (GDPR, NIS, PSD2, CCPA, EPR), and the rising privacy consciousness. Discover the impacts of cybercrime on society and recent examples like crypto mining malware and hacking of Bitcoin exchanges. Learn about the importance of encryption in enhancing security and privacy, including trends in HTTPS adoption and key management. Delve into evolving technologies like AI, blockchain, and decentralized identity for improving security practices. Stay informed and proactive in safeguarding your organization's digital assets.

hardie
Download Presentation

Trends in Cyber Security: The Need for Privacy and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. aleksandarmujadin Trends in cyber security

  2. the need for privacy and security Main drivers for increased investment into cyber defense Cybercrime Cyberwarfare Laws and regulations, e.g. GDPR, NIS, PSD2, CCPA, EPR Privacyconsciousness

  3. cybercrime increasedcost to society 💸

  4. cybercrime * Valimailreport **FBI examples Crypto mining malware for Monero, $56m in profit over 12 years HackingofBitcoinexchanges, ~$1bn in 2018 3.4 billion fakeemails sent eachday* Business e-mail compromise** 136% increasebetween Dec. 2016 – May 2018 100% increasebetween May 2018 – July 2019 Actual & attempted loss over 3 years: $26 billion US worldwide

  5. groupdiscussion Vad ser ni som de främsta drivkrafterna i era organisationer när det kommer till IT säkerhet? Finns det något område som ni anser är viktigast att satsa på under 2020?

  6. worldwide trends

  7. encryption Importantbuilding block for security and privacy Going towards a fullyencrypted web 2014 = ~25% of web sites used HTTPS 2019 = ~78% of web sites using HTTPS worldwide, USA ~87% Reducedcostof TLS certificatesthanks to Let’sEncrypt Issues > 1 million certificates / day Rethinkingkey management hygiene Otherinitiatives to encryptothertypesoftraffic DNS encryption

  8. Death ofevcertificates

  9. otherinitiatives STARTTLS Everywhere – preventdowngrade attacks on e-mail traffic MTA-STS Encryptionof DNS traffic – making it impossible for the ISP / network operator to see DNS queries DNS-over-TLS DNS-over-HTTPS Builtinto end userapplications, e.g. Firefox Questionableprivacybenefits Bypass DNS based filters

  10. TLS 1.3 ¹draft-camwinget-tls-use-cases-00 released aug-2018 Reducescomplexity Removesobsolete and insecureciphers Increasesperformance Introducesdowngradeprotection Enforces ”Perfect Forward Secrecy” Big impact on networksecurityappliancesthat do traffic inspection¹ Re-architectingnecessary Passive mode decryption not possible ”Fake” eTLSprotocolproposed as a workaround

  11. safeprogramming ¹ According to Microsoft SecurityResponse Center Highperformancecoding still done in C and C++ 70% ofsecurityvulnerabiltitiesdue to memorysafety issues¹ Rust to the rescue Linux

  12. passwordless Issueswithpasswordstoday; passwordspraying, credentialstuffing, phishing, brute force, offlinecracking, localdiscovery, keyloggers. Built on public keycryptography and open standards FIDO2 and WebAuthn Availabletoday in Windows 10 and Azure Active Directory Begin planning today!

  13. AI Explainable AI (XAI) Trust Understanding Accountability AI or ML techincluded in securityproducts Attacks against AI Data poisoning

  14. blockchain * https://nvlpubs.nist.gov/nistpubs/ir/2018/NIST.IR.8202.pdf Recommendedreading: NISTIR 8202 – BlockchainTechnologyOverview* Gartner Predicts 90% of Current Enterprise Blockchain Platform Implementations Will Require Replacement by 2021

  15. decentralizedidentity https://w3c-ccg.github.io/did-primer/ status update Recapofgoals: Control yourown digital identity, whatyoushare and whoyoushare it with. Based on privacy by design & data minimizationprinciples. No personal info stored on the blockchain Personal wallet W3C standards work Decentralizedidentifiers (DID) VerifiableCredentials (VC) Open standards – open source development Github, Microsoft, Sovrin etc. European Blockchain Services Infrastructure (EBSI)

  16. EBSI usecase: European Self Sovereign Identity (ESSIF) Microsoft DecentralizedIdentity Whitepaper highleveloverview

  17. Thankyou! Aleksandar Mujadin aleksandar.mujadin@pulsen.se 073 - 4213 013

  18. 11:20 Heading to digitize a business with over 600 000 employees. Daniel Hjort

More Related