Saturday, 12 November 2016


The 8th IRISSCERT Cyber Crime Conference will be held this year on Thursday the 24th of November 2016 in the Ballsbridge, Pembroke Road, Dublin. 

This all day conference, focuses on providing attendees with an overview of the current cyber-threats throughout the world and focuses especially on threats that affect businesses in Ireland, and what should be the best course of action when it comes to defending against these threats. You can find my recap blog post for last year's event here.

Like every year, professionals that work in cybersecurity and tackle cybercrime / cyber threats on a daily basis, will be sharing their thoughts and experiences, while attendees have a unique opportunity to ask questions,discuss cybersecurity strategies, and most importantly will meet and network with likeminded individuals allowing them to share their views and opinions.

I am honoured to be invited to speak at this event and get to share my thoughts and views on cybersecurity and most importantly, on cyber resilience, which is also reflected by my talk's title: "All aboard, next stop; Cyber Resilience". 

The abstract for my talk can be found below and I do hope you find it interesting. If you find yourselves in Dublin during the conference, I strongly suggest getting a ticket on time and join us at IRISSCON, and please come and say hi. It is always a pleasure to meet people who are passionate about information security and cybersecurity, and want to discuss/share their thoughts and opinions. Looking forwards to seeing you all there.

Abstract: The ever evolving threat landscape in the fifth domain of warfare has become a realisation for those have been breached and for those who haven’t detected it yet. In evolutionary terms, all of this happens because it is simply how nature works; where there is an attack there will be a need for defence, and while you advance and evolve in order to defend against the emerging threats, the threats will also continue to counter-evolve. The umbrella terms of cybersecurity and cyber defence, are simply two pieces of a puzzle that is called cyber resilience. In order to be able to survive this technological era, we need to embrace the change, welcome new technologies and services, understand the business needs, and evolve in the way that we perceive security and privacy. In other words, our cyber resilience against fast evolving threats, is to strengthen by constantly adapting to these threats. Our adaptation to threats is what drives the threat actors to aim for the “lowest hanging fruit” and shift to their next stage of their evolution.

An effective cyber resilience strategy needs to be adaptable and capable of assessing the security posture of a business, an organisation, an enterprise, even a country’s critical infrastructure, beyond physical borders and geographically confined sectors, even across the whole globe. Adding to this, the rapid interconnection of numerous devices, aka Internet of Things (IoT) and SCADA-controlled systems, increases exponentially the complexity of the systems to be protected. The required efforts involved in protecting these systems, will only increase further while smart cities start becoming a reality, and this is part of the inevitable evolution, as it was discussed above. Threat actors are mainly opportunists, and it is also inevitable not to see them try to take advantage of this technological evolution, and themselves counter-evolve as well. Hence, today is the time that we need to realise and accept that cybersecurity will become far more complicated in the context of today’s emerging threat landscape, that is not only constantly changing, but is also expanding at an increasingly fast rate. Based on this, the need to start thinking outside-the-box when it comes to security is not only deemed as necessary, but it is the only way if we really want to face the most problematic element of cybersecurity, which is having a dynamic and equally evolving resilience plan that is capable of responding to evolving threats.

It is imperative to understand that the unfortunate event of being compromised is an unpredictable but real state of operations for any entity. However, the ability to predict, detect, respond and successfully recover from a cyber breach is the essence of Cyber Resiliency, that sets the foundation for the new era of defence against Cyber warfare. Cyber resilience puts us in a stage where we are going to be able to run plausible attack scenarios across the current security posture of a small organisation all the way up to a whole smart city, allowing the results to be measured, act upon factual data, and fine tune our predictions for taking the next steps.

Readiness is defined by the speed of the threats being detected, while responding in a timely manner is what defines a proper cybersecurity strategy in place. Your cyber resilience strategy though, is measured on how effectively you have allowed yourself to recover.

No comments:

Post a Comment