Future Security ZACon Conference

A Olivier

anthony.desmond.olivier@gmail.com

Twitter: anthonyolivier

www.discussIT.co.za

Opinions “We have had the same Information Security problems for 25 years. We

still haven’t solved them”

“For $200.000 dollars you can hire the hacking team that will crack anything. That’s less than the average American bank’s Anti Virus budget”

“We are being overwhelmed by governance”

“The complexity of new IT systems exceeds our capacities to secure them”

The security cost curve?

Operations New Opportunity cost

Systems

Perimeter

Data

Applications

Process

Systems

Perimeter

Data

Applications

Process

Systems

Perimeter

Data

Applications

Process

This is the security frontier

`The Frontier: Semantic Web

The Semantic Web is an evolving development of the World Wide Web in which the meaning (semantics) of information and services on the web is defined, making it possible for the web to understand and satisfy the requests of people and machines to use the web content

(wikipedia)

The Frontier: Social Networking

!   Gartner predictions: !   By 2012 more than half the people we communicate with in

our personal lives we will never have met face to face !   By 2012 Social Networking tools will have superseded eMail

for personal communications

!   New developments: Google Wave, Twitter Lists, search from Google and Bing

!   Legal implications unclear – what Wave document is legal?

!   Targeted SN attacks – while the individual gives away information. Privacy – yesterday Google modified their dashboard to provide users with privacy controls

The Frontier: Man Machine Interface

!   Shift towards more natural interface, with implications for an “engaged network” !   Microsoft Surface

!   Microsoft Natal

!   Emotiv

!   Nike Run

!   Information collection capabilities exceed our ability to manage the data about us (notwithstanding Google’s efforts)

The Frontier: Virtual Worlds

!   Virtual worlds most likely to evolve into business focused tools: Toyota, Wells Fargo, IBM, Cisco et al

!   Money laundering

!   Revenue streams: the hairdressers of the virtual world

!   Virtual worlds hint at a new reality: the intersection of technologies in which multiple personalities in multiple contexts become the norm.

The Frontier: Already Here

!   Service Oriented Architectures: !   Existing standards (WSS) address only part of the problem

!   Consider the privacy issues surfaced by Google Street Level View

!   Where does mashup liability reside

!   Cloud computing: !   Economics will drive IT into the cloud

!   Publicized security failures already: companies will be driven to lower their guards in order to remain competitive.

A Risk-Based Progression

Restrictions

Debate