Next Generation Threats and Utilising Artificial Intelligence and Big Data Analytics. Ian Glover

Transcription

1 Next Generation Threats and Utilising Artificial Intelligence and Big Data Analytics Ian Glover

2 The CREST Vision Not For Profit Organisation

3 Industry Support Research Guides Pen Testing Maturity Model

4 Social Responsibility Research

5 Current Research Activities SOC Accreditation Cyber Security Chartered Status Bug Bounty Wider Neuro diversity Dyslexia Penetration Testing Standards Social Engineering In Penetration Testing

6 Schemes Penetration Testing Cyber Security Incident Response (CSIR) Penetration Testing Threat Intelligence Penetration Testing Threat Intelligence NSA NSCAP CIRA (Cyber Incident Response Assistance) Penetration Testing Cyber Incident Response (CIR)

7 Reduce Threat Reduce Vulnerability Avoid Detect Recover

8 Reducing Threat Very Difficult

9 Reduce Threat

10 AI In Threat Reduction Artificial Intelligence is being used to combine huge amounts of threat intelligence Geopolitical Big Data Social Media Dark Web Company or Sector Target Information

11 Penetration Testing And Implementation Of Technical Standards Reduces Vulnerabilities

12 How To Decide What Level Is Required?

13 High Levels of Assurance. Aligned to industry Simulation of known industry threats Basic Levels of Assurance. Alignment with schemes such as Cyber Essentials. No specific industry orientation

14 AI In Vulnerability Assessment Very difficult to support the lower end of the market due to a lack of resource and cost Attack tools are more automated and sophisticated and therefore the analysis tools need to keep pace We need to assess outcome based results of tools (this needs to be the approach for other professions)

15

16 Cyber Essentials

17 Cyber Essentials

18 Evolve To Meet New Generation of Attack Tools

19 AI In Basic Cyber Hygiene We must be investing in new ways to combat the new generation of threats We might need to change the model of protection mafia against small shops is not a fair fight

20 Traditional Penetration Testing More Formally Link With Existing Security Standards

21 Establish Minimum Standards That Are Not Too Prescriptive and Can Evolve Quickly

22 AI in Security Management and Audit The concept of continual security management should the topic of research (monitoring policy compliance, security improvement plans, personal security compliance etc.) Traditional views of period audit should move towards continual audit Traditional audit firms are working our what this means to their business In cyber we could take a much more proactive approach in all of these areas

23 Critical National Infrastructure

24 Intelligence Led Penetration Testing Services Skill and knowledge of tester Up-todate incident data OWASP and other public sources Tools based on known vulnerabilities and attack vectors Target Environment Company Research Validation from peer groups and informal discussion forums Up-todate threat intel Published Cyber Threat Intelligence

25 Emerging Cyber Threat Intelligence

26 Evidence Based Contextualised

27 CBEST / TBEST

28 Critical National Infrastructure Potential Schemes Domestic + Space Emergency Services Water Civil Nuclear Energy Defence Chemical Transport Food Health

29 AI In Threat Intelligence AI (artificial and augmented) is the basis and the reason that the new Cyber Security Threat Intelligence industry exists an d is flourishing

30 Also Exercise Continuity Plans Against Real Life Scenarios

31 Detect

32 Continual Threat Monitoring

33 SOC Accreditation

34 SOC Accreditation Document Review On Site Audit Technical Evaluation

35 AI In SOC SOC utilise big data analytics Professionally run SOCs are already saying that they use AI The AI services should be used as a way of supporting the decisions of the SOC analysts and management

36 Invocation Before Attack

37 Heighten Awareness Configuration Review Update Penetration Test

38 Recover

39 Cyber Security Incident Response Again difficult to provide support at the lowest level AI utilised for malware reverse engineering Can we build AI concepts into CERTs Can we build AI into the information exchanges

40 AI In The Profession Existing CREST Qualifications Long Form Multiple Choice Practical Non Licence To Trade Fellowship

41 We Have A Skills Shortage! We need to upskill our existing workforce We need to encourage more talented people into our industry

42 All Professions Impacted by AI and Big Data Analytics

43 How does a market react to the need to upskill an exiting work force? How does a market react to difficulties in the recruiting talent?

44 Operated as an industry without Chartered status What has changed?

45 Balanced Assurance Programme Reduce Threat Reduce Vulnerability Detect Recover

46 Thank you