Outlook Briefing 2016: Cyber Security
- 1. Outlook Briefing 2016: Cyber Security Charles Lim Senior Industry Analyst, Cyber Security - Digital Transformation Practice Frost & Sullivan Asia Pacific Charles.Lim@frost.com
- 2. 2 What happens in an Internet minute?
- 3. Proliferation of Cyber Attacks in 2015 targeted popular services Data is the new gold, inability to secure them leads to distrust in services 3 Uber accounts have been hacked and are being used to secure rides in China without their consent or knowledge Apple had to remove more than 300 apps from its app store infected by xCodeGhost malware, affecting 500 million users In the week of Black Friday, Amazon has reportedly begun forcibly resetting some users’ passwords over concerns about a major breach. 54% of security professionals view social engineering attacks through phishing emails as the top threat technique that they have encountered Over one thousand email addresses and passwords from Spotify were possibly leaked LinkedIn encountered a major breach of its password database - a file containing passwords using “linkedin” appeared in an online forum A security researcher discovered a way to perform remote code execution and retrieve confidential data from Instagram and Facebook Twitter emailed more than 20 users, warning them they may have been targeted by hackers ‘possibly associated with a government’ A Vine star who makes £2,000 per second from his posts claims he has been hacked, with all of his videos deleted from his account Google Malaysia’s site was hacked; visitors were re-directed to a hacker’s webpage Hackers claiming to be working on behalf of ISIS took over the Twitter and YouTube accounts of the United States Central Command All of these attacks occurred in 2015 Compromised Skype users reported that malicious links and messages were sent to their contact list
- 4. Cyber attacks – fueling the international crime scene, online 100MMore than 100 million health care records compromised in 2015. Medical records are worth 10 times more than credit card information in the dark web.
- 5. Cyber attacks – the channel for making a statement 602GbpsOn 31st Dec 2015, BBC received a 602Gbps Distributed Denial of Service (DDoS) attack, the highest ever recorded in history. New World Hacking, who claimed responsibility announced that it was a test of their power. Their main target are ISIS websites. 25GB LEAKEDThe Impact Team stole more than 25GB user data from adultery website, Ashley Madison and released the information on 18th August 2015. The original intention was to force Avid Life Media to shut down the website, and stop online adultery.
- 6. “Indonesia experiences around 50,000 cyber attacks every day. That makes it the second-most targeted country for cyber attack after Vietnam.” - Yono Reksoprodj, advisor to Minister for Political, Legal and Security Affairs Tedjo Edhy Purdijatno Speaking on Indonesia’s National Cyber Agency 8th Jun 2015 >50,000 ATTACKS
- 7. “We don’t believe any cyberdefense is fail proof. But a strong, well thought out strategy, coupled with a rapid ability for a bank to understand when its systems have been maliciously penetrated and swiftly take the necessary actions, such as isolating the attack, is key to a successful cybersecurity strategy.” - Stuart Plesser, Standard & Poor’s Press statement pertaining to possible downgrade of banks’ ratings, if it is believed to be ill-prepared to withstand cyber attacks. 7
- 8. The need to focus on Industrial Control Systems Security as priority 8 Security Challenges within Internet of Things Source: Frost & Sullivan Connected cars has been proven to be hacked in recent times, however the actual impact is to the driver’s safety and are at a very nascent stage of security that is acted now by automobile manufacturers. Connected homes, which are developed with the use of smart consumer appliances such as wireless fridges, lighting, and thermostats have limited impacts and are not desirable targets. Industrial Control Systems, which automates most critical infrastructures are now going through an active transformation to connect to the Internet, and have been victims of attacks, extortion where any successful attack will cause a severe impact to citizens nationwide.
- 9. Cyber Attacks Shift Towards Physical Systems Industrial Control Systems in operational technology creating new points of vulnerabilities 9 97% 3% Number of Internet-connected ICS devices, August 2015, Asia Pacific Connected Devices Vulnerable Devices Source: Asia-Pacific Industrial Control Systems Security Report, Frost & Sullivan N=3087 BLACKOUTto thousands of homes in Western Ukraine, using the BlackEnergy malware to attack electric substations. it was reportedly developed by Moscow-backed group, Sandworm on 23rd Dec 2015. Subsequently, its Kiev Airport was attacked by the same malware during Jan 2016. Investigations are ongoing.
- 10. Case analysis – Industrial Control Systems Security The need to protect SCADA (Supervisory Control and Data Acquisition) systems beyond the “air gap” concept has been elevated since the 2011 Stuxnet APT attack. Critical infrastructures using ICS systems and needs to raise the awareness and knowhow of how to protect these systems as a priority when these systems get connected to the Internet. Present: “Air Gap” Future: The Internet Human Machine Interface (HMI) SCADA, PLCS Speed: 500 r/min Business networks, connected to the Internet Industrial networks that runs on local area networks separated from the Internet, however still vulnerable to attacks Stuxnet malware installed in USB drive External contractors’ laptop Information Technology Operational Technology Graphic source: Vector Open Stock 10Source: Frost & Sullivan
- 11. Operationalizing the 3C’s for Cyber Security Cyber Resilience Risks & Business Impacts Cyber Intelligence Knowledge and correlation of all threats in the organization Cyber Protection Building the right prevention base “Security by Design” 11Source: Frost & Sullivan
- 12. Threat Response Adaptive Core Ecosystem (TRACE): Identifying the essentials Frost & Sullivan believes that adopting a platform approach can operationalize the vision of a holistic security strategy, comprising the right balance between security mindsets, tools and skill sets. Access Management Endpoints Web Assets Cloud App Security Content Integrated Security Appliances Advanced Threat Prevention Human Factor Mitigation Vulnerability Management Security Analytics T R A C E 12 Source: Frost & Sullivan
- 13. Projected growth of security solutions in ASEAN, CY2015 (CAGR=20.8%) Managed Security Services Market Forecast Analysis - 5.0 10.0 15.0 20.0 25.0 30.0 0.0 100.0 200.0 300.0 400.0 500.0 600.0 2014 2015 2016 2017 2018 2019 2020 Revenue($Million) GrowthRate(%) Note: All figures are rounded. The base year is 2013. Source: Frost & Sullivan analysis.
- 14. Projected growth of security solutions in Indonesia, CY2015 (CAGR=27.1%) Managed Security Services Market Forecast Analysis - 5.0 10.0 15.0 20.0 25.0 30.0 35.0 40.0 0.0 10.0 20.0 30.0 40.0 50.0 60.0 70.0 2014 2015 2016 2017 2018 2019 2020 Revenue($Million) GrowthRate(%) Note: All figures are rounded. The base year is 2013. Source: Frost & Sullivan analysis.
- 15. Network security adoption in Southeast Asia 0.0 20.0 40.0 60.0 80.0 100.0 120.0 Rest of ASEAN Philippines Vietnam Thailand Indonesia Malaysia Singapore CY2015 Q3 YTD CY2014 Total Network Security Tracker, 2015 QTD Market Size (US$, M) Indonesia achieved one of the highest growth rates at 30% YoY (Q3 QTD) Indonesia Network Security, Indonesia (US$, M) 2014 Q3 QTD 2015 Q3 QTD
- 16. N = 13,930 qualified information security professionals globally. 10% of respondents are Asia Pacific 44% 49% 52% 72% 75% Automated identity management software Web security applications Policy management and audit tools Improved intrusion detection and prevention technologies Network monitoring and intelligence Top 5 Technologies that Significantly Improve Security (Percent of Survey Respondents) 18% 23% 35% Use of Advanced Analytics for Detection of Advanced Malware (Percent of Survey Respondents) No Plans Evaluating or Selecting a Solution(s) Implemented or Implementing 2015 (ISC)2 Global information Security Workforce Study by Frost & Sullivan
- 17. 17 “How do you really handle all these… big data?” - VP for Security Infrastructure, leading telco provider, Indonesia “We have figured out using using our own designed algorithms across collected logs, to decipher insider threats” - Chief Security Officer, leading technology vendor Opinions from the ground
- 18. Observation of trends in Security Analytics market Observations in the security analytics players in APAC Sold off their IPS offerings, may focus in other enterprise security products such as SIEM tools Integration with endpoint security, correlation of packets and logs Launch of X-force exchange, integration of product and services business units
- 19. Observation of trends in Security Analytics market Observations in the security analytics / threat intelligence players in APAC Focus on forensics and incident response capabilities User behavior analytics using machine learning systems and algorithms to identify fraud Correlation of business and security intelligence. Position to block against APT attacks
- 20. Empowering the cyber defenses in Indonesia Frost & Sullivan’s End User Research and Advisory Practice Circular, 4G LTE Vulnerability Research papers – Frost Industry Quotient (FIQ) and Market insights Threat Intelligence AlertsCyber Security Threats and Solutions Briefings
- 21. Cyber Security Outlook for 2016 Building the required capabilities for Cyber Resiliency 21 Improve Cyber Defense in Critical Infrastructures 1 Human expertise and foster collaboration 2 • Increase of Cyber Security Operation Centers in the Critical infrastructures. • Compliance guidelines to ensure cyber resiliency in both business (IT) and operations (OT) 3 How companies are respondingHow companies are responding • Cyber security training • Sharing of intelligence amongst industries • Setting up cyber security committees Build a holistic defense beyond the organization • Vendors/contractors to meet security standards in the process of mitigating chain- of-trust attacks.
- 22. Cyber Security Outlook for 2016 Building the required capabilities for Cyber Resiliency 22 Investments into analytics to improve accuracy and speed 4 5 • Big data analytics for multiple sources of threat feeds will become the common concern and more accurate judgment through automated algorithms will be needed. 6 How companies are respondingHow companies are responding • Enterprises will switch from ‘adopting cyber security for their cloud setup’ to ‘adopting cloud as part of their cyber security strategy’. Convergence security concepts to be introduced • Convergence of threats & detection of fraud between physical and cyber systems • Developments of convergence security in smart cities. Adopting cloud security as a strategy
- 23. Frost & Sullivan, the Growth Partnership Company, works in collaboration with clients to leverage visionary innovation that addresses the global challenges and related growth opportunities that will make or break today’s market participants. For more than 50 years, we have been developing growth strategies for the Global 1000, emerging businesses, the public sector and the investment community. Is your organization prepared for the next profound wave of industry convergence, disruptive technologies, increasing competitive intensity, Mega Trends, breakthrough best practices, changing customer dynamics and emerging economies? www.frost.com