All presentations are held in English
Amar’s client profile includes News International (now News UK), Siemens, the BBC, Reuters, BP, ATOS, Gala Coral, Cable & Wireless, SABMiller and many more. Several of the world’s prestigious media organisations and publications regularly seek and publish Amar’s counsel and guidance, including: The BBC, Financial Times, Al Jazeera, The Economist, The Guardian and The Daily Telegraph The Economist’s Intelligence Unit (EIU) invited Amar to the London Stock Exchange to share his insights on information risk management Amar launched The Financial Times’ CISO video series Amar has featured in a number of prestigious publications including: Institute of Chartered Accountants for England and Wales The Counter Terror Business Magazine Regular contributor to publications including Computer Weekly, SC Magazine, InfoSec and others Featured on the cover of SC Magazine
Now or Never! Why we need to get Cybersecurity right today!
There is no going back now. No turning the clock back. Cyberspace, the Internet, the connected world – call it what you may, is increasingly becoming an integral part of our daily lives.
Furthermore, the line between virtual cyberspace and the real world is starting to blue as cyber attacks start to impact the physical world. In the near future, our very lives will depend on the security, the stability and the integrity of our connected world. Ignoring the safety of Cyberspace will have dire consequences wrong may have long standing consequences to our lives. It’s now or never.
Why the CISO should report to the board – based on the example of an Incident Response Approach to Cyber Attacks
Everyone’s talking about incident management but is anyone actually doing it right? Or are you not able to do it right because you don’t get the needed support from the board?
Join Amar Singh in an interactive workshop where you will work to map out and create a live cyber incident response plan. This is your chance to get involved and share your insights and experience and learn from your peers. In addition you will get valuable insight how you can reach the appropriate attention from your management.
Safe Harbor, Privacy Shield and Espionage: go Cloud or stay home?
“I have nothing to hide” is one of the common answers if you talk about data privacy. “We will screen what we get” seems to be the approach of secret services all around the globe. It was already tough to stay in control of your company internal digital assets. And now they are moved to the cloud. Who has access, who has control? How can I stay compliant with data privacy requirements or other regulations.
The key note tries to provide an overview of current challenges as well as an approach that we call “customer enforced trust”.
Steve has considerable experience working in the technology and telecoms markets and was previously senior vice president at Gartner. He has served as an executive on the boards of public companies in the UK and Asia in both the technology consultancy services and software applications development sectors.
Steve has also served as a Digital 50 advisory committee member in the United States, a body established to improve the talent pool for Fortune 500 boards around cyber security and information governance. He was ranked as one of the top 10 individuals shaping the way that organizations and leaders approach information security careers in 2014. Steve is currently chairman of the Digiworld Institute senior executive forum in the UK, a think tank comprised of Telecoms, Media and IT leaders and regulators. He is a Chartered Marketer and a Fellow of the Chartered Institute of Marketing.
The emerging threat landscape: how to keep ahead in cyberspace
As information security threats intensify, organisations risk becoming disoriented as they grapple with complex technology, an explosion of data, increased regulation, and a debilitating skills shortage.
Prompt action is required to interpret an increasingly complex threat horizon which could place organisations and their goals at risk.
He is sought after for comment by the world’s leading media such as Wall Street Journal, New York Times, Washington Post, Forbes, Fortune, BBC, Süddeutsche Zeitung, USA Today, Associated Press, Guardian, and Telegraph along with security press including SC Magazine, Dark Reading, and Network World.
World at a crossroad – “Will we be able to secure our cyber world, or not?”
A new perspective and approach
All signs point to a future world of more complex and harder-to-detect cyber threats. How can we defend our business if we don’t know what is friend or foe, trusted or not, as perimeters fade, software growth explodes, DevOps moves faster, and security controls fail? Already 8 out of 10 European CIOs believe the investments we’re making in traditional security solutions are not working.
The foundation of cybersecurity in our organisations are the tens of thousands of keys and certificates the authenticate and encryption communications for websites, virtual machines, software, mobile devices, containers and cloud servers. Protected, they ensure trust and privacy in digital communications and connections. But if just one critical key or certificate is left unmanaged or unprotected, the entire cybersecurity foundation is placed in jeopardy.
With Gartner expecting 50% of network attacks to come over encrypted TLS traffic by 2017 and certificates of all types the interest of cybercriminals and governments, it is essential that keys and certificates are managed and protected in the datacenter, on desktops, on mobile and IoT devices, and in the cloud.
Discover a new approach to thinking about cybersecurity, so you strengthen all the security controls to protect customers, business, data and brand.
Prior to Zscaler, Manoj held engineering and product line management positions at Juniper Networks, where he created and launched Juniper’s 10G IPS (Intrusion Prevention System) appliance. Prior to Juniper, he worked on real-time embedded platforms at various companies.
Manoj holds more than a dozen patents and has contributed to the Cloud Security Alliance since its initial charter. He earned a PhD in Real-Time Embedded Systems from Mississippi State University and holds a B.Tech. in Aerospace Technology from IIT Bombay.
Transforming network infrastructure and Internet security for a changing business-world
Today, the IT landscape has dramatically shifted. Users are on the road and connected everywhere, data is moving to cloud applications, mobile and personal devices are always on and rarely controlled, and the Internet-of-Things is becoming reality. All of this is putting huge pressure on traditional appliance-based security infrastructure.
The challenge is that hackers understand these trends, and have shifted to attacking the end users as the easiest target. Users are now the primary vector for bringing malware into a company. In the age of the disappearing corporate perimeter, how can enterprises protect all users, apps and devices, wherever they are?
This presenatation covers:
He has a wealth of experience in IT Security, Networks, Datacenter and E-Business. He has worked for different companies, including Internet startups, Carriers and IT-Integrators in various roles such as Systems Engineering, Presales, Project Management, Engagement Management and Solution Engineering.
The Future of Web Attacks
Web security threats are constantly evolving. Understanding the sources and attributes of emerging DDoS and Web Application threats can help you to protect your enterprise from web attacks and vulnerabilities. Get insights into the latest DDoS and web application attack trends including complete quarter-over-quarter and year-over-year statistics as well as analysis of emerging trends and threats.
The presented, quarterly security reports from Akamai are based on data collected during recent cyber-attacks against the global Akamai customer base. Through data forensics and post-attack analysis, Akamai presents a global view of attack trends and new cybersecurity threats to enable businesses to make intelligent, strategic decisions.
This report results are a conclusion out of 15%-30% of the worldwide web traffic, from trillions of Internet transactions each day and 40-50 mitigated DDoS attacks per week as well as hundreds of millions analysed IP addresses each month. This allows to gather massive amounts of data on many metrics related to the origins, tactics, types, and targets of recent DDoS and web application attacks and identify emerging DDoS trends.
Social Engineering: lessons learnt from history
In this lively presentation, Andrew will use the analogy of the high street bank to share learnings from security principles of the past that are still valid today.
With real examples of social engineering and high profile hacks, Andrew will explain why good security is easy with solid foundations in place. He will share insight and tips of where to start with a defense in depth security strategy that really works in the ongoing quest against cyber threats.
Recently, he was researching advanced Intel security-related technologies, particularly TXT and VTd. He is also the author of libnids, a low-level packet reassembly library. He holds a Masters Degree in Computer Science from the University of Warsaw.
Lessons learnt from the history of vulnerabilities in hypervisors
Hypervisors have become a key element of both cloud and client computing. It is without doubt that hypervisors are going to be commonplace in future devices, and play an important role in the security industry. In this presentation, we discuss in detail the various lessons learnt whilst building and breaking various common hypervisors. In particular, we take a trip down memory lane and examine vulnerabilities found in all the popular hypervisors that have led to breakouts.
One of the key value propositions of hypervisors, as they relate to security, is to shrink the attack surface. However, in the quest for new features and functionality some trade-offs are made, which can prove to be fatal. While discussing the particular problems, we will examine what the strong (and weak) security-related features of hypervisors are.
We compare the attack surface of hypervisors with that of user mode applications and operating systems kernels, and show that the purpose and design of the hypervisor significantly changes its attack surface size. Most importantly, we make a fact-based argument that many hypervisors aren’t designed with security in mind.
We show how superfluous code and poor design can be punished by demonstrating real examples of hypervisor breakouts. The presentation ends with lessons learnt, and recommendations for hypervisor design and approaches that can be taken to harden them.
Rene’s function covers the WW Datacenter Strategy and definition of Cisco’s go to market strategy for our Sales Field Forces as well as Field Engineering education, Datacenter Strategic Accounts and Key Project support in the Commercial, Enterprise, Public Sector and Service Provider market segments. In addition, Rene is responsible for a gateway function towards the Datacenter Business Unit divisions, in order to ensure that Cisco’s customer requirements are represented and fulfilled in product development.
His span of responsibility also covers internal field engineering education, partner technical readiness, and representation of Cisco’s Datacenter technologies in key marketing initiatives; technical seminars, press and thought leadership writing datacenter publications.
Additionally, Rene is an official and voting IEEE member, actively representing Cisco, and develops new Datacenter standards, such as IEEE-802.1BR (Virtual Bridge port Extension).
Rene is one out of 10 Cisco Datacenter Patent reviewer and one of the Key Datacenter Architects in Cisco, having been recognized for excellence awards on several occasions.
Have you ever heard about how to achieve and simplify compliance through policy abstraction and modeling?
In this session we will introduce a new and revolutionary architectural security approach to achieve and simplify datacenter security and compliance through policy models. Policy abstraction and policy modeling will help you to gain another level of security in a simplified way.
Learn how a white listed fabric architecture is capable to deal with any workload and/or any application independent OS, Hypervisor or a bare metal approach. Based on various scenarios we will show attribute based, zone based, and micro-segmentation based isolation examples, covering inter- as well as intra-cluster communication.
These session will end by introducing a completely new approach for analytics and end-to-end application visibility with unprecedented performance and scalability criteria. This is especially useful for ADM “Application Dependency Mapping” as well as for security prevention capabilities; predict/detect/protect/remediate.
The objective is to make ENISA’s web site the European ‘hub’ for exchange of information, best practices and knowledge in the field of Information Security. This web site is an access point to the EU Member States and other actors in this field. ‘ENISA – Securing Europe’s Information Society’.
More information at https://www.enisa.europa.eu/
Panel Discussion: Spot on cyber-threats
ENISA invites international cyber-threat intelligence and analysis stakeholders to debate on hot topics in the field. In particular, aspects of usability, presentation and standardisation of cyber-threat information will be discussed. This discussion will also refer to trends in the area, as well as the role of various market and statutory players.
Interesting topics for this discussion (indicatively) include: improve access to threat information, presenting threat information, developments in related protocols (STIX, TAXII), exploiting the Dark Net, threat agent modelling, end-user needs, tools, etc.
For this panel, ENISA has invited its threat landscape stakeholder group consisting of internationally recognised individuals in the area of threat intelligence. The members of the ENISA Stakeholder group are: Paolo Passeri, System Engineer, Consulting, UK -Pierluigi Paganini, Chief Security Information Officer, Telecoms, IT – Paul Samwel, Lead Security Architect, Banking, NL – Tom Koehler, Executive Vice President, Consulting, DE – Stavros Lingris, IT-Official, CERT, EU – Jart Armin, Internet Security Researcher, Worldwide coalitions/Initiatives, International – Thomas Haeberlen, Federal Office for Information Security, DE – Neil Thacker, Information Security & Strategy Officer, Consulting, UK – Margrete Raaum, Leader, CERT, NO – Shin Adachi, Security Analyst, US – R. Jane Ginn, Consulting, US.
For this panel, ENISA has invited members of the landscape stakeholder group. Contributions from Jane Ginn, Thomas Haeberlen, Stavros Lingris, Paul Samwel, Pierluigi Paganini, Neil Thacker and Jart Armin are planned. Louis Marinos, ENISA will moderate the discussion.
The event is structured in two units: in the first hour, panellists will present their position statements on issues and trends in the area of cyber threat intelligence. After the break, the discussion will address topics and questions brought up by the participants.
Cloud First Security Resilience: Considerations and Solutions
We truly live in a cloud-first world: CIOs believe that 2016 will be the year when more IT services live on the cloud than on-premise for the first time.* Maintenance, cost and accessibility benefits should not come at the expense of security and regulatory mandates when moving infrastructure and applications to the Cloud. Join this session to accelerate your understanding of the security issues and solutions tied to the adoption of cloud services and applications, such as Office 365 and others.
* IDG Enterprise survey of IT buyers, reported in CIO Magazine November 19, 2015
Simon brings a wealth of experience from over 25 years in the IT and security industry and before joining Fortinet, held engineering and product management positions in a variety of vendor, integrator and end user companies.
The current threat landscape and how to deal with it
This presentation reviews some of the headline security events of recent months, then asks what can be learned from them.
After looking at some of the trends and directions that today’s attacks are taking, we will look at key challenges facing the enterprise, and how they can be addressed by leveraging the latest developments in security technologies, combined with constantly updated threat intelligence.
Fully automated discovery of vulnerabilities in Android apps
Android is the prevailing mobile operating system accompanied by more than 1.6 million apps available at various online market platforms. To protect against malicious or vulnerable apps, Android comprises a mainly permission-based security model and some, but opaque security checks conducted by Google Play.
However, the Android security model is a moving target and updates of the Android framework have introduced thousands of security relevant changes in the past. Under these conditions, assessing the security of an app according to userspecific requirements is hardly possible. This talk will shed some light on complex vulnerabilities in Android apps and ways to discover them automatically.
Threat Predictions Cyber Threat Landscape 2016
During this session Rolf Haas, Enterprise Technology Specialist for Intel Security EMEA, will reflect on the informed opinions of 33 Intel Security thought leaders, the report illustrates short- and long-term trend implications for organizations working to keep pace with business and technology opportunities, and the cybercrime community that threatens them.
Classify or Die
Sensitive data is used and stored on-prem, on mobile devices, and in the cloud. Data loss prevention solutions have to be adapted accordingly to the new challenges. With digital rights management (DRM) data can automatically be classified and protected on generation or edit. E-discovery capabilities from DRM allow to track who got access to such data by when and where. Unlike other technologies, the classification and encryption are intrinsically linked with the respective data and thus provides a continuous and transparent protection to the user, regardless of data transmission or location.
The presentation shows the need to classify and protect data as requirement for Data Loss Prevention, Secure Collaboration and the step into the Cloud – more information at https://www.keyon.ch/de/News-Medien/2015/keyon-classify-or-die.pdf
He has spoken at Black Hat, DEFCON, RSA, CCC, SyScan, CHES. He initiated the Crypto Coding Standard and the Password Hashing Competition projects. JP co-wrote the 2015 book “The Hash Function BLAKE”, and tweets as @veorq.
Quantum computing and post quantum crypto
Abstract: We’ve heard about hypothetical quantum computers breaking most of the public-key crypto in use and we’ve heard about “post-quantum” systems that would resist quantum computers. The NSA wants to move to post-quantum crypto and NIST will organize a contest for new postquantum cryptosystems.
What does that mean? Should we be scared? What’s a quantum computer in the first place? This talk will give you honest answers to those questions based on the latest research. After this talk you’ll be able to better assess the risk of quantum computers, to debunk misleading claims, and to ask the right questions.
In 2007 he joined SURFnet as the architect and technical product manager of SURFfederatie, the national infrastructure for federated Single Sign-On for the research- and higher education community in the Netherlands. Since 2011 he joined Ping Identity and works on Single Sign-On, Cloud Identity & Access Management and large scale deployments of federation technologies such as SAML 2.0 and OpenID Connect.
From WAM to FAM – the Evolution of Access Management
How Modern Access Security Works
In today’s business, your users, their devices and your applications have moved beyond the confines of the firewall and into a whole new borderless world of unsecured networks. At the intersection of mobile, cloud, and the Internet of Things, the only way to truly secure your enterprise is by ensuring that only trusted employees, partners, and customers access the right applications using trusted devices. But traditional WAM offerings don’t provide the security and protection necessary.
In this breakout session, learn how to bring your access management solution into the new millennium. We’ll explore the key benefits of modern access security:
We will also demonstrate how to turn technology into solutions with a consulting methodology that quickly, comprehensively and independently discovers the opportunities of Cloud Access Management for your business, involving all relevant stakeholders.
Prior to creating ProtonMail, Andy was a particle physicist at CERN working on the Large Hadron Collider, the world’s largest particle accelerator. Andy received his PhD in Physics from Harvard University, where his research focus was on supersymmetry and scientific
Switzerland under attack: Lessons from the ProtonMail DDoS attack
In November 2015, the ProtonMail secure email service was affected by one of the largest and most sophisticated DDoS attacks to ever hit Switzerland. The large scale attack impacted ISPs as far away as Moscow and made headlines around the world.
In this presentation, Dr. Yen describes how ProtonMail and Radware’s Emergency Response Team (ERT) worked together to mitigate the attack and put together a comprehensive, long term solution.
DDoS is a growing threat faced by companies in Switzerland and careful planning and preparation is required to mount a successful defense. Key considerations to keep in mind when designing a comprehensive DDoS solution are discussed, along with unique insight gained from the ProtonMail attack.
Moving Cybersecurity Focus From Prevention to Detection & Response
Incident Detection & Response is a growing challenge – security teams are often understaffed, the attack surface for intruders is expanding, and it’s difficult to detect stealthy user-based attacks. In a recent survey, 62% of organizations report receiving more alerts from their monitoring solutions than they can handle.
Join Pim van der Poel at Rapid7, to discuss:
Prior to joining Resilient Systems, Mr. Jacobsen was the Managing Director, Central EMEA for Qualys. He has considerable experience in the European information security industry and has held management positions at Varonis, McAfee and Safeboot. Mr. Jacobsen has a Diploma from the University of Frankfurt in Business Administration.
Cyber Resilience – Industry Best Practice in Managing Security Incidents
It is impossible to stop all cybersecurity attacks, therefore companies need to improve at handling and recovering from cybersecurity incidents. This ability to recover is known as ‘Cyber Resilience’.
This session will look at the latest research from US and European companies into their state of cyber resilience, as well as industry best practice and key indicators for companies to consider in improving their cybersecurity readiness.
Before he joined EMC in 2012 he was 12 years with Cisco. Ralf holds degrees in telecommunications and economics (Diplom-Ingenieur/Diplom-Wirtschaftsingenieur). He specialized in Security, Information Technology and Finance.
Modern Cyber Risks – why traditional security methods are falling short
To detect advanced cyberattacks, traditional approaches based on logs need to be combined with other data types such as network packet, endpoint, and cloud data. To discover attacks missed by log-centric SIEM and signature-based tools, correlation of network packets with other security data is a modern way of detection and protection.
To be one step ahead it is crucial to implement complete visibility to detect, investigate, and take targeted action against even the most advanced of attacks – before they can impact the business. The presentation gives an overview about most relevant critical success factors to defend against most recent cyber threats.
He studied Physics at the University of Hamburg and made his PhD in Physics at the Humboldt University Berlin. After this, a Position at the University of Iowa based at CERN followed as the convener of the Performance Management Board for the software in the ATLAS Science Collaboration.
Hidden Information in the DNS Protocol
The Domain Name System protocol (DNS) is one of the most commonly used protocols in IT infrastructures. This protocol is also used for sending private information, such as credit card details, to third parties in the payload of DNS packages. One can also set up a communication with hidden data packages via covert channels.
In company networks with high numbers of participants, it is very difficult to monitor and classify the DNS requests and replies in order to find those being used for illegal purposes.
We present an approach for calculating evidence of hidden information within the DNS protocol.
Putting Identity @ the Center of Security
As security professionals, are we doing enough to secure the modern enterprise? With the increasing challenges around cloud and mobile, the security perimeter is becoming harder to define. Traditional security models must evolve away from network and account-centric controls and focus on identity, in order to fully understand and minimise the risk to the enterprise.
The session will discuss the importance of this evolution, and how security focus areas such as SIEM, DLP, PAM, MDM, GRC, etc. can all benefit from the concept of identity. It will show how SailPoint is tackling this issue from a practical perspective across both structured and unstructured data environments, through it’s comprehensive solution set, integration capabilities and industry partnerships.
Marcel has been responsible for the design of semiconductors and software for consumer and automotive electronics, including industry leading digital transmission protection such as DTCP, Apples MFi and Microsoft’s digital rights management.
Where are your keys?
How to securely protect your certificates, authentication keys and Passwords
“Encryption works!”, Snowden famously declared, so attackers preferably go after passwords, authentication and encryption keys, and certificates. Unfortunately, these keys maybe generated by bogus key-generation units, are floating around in the processor memory of the server, and are permanently stored somewhere in the filesystem or databases such as keychain, keystore, certificate manager, or just the browser itself. Anybody getting access to the server may alter or export these files. The security of applications based on SSL, Public Key Infrastructure (PKI), or Active Directory/Open Directory is affected.
In his talk Marcel Dasen will present different systems managing keys and corresponding vulnerabilities. He will then make the case for a hardware based keystore using a hardware security module (HSM) and show how the MS-PKI System can efficiently be secured by attaching it to an HSM.
Re-active Vulnerability-Scanning was yesterday – The evolution of Vulnerability-Management
Vulnerability Scanning is an important and widespread method to identify vulnerabilities in company networks. Usually, scans are done according to a scanning-schedule in a predefined network environment, which inevitably leads to “blind spots“.
In this presentation you will learn how Vulnerability Management moved away from being a re-active method that merely provides snap shots of the network, towards pro-active Continuous Network Monitoring that gives you a complete picture of the network at any time and helps you avoid exploits and data leaks.
Prior to joining TITUS, Craig ran HP Enterprise’s Information Governance software business in EMEA. He has an extensive background as a technology and business consultant in the Information Management space, previously working for such companies as Documentum, Open Text and Getronics. Craig regularly speaks at industry conferences and roundtables.
Tackling Insider Threats with Data Discovery and Classification
There are many ways that sensitive information can be leaked from organizations, however the insider threat remains the hardest to quantify and resolve.
Organizations often become hung up on using technology to combat external breaches, and the insider threat doesn’t get the attention it deserves. While a great deal of time and energy must be spent on trying to stop hackers who are maliciously and intentionally trying to steal information, another big challenge for IT security departments is the threat of authorized internal users who have legitimate access to sensitive information. Being able to accurately identify the sensitivity of corporate documents so that the proper controls can be enforced is a good start in addressing insider threats. Classification can help ensure that information is accessed by only the right people.
In this session, Craig Adams will review the challenges and strategies that organizations can use to effectively manage insider threats with data discovery and classification.
No Risk, No Test: Successful Security Testing with Risk-Orientation
Risk-based testing has a high potential to improve security and software testing as it helps to optimize the allocation of resources and provides decision support for the management.
The recent testing standard ISO/IEC/IEEE 29119 and the OWASP Testing Guide are therefore explicitly risk oriented. But for many organizations the integration of risk-based testing into an existing test process is a challenging task.
In this talk we present guidelines and experiences based on recent studies for the successful integration and application of risk-based testing.
His research interests are mainly in IT architecture management, data privacy and access control, electronic health record systems and model driven software development.
IT-Architecture Intelligence for Risk- and Security Analyses
Large IT-Architectures are complex beasts that make it difficult to understand the risk and security implications of their transitive dependencies.
In this talk we present our method and tool support to maintain a living IT-Architecture model that reflects the organization-specific assets of a company. This model can be used to perform analyses that were impossible before. Our talk targets security responsibles, enterprise architects and operations managers.
How do you spot the insider threat?
Insiders are the new malware. Nearly every major security breach starts with an insider, or an attacker using an insider’s credentials.
2015 was a remarkable year for insider threats. It’s estimated that the average organization suffered from 3.8 insider attacks last year and 45% of businesses can’t tell if they’ve suffered a breach.
In order to combat the insider threat, organizations need to shift their focus from the perimeter to their data itself.
Organizations have to face the new reality that it is not a matter of if they will be breached, but when they will be breached. Attackers are already inside – either rightfully as an employee or contractor, or through legitimate but compromised credentials as an outside hacker. Their presence on a network wouldn’t necessarily look suspicious to IT, but their activity would likely appear anomalous. Still, users’ behaviour on many internal systems is rarely monitored or analyzed.
This session will review a User Behaviour Analytics methodology for connecting disparate sets of data to detect signs of a breach, arrest the actions, and recover from the incident.
Attend this session to learn:
Before joining Vectra, Günter was CTO of Domain Services at NCC Group, where he drove strategy behind the company’s generic Top Level Domain (gTLD) program. He was also CTO at security consulting firm IOActive, CTO and vice president of research at Damballa, and chief security strategist at IBM. Günter is a widely respected authority on security issues and technologies and has researched, written and published hundreds of technical papers and bylined articles.
Originally, Günter had wanted to be an architect but he lost interest after designing retaining walls during a three-month internship. After that, he qualified as a meteorologist but was lured to the dark side of forecasting Internet threats and cyber attacks. His amazing ability to see dead people stoked an interest in history and first-millennium archaeology. Günter holds a Bachelor of Sciences degree in Applied Physics and Mathematics and a Master of Sciences degree in Atmospheric Physics from the University of Auckland.
In a World of 100% Encrypted Traffic, Who Wins?
Encrypted traffic continues to grow and will soon become ubiquitous, at which point direct inspection of the content layer becomes impossible.What current security technologies and approaches will fail, and when will their failure become noticeable? Some deep packet inspection approaches are already thwarted by encryption. When will it make sense to replace them? Do the bad guys win if everything is encrypted?
Certainly, being able to inspect the content layer makes things easier for non-obfuscated communications, but even if things are encrypted there are techniques and approaches that can separate out malicious and unwanted communications from legitimate business traffic.