TechWeek News

Sample

02 Oct 2018

I'm committed to protecting our freedoms and way of life in cyber space

Cyber Security Consultant and PKI Specialist Frank Satterwhite is working for among others for NATO. As a key speaker at Cloud & Cyber Security Expo in Frankfurt, he will talk about people's important role for Cyber Security and offers exciting insights about this topic in this interview before.

Session details
Title: People: The key to a holistic, effective, security approach.
Location: Cloud & Cyber Security Keynote Theatre
Time: 10.15 - 10.40
Click here to register for your free ticket today!

Question: At Cloud & Cyber Security Expo, you will talk about people as key to a holistic, effective security approach. What are the main problems and why must the workforce become more educated?
Frank Satterwhite: Humans are an organizations biggest cyber security vulnerability. Making society in general more Cyber Aware is critical. That is why I have formed a strategic relationship with ISACA and I am an Authorized Trainer. Immediately when you think about Cyber Security Vulnerabilities, you imagine some terrorist cell controlling a botnet, initiating multiple attacks on its target. The truth is that scenario is the exception when it comes to which vulnerabilities are exploited most frequently. I believe that up to 90 % of Cyber Attacks can be traced back to malicious activities by insiders or human errors. And when you consider that technical staff such as IT Admins have extensive access to an organization's infrastructure, a small mistake can turn into something catastrophic. For example IT admins sharing a single root password and login across an entire organization's infrastructure. Once compromised the entire organization is compromised. Not smart. Education that provides both the theory and hard technical skills to protect must be prioritized by organizations. Hackers count on staff making mistakes to reach their objectives. And most of these mistakes are the ones that can be prevented through education.

Question: What else can companies and organisations do to minimize Cyber Security risks?
Frank Satterwhite: There are many things that an organization can do to minimize Cyber Security Risks. Remember though, every organization is different. The first thing is, with the support of Executive leadership, doing a comprehensive review of the existing Information Security Program. A key aspect of this review is a Risk Assessment. During the Risk Assessment the organization will go through the process of identifying, analyzing, and evaluating the risks that pose the greatest threat. Proper Risk Management ensures that the cyber security controls you choose are appropriate to the risks the organization faces. I have been fortunate in the last couple of years to connect with some organizations I feel have cutting edge cyber security technology and controls that significantly reduce the risk associated with Humans. I will talk about some very cool technology during my speech. Nerd talk is always fun!

 

Question: Can we expect an eternal race between Cyber attacking forces and Security Specialists?
Frank Satterwhite: Yes, Yes, Yes. In today's society the line between cyber space and modern society is blurred. We have seen political election outcomes influenced, personal identities stolen ruining lives, and businesses and organizations robbed of hundreds of millions of dollars. These crimes and threats to democracy, and are all done by anonymous criminals that often go without being held accountable. Cyber Attackers are motivated by many, many things, whether it be financial gain, political reasons, revenge, etc. These ever present motivations, that can be part of human nature, will always lead to more cyber attacks. I'm committed to protecting our freedoms and way of life in cyber space. And my commitment extends beyond being an Independent Consultant and Cyber Specialist for NATO and the Military. Defense and protection must extend to everyday life. There will always be a need for other security specialists who share this commitment. As long as there are criminals in the world that desire personal or political gain there will be a need for more Cyber Security Specialists. It's not a race, it's a marathon.

 

Question: Which could be major Cyber Security risks in ten years and which industries will be particularly at risk?
Frank Satterwhite: Much sooner than in 10 years unfortunately. I'm concerned with the Cyber Security risks associated with Artificial Intelligence(AI) and Industrial Internet of Things (IIoT). The misuse of AI could exponentially expand current existing threats. AI could create more bad actors that are intelligent enough to adapt and successfully navigate cyber defense mechanism and controls. Think how AI and underlying algorithms were used to profile and influence voters in America on Facebook. It is then logical to assume that AI could be used to quickly develop new social engineering attacks that identify a population and associated vulnerabilities. Another uncomfortable thought is that AI could be used to weaponize drones or military devices. I know this seems more like a Hollywood action film plot than a real world cyber threat, but the pace at which AI is developing makes this scenario realistic. Then consider Industrial Control Systems (ICS). Once upon a time, ICS operated, in its own silo. In this isolated environment requirements and solutions for Safety and Availability vs Confidentiality existed peacefully. Think the Operational IT environment that controlled Nuclear Power Plants. But the world has changed dramatically. Now an Operational environment has to be seen as an extension of the SOC. You can't just understand and defend against the risks of IIoT devices. A Holistic Approach is needed that also requires traditional information security professionals and operational IT security professionals to work together. The final Cyber Security Solutions must consider everything these IIoT devices are connected to. Because now you have smart devices and real-time intelligence straight from the plant floor - no more silos, and significantly increased attack surfaces.

 

Question: What can we do to make attacking a less profitable and rewarding business for attackers?
Frank Satterwhite: People must take steps to take more control over their personal data. Don't be so quick to put everything on Facebook or Snapchat. Back up your data and securely store it.  Regularly change passwords, and do not change passwords on public networks without security keys. I think developing and following good data privacy policies and practices can significantly lower the profits of criminals.

View all TechWeek News
Loading

Twitter

Sponsors

VIP-Lounge Sponsoren



 

Innovation Sponsor


 

Platin Sponsoren


 

Gold Sponsoren


 

Silber Sponsoren



 

Registration Sponsor



 

Theater Sponsoren



 

Partners

HEADLINE PARTNER

Reisepartner

Reisepartner


 

EVENT & CONTENT PARTNER




 

MEDIEN & CONTENT PARTNER


 

MEDIEN & Content Partner

Security Education Partner


 

EVENT PARTNER


 

EVENT PARTNER


 

MEDIEN PARTNER


 

MEDIEN PARTNER

MEDIEN PARTNER

MEDIEN PARTNER

MEDIEN PARTNER

 

MEDIEN PARTNER



 

MEDIEN PARTNER



 

MEDIEN PARTNER




 

MEDIEN PARTNER




 

MEDIEN PARTNER




 

MEDIEN PARTNER




 

MEDIEN PARTNER




 

MEDIEN PARTNER




 

MEDIEN PARTNER




 

MEDIEN PARTNER

MEDIEN PARTNER

MEDIEN PARTNER

MEDIEN PARTNER

MEDIEN PARTNER

Partner


 

Medien Partner


 

Security Education Partner


 

Medien Partner


 

Testimonials

  • „Ich komme schon viele Jahre zur Ihren Messen und auch dieses Jahr wurde wieder eine große Auswahl an Vorträgen angeboten, deren Vielschichtigkeit ich sehr wertvoll finde. Man nimmt hier so viele Gedankenanstöße und Impulse mit.“
    Ergo Direkt - Speaker Generation Systems
  • „Insgesamt fand ich die TechWeek sehr informativ und ich würde auch nächstes Jahr wieder teilnehmen. Mein Ziel ist es den Markt etwas zu evaluieren und mir die Anbieter anzusehen. Aber auch die Vorträge fand ich sehr interessant bezüglich neuester Technologien, vor allem um Ideen für die eigene Umsetzung zu sammeln.“
    MDM Deutsche Münze - Head of BI
  • „Auf der TechWeekl können wir gezielt und branchenbezogen Kunden ansprechen und auf diesem Weg ist es natürlich einfacher den Kontakt zum Kunden zu suchen. Für mich ist die TechWeek cool, laut und speziell.“
    Cubeware
  • „Ich finde es sehr überraschend, dass es so breit aufgestellt ist, vor allem, weil ich ohne Erwartungen hierher gekommen bin. Ich habe einen Business Intelligence und Devops Hintergrund und habe hier glücklicherweise viele spannende und für mich relevante Stände entdeckt.“
    Project Manager - Siemens
  • „Die TechWeek ist innovativ, visionär und neuartig. Man kriegt einen Blick in die Zukunft und denkt mit einer gewissen Offenheit.“
    Aviationscouts GmbH - IT Consultant
  • Ich bin schon länger in der Branche unterwegs und kenne mich dadurch natürlich gut aus. Alle, die im Bereich Technologie unterwegs sind und im Markt was zu sagen haben, sind auf der Tech Week vertreten.
    TechTarget GmbH - Sales Director
  • Die TechWeek ist innovativ, gelungen und international. Mann könnte sagen, sie ist eine Art Klassentreffen in der Technologiebranche.
    Corning Optical Communications GmbH & Co. KG - Key Account Manager
  • Wir sind schon seit Jahren dabei und haben auch dieses Jahr natürlich nicht verpasst. Wir treffen hier auf unsere Kunden und Neuinteressenten und treiben auch unsere Produktentwicklung voran.
    1&1 IONOS - Senior Commercial Product Manager
  • Die Messe wird von einem guten Publikum besucht und es werden viele unterschiedliche aber eben auch relevante Themen angesprochen. Für uns ist sehr wichtig, dass Entscheidungsträger anwesend sind mit denen wir interagieren können. Dafür ist die Messe besonders gut geeignet.
    TeamViewer GmbH - Senior Product Marketing Manager Enterprise
  • Wir stellen in ganz Europa auf der TechWeek aus und sind jahrelanger Partner, deshalb sind wir auch dieses Jahr dabei. Die TechWeek zieht ein gutes Publikum an und das war auch immer in den letzten Jahren so. Wir haben hier einen schönen Stand, es ist ein gutes Programm und viele Vorträge.
    NTT Communications - Marketing Director