Reducing Cyber Uncertainty

Transcript

1. The need for a structured and shared reporting framework to

   increase confidence in risk management

2. Too much uncertainty means we cannot make reliable predictions. The

   breach has both happened and not happened until it is observed.

3. We aren’t quite at the crystal ball and cutting up

   animals stage, but we’re only a little way ahead

4. ▪ If we want better predictions, we need better information

   ▪ To get better information, we need more and better descriptions ▪ To get more and better descriptions, we need the right framework and to use it

5. A reasonable start Need to be more extensive more precise

   standardised used

6. ▪ Observations we cannot accurately and precisely describe do not

   allow for good predictive models ▪ Good descriptions of attacks and incidents, reported effectively, let us start building forecasting models ▪ Forecasting models give us more accurate and testable predictions ▪ Testing our predictions lets us define how much uncertainty we have left, and improve our forecasting ▪ Cyber security weather forecasts would benefit everyone

7. Just a good framework doesn’t guarantee honest usage Central, anonymous,

   verifiable reporting is needed to give us data Hiding incidents increases uncertainty for everyone We MUST get better at information sharing to benefit everyone

8. ▪ The picture is bad ▪ The bad guys are

   better at sharing ▪ They’re keeping ahead of us ▪ We need effective collaboration ▪ We need to move cyber security from an art to a science