Conference on security/cybersecurity and privacy–DelosReyesAbstract
Wanted: A Revolution in Security Research
Gus de los Reyes, AT&T CSO R&D
Until fairly recently, security was in an uneasy, yet steady-state, balance with attackers. Devices, primarily PCs, were getting infected and conscripted into botnets, and relatively minor Distributed Denial of Service (DDoS) attacks were occurring on a regular basis. But this steady flow of attacks did not significantly interfere with the ability to do business on the Internet. This all changed fairly suddenly with some highly publicized Advanced Persistent Threat (APT) attacks in 2011, followed by massive DDoS attacks against financial institutions in 2012, and then followed by several high-profile data leaks in 2013 and 2014.
Suddenly, enterprises have become aware that there are indeed significant risks to doing business on the Internet in the 21st century. And in some cases, there are still no clear solutions. In this talk, we highlight the history of security attacks and protection from the early days of business on the Internet. We pinpoint where attacks took a steep inflection upward in both sophistication and effect while security has mostly remained constant and in some cases unable to respond. We then show the approach that is needed in security research in order to leap ahead of attacks and enable business to flourish in the networked, mobile, and cloud-enabled world. This effort requires nothing short of a security revolution.