1
Our view of what constitutes a safety critical system needs to move from the distant oil rig and refinery, nuclear power station, and occasional reliance on air trac control, to the closer ship, autonomous vehicle, health IoT and drone. These things can present threats not only to security and privacy but to safety too. Maritime cyber needs to catch up with the emerging aerospace industry focus on risks, as bulk carriers can be floating bank vaults (with goods tempting pirates or smugglers), data centres (loaded with data and sensors that can be spoofed or copied), or bombs (given explosive cargo, such as liquid natural gas (LNG). Autonomous or self-driving vehicles, from cars through lorries to even ships, present potential for threats to drivers (on autopilot), passengers, pedestrians and others. Written and machine-learned software algorithms have to not only read and respond to their surroundings accurately, but to make ethical decisions. TV shows have shown bad actors compromising insecure pace makers wirelessly and causing cardiac failure in their host; there are scripts for this sort of attack in the real world. Dosages and readings can be electronically manipulated; beyond privacy exposure of medical data, this could lead to some very serious impacts. Drones have moved from being the INFORMATION SECURITY plaything of advanced military nations, raining death from above, through domestic toys, and then back to tools for search and rescue, emergency response and other good uses. This dual-use brings the potential for good or ill, and controls are needed to protect areas and people. As in many advances, convenience and connectivity bring openness and exposure. This means that it is critical we ensure the safety of such systems. You can follow Gareth on Twitter: @garethniblett As convenience and connectivity breed exposure, cyber criminals are targeting new and previously unseen attack vectors, says Gareth Niblett, Chair of the BCS Information Security Specialist Group. This means that security practitioners and infrastructure managers need to be ever more prepared for an attack. Maritime industry is easy meat for cyber criminals https://blog.kaspersky.com/ maritime-cyber-security/8796 FURTHER INFORMATION doi:10.1093/itnow/bww070 ©2016 The British Computer Society Image: istock.com/cincila DEFINING THE LATEST THREATS September 2016 ITNOW 29

BCS ITNow 201609 - Defining the Latest Threats

Embed Size (px)

Citation preview

Page 1: BCS ITNow 201609 - Defining the Latest Threats

Our view of what constitutes a safety critical system needs to move from the distant oil rig and refinery, nuclear power station, and occasional reliance on air traffic control, to the closer ship, autonomous vehicle, health IoT and drone. These things can present threats not only to security and privacy but to safety too.

Maritime cyber needs to catch up with the emerging aerospace industry focus on risks, as bulk carriers can be floating bank vaults (with goods tempting pirates

or smugglers), data centres (loaded with data and sensors that can be spoofed or copied), or bombs (given explosive cargo, such as liquid natural gas (LNG).

Autonomous or self-driving vehicles, from cars through lorries to even ships, present potential for threats to drivers (on autopilot), passengers, pedestrians and others. Written and machine-learned software algorithms have to not only read and respond to their surroundings accurately, but to make ethical decisions.

TV shows have shown bad actors compromising insecure pace makers wirelessly and causing cardiac failure in their host; there are scripts for this sort of attack in the real world. Dosages and readings can be electronically manipulated; beyond privacy exposure of medical data, this could lead to some very serious impacts.

Drones have moved from being the

INFORMATION SECURITY

plaything of advanced military nations, raining death from above, through domestic toys, and then back to tools for search and rescue, emergency response and other good uses. This dual-use brings the potential for good or ill, and controls are needed to protect areas and people.

As in many advances, convenience and connectivity bring openness and exposure. This means that it is critical we ensure the safety of such systems.You can follow Gareth on Twitter: @garethniblett

As convenience and connectivity breed exposure, cyber criminals are targeting new and previously unseen attack vectors, says Gareth Niblett, Chair of the BCS Information Security Specialist Group. This means that security practitioners and infrastructure managers need to be ever more prepared for an attack.

Maritime industry is easy meat for cyber criminals https://blog.kaspersky.com/maritime-cyber-security/8796

FURTHER INFORMATION

doi:1

0.10

93/i

tnow

/bw

w07

0 ©

2016

The

Brit

ish

Com

pute

r So

ciet

yIm

age:

isto

ck.c

om/c

inci

la

DEFINING THE LATEST THREATS

September 2016 ITNOW 29

Bcs consumerisation

Bcs consumerisation

Technology
BCS Prime Brokerage Ltd (“BCS UK”) Pillar 3 Disclosures

BCS Prime Brokerage Ltd (“BCS UK”) Pillar 3 Disclosures

Documents
SUPERCONDUCTIVIDAD BCS

SUPERCONDUCTIVIDAD BCS

Documents
Wellfast Company Profile-201609

Wellfast Company Profile-201609

Documents
201609 Innovesia credential

201609 Innovesia credential

Business
BUSINESS ANALYSIS TECHNIQUES - BCS - BCS - The Chartered Institute

BUSINESS ANALYSIS TECHNIQUES - BCS - BCS - The Chartered Institute

Documents
Recipes BCS

Recipes BCS

Documents
Bcs centerary

Bcs centerary

Documents
JOINING BCS

JOINING BCS

Documents
BCS Brochure

BCS Brochure

Documents
BCS Written

BCS Written

Documents
BLJ - Buteline - Eng Installation Manual - HK (201609)

BLJ - Buteline - Eng Installation Manual - HK (201609)

Documents
BCS Portfolio

BCS Portfolio

Documents
3811_ReducingCostsUsingPersonalizedAutoRepair_ BCS

3811_ReducingCostsUsingPersonalizedAutoRepair_ BCS

Documents
Pension plans and the writing of fully-covered exchange ... · -2-BasedonregulationsforclarifyingERISA'sprudencerequirement whichwereproposedbytheDepartmentofLaborinApril1978,itnow

Pension plans and the writing of fully-covered exchange ... · -2-BasedonregulationsforclarifyingERISA'sprudencerequirement whichwereproposedbytheDepartmentofLaborinApril1978,itnow

Documents
Revista ITNow Nov 2015

Revista ITNow Nov 2015

Documents
CECYTE BCS

CECYTE BCS

Documents
201609 ucm60402 u2 leading in the 21st century

201609 ucm60402 u2 leading in the 21st century

Business
BCS ITNow 201403 - Data Loss Prevention

BCS ITNow 201403 - Data Loss Prevention

Data & Analytics
Aeromexico Digital Transformation (IAB Conecta 201609 no videos)

Aeromexico Digital Transformation (IAB Conecta 201609 no videos)

Technology
Bcs Jeopardy

Bcs Jeopardy

Sports
Informer - BCS

Informer - BCS

Documents
TESL 43X 201609 FINAL

TESL 43X 201609 FINAL

Documents
New Catalogue form NuoDi Precision Mold Co.,Ltd -201609

New Catalogue form NuoDi Precision Mold Co.,Ltd -201609

Documents
BCS Kardiovaskuler

BCS Kardiovaskuler

Documents
Purina BCS

Purina BCS

Documents
ITNOW magazine: June 2014 (sample)

ITNOW magazine: June 2014 (sample)

Leadership & Management
BCS Catalogue

BCS Catalogue

Documents
Mozilla Community Space Taipei - Status Report - 201609

Mozilla Community Space Taipei - Status Report - 201609

Government & Nonprofit
BCS Profile

BCS Profile

Documents