Richard Clarke Keynote at S4x17




Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Mar 26, 2017

This session jumps right into the challenges ICS security and Plant Managers face in asking for budget. Stated as clearly as I've ever heard in the first two minutes.

Dick then goes into six examples of things that happened in 2016 that have never happened before:

1. A power outage occurred: Ukrainian Power Grid Attack
2. The financial system is no longer sancrosanct: SWIFT was hacked by North Korea and stole money.
3. NSA is no longer undisputed champ: NSA's attack techniques posted on the Internet
4. Cyber due diligence in M&A caused major deal to change: Verizon buying Yahoo
5. IoT zombie army happened: cameras attacked DNS
6. Hospitals no longer off limits to attacks: Syria bombed hospitals and ransomware hit hospitals and shut them down (advice is pay up if hit because costs are small)

It's all FUD until it happens.

Another challenge is "the problem is too big"

Third challenge is you can't put a reasonable probability on something that has never happened before.

Dick talks about the importance of setting goals, such as after x years everything in the medical industry must be deployed secure and all insecure devices must be replaced in y years. And doing this industry by industry.

And these goals must be enforced through regulations. He believes in the absence of regulation security in ICS will not happen.

Richard Clarke has a book coming out in May ... Warnings: Finding Cassandras to Stop Catastrophes3


When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...