Professional Documents
Culture Documents
Summer 2014
Produced with
the kind
support of
&
elcome
Wolf?
SQL Server
2014
Powerful database
functionality, available
to small and midsize
organisations
8LIRIXIJJIGXSJ,IEVXFPIIHXLIVIEPGEXEWXVSTLILEW
FIIR]IXERSXLIVWIPJMRMGXIH[SYRHXSXLIEPVIEH]FEHP]
damaged credibility of the community of security experts.
We cannot sustain many more of these injuries before the
credibility of our community as a whole falls victim to our
seemingly suicidal instincts.
If we want to be taken seriously and treated as professionals,
its time we started to behave like professionals. We need
XSWXSTGV]MRK[SPJERHWXEVXKMZMRKERW[IVWXSXLIHMJGYPX
questions we have been avoiding for far too long. How do
we actively enable cyber democracy?
It is now time to start the process of moving towards the
creation of a professional governance body with the same
kind of power and status as, for instance, the Law Society or
the General Medical Council. Embracing willingly and freely all
of the consequences around regulation, licensing and liability
XLEXXLMW[MPPFVMRK8MQIXSWXSTGV]MRKG]FIV[SPJ8MQIJSV
XLIWREOISMPQIVGLERXWXSRHERSXLIV;MPH;IWX
;IXLIGSQQYRMX]SJ-8ERHG]FIVWIGYVMX]I\TIVXW
turned the volume up to eleven on this one. Us, not the
bad guys. As experts, we competed to command ever
more extravagant hyperbole. In concert, we declared this
catastrophic. In a post Snowden world it was inevitable
that the dark ink of conspiracy theory would cloud the story
as fast as the Internet could carry it. And yet, nothing bad
actually happened. We rushed to spread fear, uncertainty and
HSYFXMRORS[MRKHIERGISJXLIEZEMPEFPIIZMHIRGI4IVLETW
because of the absence of evidence.
As your business grows so do the demands you place on the databases that help run your
organisation. Whether for inventory, online sales transactions, or customer management, a
slow-performing or unavailable database can create bottlenecks in the way your employees
do their jobsand cause your customers to take their business elsewhere.
Speed up applications and reduce downtime with the most widely used database in the
world.
Find out how SBL can help you upgrade and save.
Call 01347 812100 or visit www.softbox.co.uk/microsoft
3
SBL Recommends Microsoft Software
CONTENTS
10
14
STUDENT
SHOWCASE
03
Welcome
05
07
08
Colin Williams
(V(EZMH(E]
(IRMW)HKEV2IZMPPI
09
20
26
ADVERTORIAL
41
48
Andrew Cook
DEPUTY EDITORS
Natalie Murray
8MRIOI7MQTWSR
SUB -EDITORS
8SQ,SSO
Ed Mallows
ADVERTISING
CO - ORDINATOR
11
13
14
18
20
26
&PEOI1EVOLEQ
Halidu Abubakar
(V'LEV7EQTPI
(V%RHVI/EVEQERMER
Magnus Wakander
Colin Williams
29
30
33
37
41
I,Human
48
Alamanac of Events
Andrew Cook
EVENTS
Cyber Streetwise
50
8MQ;EXWSR
Colin Williams
10
Andrew Fitzmaurice
REVIEW
EDITORS
(V-ER&V]ERX
(V2ERG]1IEH
CONTRIBUTORS
Halidu Abubakar
(V-ER&V]ERX
Andrew Cook
(V(EZMH(E]
(IRMW)HKEV2IZMPP
Andrew Fitzmaurice
8SQ,SSO
(V%RHVI%VE/EVEQERMER
&PEOI1EVOLEQ
(V2ERG]1IEH
(V'LEV7EQTPI
(V(ER7LSIQEOIV
Magnus Wakander
Colin Williams
8SQ,SSO
SPECIAL THANKS
8LI2EXMSREP1YWIYQSJ'SQTYXMRK
8LI9/,SQI3JGI']FIV7XVIIX[MWI'EQTEMKR
DESIGN
)PPIR0SRKLSVR(IWMKR
www.ellenlonghorndesign.co.uk
CONTACT US
$']FIV8EPO9/
']FIV8EPOMWTYFPMWLIHXLVIIXMQIWE]IEVF]7&07SJX[EVI&S\0XH
Nothing in this magazine may be reproduced in whole or part without
XLI[VMXXIRTIVQMWWMSRSJXLITYFPMWLIV%VXMGPIWMR']FIV8EPOHSRSX
RIGIWWEVMP]VIIGXXLISTMRMSRWSJ7&0SVMXWIQTPS]IIW;LMPWXIZIV]
IJJSVXLEWFIIRQEHIXSIRWYVIXLEXXLIGSRXIRXSJ']FIV8EPOQEKE^MRI
MWEGGYVEXIRSVIWTSRWMFMPMX]GERFIEGGITXIHF]7&0JSVIVVSVW
misrepresentation or any resulting effects.
)WXEFPMWLIHMR[MXLELIEHUYEVXIVWMR=SVO7&0EVIE:EPYI%HHIH
-86IWIPPIV[MHIP]VIGSKRMWIHEWXLIQEVOIXPIEHIVMR-RJSVQEXMSR
7IGYVMX]7&0SJJIVWEGSQTVILIRWMZITSVXJSPMSSJWSJX[EVILEVH[EVI
services and training, with an in-house professional services team
IREFPMRKXLIHIPMZIV]SJEGSQTVILIRWMZIERHMRRSZEXMZIVERKISJ-8
solutions.
']FIV8EPOMWHIWMKRIHF])PPIR0SRKLSVR(IWMKR
and printed by Wyndeham Grange plc.
COMPETITION
CyberTalk magazine supports and promotes the best cyber narrative writing
from around the world, including emerging writers and exciting new voices.
As part of this, we want to seek out and celebrate the most skilled and
creative new writers in our next edition.
We invite both amateur and professional writers to demonstrate their skill in short-story
writing by entering the CyberTalk Flash Fiction Competition, for a chance to
WINHMHU[HZ[PJWYPaLHUKILYLJVNUPZLKHZHUL_JP[PUN[HSLU[PU[OLZJPLUJLJ[PVUNLUYL
The winning entry will be published in full in the next issue of CyberTalk,
the Sci-Fi Issue, and also online at www.softbox.co.uk/cybertalk.
>LYLZLLRPUNL_JLW[PVUHSZOVY[Z[VYPLZIHZLKVU[OL[OLTLVM*@),9
;OPZ[OLTLJHUILPU[LYWYL[LKPUHU`^H`[OH[PUZWPYLZ`V\
Stories should be a maximum of 1,500 words and must be submitted to
cybertalk@softbox.co.uk by midnight on 1st August 2014.
Good Luck!
'SPPIIR6SFIVXWSR
Business is
always changing.
Make sure your
data center
is always agile.
The
Software-Dened
Data Center.
VMwares software-dened data center delivers
unprecedented levels of agility, exibility and
choice, by extending virtualization to all data
center resourcescomputing, storage, network
and securityand by automating management.
So businesses can deploy applications when and
where they need them on any device, in minutes,
not days. Its IT for the mobile cloud era.
vmware.com/sddc
* 5 reasons
to be paranoid about
internet safety
(V(EZMH(E]
7LIJIPH,EPPEQ
8LIQSVIMRXIVRIXETTPMGEXMSRW
University
we use, the greater attack
opportunities we present to
an aggressor. Moreover, in
many instances the standard of
security used when creating web
1. Avoid social media overload
applications is astonishingly poor,
&IGSQIQMRHJYPSJXLIEQSYRXSJMRJSVQEXMSR
with an applications functionality
you reveal about yourself. Malicious parties have
commonly placed above its safety.
sophisticated tools and methods to correlate all the
2. Recognise Phishing
Never give your personal information to anyone
unless you completely trust them and are absolutely
sure they are who they say they are. Further, dont
VIP]WSPIP]SRXLITLMWLMRKPXIVW]SYQE]LEZISR
your web browser they work by checking web
EHHVIWWIWEKEMRWXIMXLIVORS[RPIKMXMQEXI[LMXI
SV
ORS[RQEPMGMSYWFPEGO
PMWXW8LIWIPMWXWGERRSXFI
entirely complete and therefore cannot be exclusively
VIPMIHYTSR%PWSQER]PXIVWEVIMRIJJIGXMZIEKEMRWX
960WLSVXIRMRK;LIREWGEQ[IFEHHVIWWLEWLEH
960WLSVXIRMRKETTPMIHXSMXXLVIISVQSVIXMQIWMXW
PMOIP]]SYVTLMWLMRKPXIV[MPPJEMPXSHIXIGXXLEXMXWE
TLMWLMRK960
8LMWTMIGISVMKMREPP]ETTIEVIHSR8IPIJSRMGEW-RRSZEXMSR,YF
a global blog on digital tech http://blog.digital.telefonica.com/
ADVERTORIAL
Cybercrime
THE STILL IMPORTANT
ROLE OF EDUCATION IN
A FIGHT WE CAN
NEVER WIN
(IRMW)HKEV2IZMPP
Head, Centre
for Cybercrime
Forensics
Canterbury Christ
Church University
If you can keep your head, whilst all around you are losing theirs you
TVSFEFP]HSRXYRHIVWXERHXLIWMXYEXMSR8LEXWEKSSHWYQQEV]SJVIEPMX]
XSHE]MRXLIKLXEKEMRWX']FIVGVMQI7SQIWSYVGIWRS[TYX']FIVGVMQI
EWFMKKIVMRXIVQWSJQSRI]
XLERXLIHMWXVMFYXMSRERHWEPISJEPPJSVQWSJ
MPPIKEPHVYKXVEJGOMRK[SVPH[MHI-XMWGIVXEMRP]VIWTSRWMFPIJSVXLIKVIEXIWX
number of attempted crimes of any type and the problem is growing rapidly.
/EWTIVWO]0EFWVITSVXIHXLEXMRTLMWLIVWPEYRGLIHEXXEGOWEJJIGXMRK
EREZIVEKISJTISTPI[SVPH[MHIIEGLHE]X[MGIEWQER]EWMR
8LI2SVXSR']FIVGVMQI6ITSVXWLS[IHXLEXEVSYRHSRI
million adults become Cybercrime victims everyday, with an average cost to
IEGLSJ
ENCOURAGING
MORE WOMEN IN
COMPUTING
8LIVI[EWEXMQI[LIR[SQIR[IVI
a large proportion of the technology
workforce, but now they are
considerably under-represented.
6IGIRXWXYHMIWWLS[XLEXXLI]
represent 17% of the workforce and
that the proportion has not altered
over the past decade.
Its foolish to believe there is any single magic bullet to combat Cybercrime.
Governments around the world have committed massive sums of money to
KLXMRKXLVIEXWXSREXMSREPG]FIVMRJVEWXVYGXYVIFYXXLIOI]UYIWXMSRMW[LIVI
MXWFIWXXSWTIRH]SYVQSRI]#8LIEREPSK]MWXLEX]SYEVIWXERHMRKYRHIVE
XMHEP[EZI[MXLERYQFVIPPEEZIV]KSSHYQFVIPPE
FYXHSRXI\TIGXMXXS
keep you dry. If you dont study Cybercrime and Computer Forensics how can
]SYEZSMHIZIV]HE]FIMRKE>IVS(E]4VSFPIQ#-I[LIREREXXEGOSGGYVW
you have to waste considerable time bringing yourself up to speed with the
current state of the technology before you can plan and implement how to
HIEP[MXLXLIEXXEGO
8LI)YVSTIER9RMSRVIGSKRMWIHXLIMRGVIEWMRKXLVIEXXSXVEHIERHXLI
personal well-being of EU citizens with the EU Convention on Cybercrime
MR&YHETIWXSRVH2SZIQFIV8LMW[EWSRISJXLIVWXJSVQEP
WXEXIQIRXWGPEVMJ]MRKXLIREXYVISJXLI']FIVGVMQIXLVIEX7MRGIXLI)9
has funded a number of development, research and training initiatives most
VIGIRXP]YRHIVXLI-7)'4VSKVEQQI8LMWLEWRERGIHXLIGVIEXMSRSJREXMSREP
'IRXVIWSJ)\GIPPIRGIWXEVXMRK[MXLXLI'IRXVI4VSNIGXMR-VIPERHERH*VERGI
ERHMRXLIPEWX]IEVW[MXLGIRXVIWMREVERKISJSXLIVQIQFIVWXEXIW1]
S[RMRZSPZIQIRXMWFEWIHSRSYV[SVOPIEHMRKXLI)')286))RKPERHW
']FIVGVMQI'IRXVISJ)\GIPPIRGIJSV8VEMRMRK6IWIEVGLERH)HYGEXMSR
TVSNIGX
QMPPMSRSZIVQSRXLWMRZSPZMRK9/9RMZIVWMXMIWGSQTERMIWERH
XLI'SPPIKISJ4SPMGMRKMRXLI9/
8LMWTVSNIGXFIKERMR(IGIQFIVERH
GSRGPYHIWMR%YKYWX-XMRGPYHIWQENSVXVEMRMRKERHWOMPPWYTHEXMRKJSVPE[
IRJSVGIQIRXMRXLI9/)9ERHFVMRKWXSKIXLIVXLIXLVIIMQTSVXERXEVIEWSJ
law enforcement, commerce and the university sector. Each of these areas
brings valuable expertise, experience and opportunities to help educate and
defend organisations and individuals from the developing threat of Cybercrime.
8LIGSSTIVEXMSRSJWYGLREXMSREPGIRXVIWMWMQTSVXERXERHXLIGVIEXMSRSJ)'
XLI)YVSTIER']FIVGVMQI'IRXVI
[MXLMR)YVSTSPSR.ERYEV]TVSZMHIW
EQENSVI\GLERKIJSVMRJSVQEXMSRERHNSMRXMRMXMEXMZIW&YXF]GSQTEVMWSR[MXL
the problem these initiatives are small.
8LI2EXMSREP1YWIYQSJ'SQTYXMRKWIIWXLMWMQFEPERGI
VIIGXIHMRXLIGSQTSWMXMSRSJZMWMXMRKWXYHIRXKVSYTW
8SXV]XSGSYRXIVMXPEWX]IEV(EQI7XITLERMI7LMVPI]-8
entrepreneur, opened the Museums Google-sponsored
Women in Computing gallery which highlights the role of
[SQIRMR-8SZIVXLIHIGEHIW
2S[XLI&)88E[EVH[MRRMRKXIEQSJ8213'XLI
0SRHSR+VMHJSV0IEVRMRK0+J0
ERHXLI)EWXSJ)RKPERH
&VSEHFERH2IX[SVO)&2
XLEXGVIEXIHE,MWXSV]
of Computing is planning an online video resource for
schools to use to encourage more female students to
take up computing as a career.
Like a History of Computing, the Women and Computing
VIWSYVGIMWI\TIGXIHXSFIEZEMPEFPIXS9/WGLSSPW
connected to the National Education Network.
8LI;SQIRERH'SQTYXMRKVIWSYVGI[MPPMRGPYHIER
interactive timeline highlighting the role of women in
GSQTYXMRKEGVSWWXLIHIGEHIWWXEVXMRK[MXLXLI
STIVEXSVWSJ'SPSWWYW8LIVIWSYVGI[MPPEPWSI\TPSVIXLI
past and current challenges that women face in entering
the industry and the changing social context of the past
WIZIRHIGEHIW6SPIQSHIPW[MPPJIEXYVIWXVSRKP]XSKMZI
XLIGSQMRKKIRIVEXMSRXLIGSRHIRGIXSORS[XLEXXLI]
can play a major role in computing.
-KEZIETVIWIRXEXMSRXSEQIIXMRKSVKERMWIHF]XLI9/*SVIRWMG7GMIRGI
7SGMIX]MR*IFVYEV]ERHHYVMRKETERIP5
%MX[EWFVSYKLXLSQIXSQINYWX
LS[HMJGYPXXLIKLXEKEMRWX']FIVGVMQIMW8LIVILEHFIIREHMWGYWWMSRSR
HEXEPSKKIVWEHIZMGIXLIWM^ISJETIRGET[LMGLGERFIMRWIVXIHFIX[IIR
a keyboard and computer to record all key depressions and hence be
YWIHXSWXIEPTEWW[SVHWERHSXLIVTIVWSREPHEXE
8LIWIHIZMGIWLEZIFIIR
commercially available for over ten years. I asked the audience of over a
hundred participants if they had ever checked to see if such a device was
GSRRIGXIHXSXLIMVGSQTYXIV3RP]X[STISTPILEHIZIVPSSOIH8LIRMX
occurred to me that even when the threat of this problem had been discussed
with the audience at this event, it was very unlikely anyone would from now
on regularly check their systems. Even when we know such threats exist,
[IHSRSXI\TIRHXLIIRIVK]XSTVSXIGXSYVWIPZIWEKEMRWXXLIQ8LIVIEVI
hundreds of things we might reasonably look for when turning on a machine.
8LIIUYMZEPIRGISJEREMVPMRITMPSXWGLIGOPMWXFIJSVIXEOISJJQMKLXLIPTFYXMX
would completely change the utility of using computers.
7GLIHYPIHJSVVIPIEWIMR;SQIRERH'SQTYXMRK
MWI\TIGXIHXSGSRXEMREFSYXZMHISGPMTWHIWMKRIH
for easy and rapid access by teachers for use in the
classroom and be a valuable resource incorporating
GYVVMGYPYQWYTTSVXQEXIVMEPJSV/I]7XEKIWXS
8LMWMW[L][IGERRIZIVVIEPP][MRXLMWKLXEKEMRWX']FIVGVMQI,S[IZIV
deciding not to educate yourself, and reduce the effort of recovering from
attacks, is the path to losing and spending a lot of money!
The-National-Museum-of-Computing
@tnmoc
The National Museum of Computing
STUDENT
SHOWCASE
Open or Closed
source security
protocols
Cyber Security
Responses
to Counterfeit Goods
&PEOI1EVOLEQ
University
of Warwick
Bio
Name:
School:
Linkedin:
&PEOI1EVOLEQ
University of Warwick
https://www.linkedin.com/in/markhambp
LEZIQEWWMZIRERGMEPMQTPMGEXMSRWHYIXSTVSZMHMRKVITPEGIQIRXWSVJVSQPE[WYMXW
SJYRLETT]GYWXSQIVW8LIVITIVGYWWMSRWEVIQYGLKVEZIVJSVGLMTWXLEXQE]LEZI
JSYRHXLIMV[E]SRXSQMPMXEV]KVEHIKLXIVNIXW[LMGLGSYPHVIWYPXMRQMHEMVJEMPYVIW
MRHIIHGSYRXIVJIMXGLMTWLEZIFIIRJSYRHMRKLXIVNIXW
A more sinister use of counterfeit chips is the intent of extracting personal
MRJSVQEXMSRJVSQSXLIVW8LMWGERFIEGLMIZIHXLVSYKLIQFIHHMRKQEP[EVISRXLI
IPIGXVSRMGGLMT8LITSXIRXMEPMQTPMGEXMSRWXLMWFVMRKWGERGEYWILEZSG[MXLQSVISJ
us using smart phones and doing our banking remotely on these kinds of devices.
Fraud is on the rise, with criminals taking full advantage of new technology and this
type of threat could become more and more prominent as more traditional malware
MWHMWGSZIVIHERHGSQFEXIH-XMWHMJGYPXXSMHIRXMJ]VSKYIGLMTWMRTVSHYGXMSRERH
even more so once they are in place as the average user will blindly trust that there
was no pre-existing malware on their new device. Malware installed this way would
FIQSVIHMJGYPXXSGSYRXIVHYIXSXLIJEGXXLEXMXMWLEVH[EVIFEWIHVEXLIVXLER
WSJX[EVIFEWIHWSIZIRXLIQSWXVEHMGEPSJETTVSEGLIWWYGLEW[MTMRKEHIZMGI
[SYPHRSXRIGIWWEVMP]VIQSZIXLIXLVIEX6IEPMWXMGEPP]XLISRP]JIEWMFPIETTVSEGLIW
to combat this would be replacing the counterfeited chip in the existing phone, or
FY]MRKERSXLIVRI[TLSRI&YXXLMWMWYRPMOIP]XSMRWTMVIXVYWXMRGSQTERMIW[LSWI
products have been compromised.
Now, with the academic year coming to an end, I can look back and am able to
IZEPYEXIQ]I\TIVMIRGIEX;EV[MGO8LIVIEWSR-GLSWIXLMWGSYVWI[EWFIGEYWIMX
is well rounded and focuses on many aspects of the cyber security industry; from
broadening my knowledge of current techniques to developing skills required to
FIGSQIEWYGGIWWJYPQEREKIV8LIVILEZIEPWSFIIRWSQIMRZEPYEFPISTTSVXYRMXMIWXS
network with some of cyber securitys elite and to gain an insight into their opinions
due to talks by multiple guest speakers, both from the private and public sectors.
8LIVIJSVIXLMWG]FIVWIGYVMX]GSYVWILEWTIVJIGXP]TSMWIHQIXSLEZIEKVIEXGLERGI
SJRHMRKIQTPS]QIRX[MXLGSQTERMIWWYGLEW(IIT7IGYVIJVSQXLI1EPZIVR
']FIV7IGYVMX]'PYWXIVMRXLIEVIEWXLEX-RHQSWXJEWGMREXMRK,S[IZIV-HSFIPMIZI
XLEX;EV[MGO[SYPHFIRIXERHFIEFPIXSJYVXLIVHMWXMRKYMWLMXWIPJJVSQXLIKVS[MRK
amount of cyber security courses by reinforcing the theories discussed in lectures
with practical experience. For example, educating students on penetration testing by
simulating real world situations with attacker and victim machines would emphasise
the theories on combative techniques taught during lectures.
(IWTMXIXIGLRSPSKMGEPEHZERGIWXLEXEMHMRTVSXIGXMRKKSSHWJVSQFIGSQMRK
counterfeited, counterfeiting techniques are also evolving to evade these security
QIEWYVIW3RIWYGLI\EQTPIMWTEWWTSVXWXLEXRS[YXMPMWIERXMXEQTIVMRKLSPSKVEQW
ERHGLMTWXLEXEVIVIEHF]W]WXIQWEXXLIFSVHIV8LIWIEVIRSPSRKIVEWVITVSHYGMFPI
as previous passport designs so criminals often alter stolen passports rather than
TVSHYGMRKRI[SRIW8LMWXLIREPPS[WXLSWIGEVV]MRKGSYRXIVJIMXTEWWTSVXWXSXVEZIP
[MXLSYXVEMWMRKWYWTMGMSREWXLI]LSPHERSJGMEPTEWWTSVXXLEXLEWFIIREPXIVIHXS
their new identity.
Although cyber security issues may not be the immediate issue that comes to
mind when thinking about counterfeiting, it is easily one of the more worrying ways
counterfeiting can affect our lives. From threats on our livelihood, through fraudsters
gaining access to our accounts, to implications on government security, through
compromises at the borders and in military machines, counterfeiting is a threat that
needs to be addressed.
When a corporation designs a chip, they construct chips that are built for purpose, to
QIIXXLIVIUYMVIQIRXWSJEWTIGMGNSF,S[IZIVXLMWHSIWRSXQIERXLEXGSQTERMIW
do not produce counterfeit chips, whether knowingly or not. Some chips may indeed
be what they are advertised as, but some are in fact over-clocked and sold as being
the genuine article. Computer chips fail as a result of this putting great stress on the
GSVIGEYWMRKXLIQXSSZIVLIEX8LIGSRWIUYIRGISJXLMWZEVMIWHITIRHMRKSRXLI
technology that they have been implemented into. A phone brand that has used a
counterfeited chip unknowingly that overheats and causes their phones to fail could
7IGYVMX]LEWEP[E]WFIIREHEMP]FEXXPI[LMGLPIEHWXSRHMRKRI[
[E]WSJTVSXIGXMSR8LMWGERFIWIIRMRXLIIZSPYXMSRSJXVEHMXMSREP
home security measures, from using lock and key to security smart
GEVHWJSVEGGIWW8LMWIZSPYXMSRMWQSXMZEXIHFIGEYWISJGSRWXERX
attempts to exploit the vulnerabilities of security systems which
are sometimes successful or unsuccessful. Historically, security
protocols have followed a similar fashion of evolution.
Halidu Abubakar,
University of
Warwick
Bio
Name:
School:
Linkedin:
Halidu Abubakar
University of Warwick
LXXTRKPMROIHMRGSQTYFEFYFEOEVLEPMHY
-LEZI[SVOIHEWERIPIGXVMGEPIRKMRIIVJSVQSRXLWERH
EW]WXIQWIRKMRIIVJSV]IEVWFIJSVITYVWYMRKER17GMR
Cybersecurity and Management. I see cyber security as
another way of protecting lives and property rather than
another information technology challenge. Most of the
technologies that underpin the services people use in their
daily lives are part of the cyber sphere thus need to be safe.
-XMWIZMHIRXXLEX,IEVXFPIIHMWRSXXLIVWXZYPRIVEFMPMX]XLEXLEWFIIRJSYRHSRXLMW
STIRWSYVGIWIGYVMX]TVSXSGSP1SWXSJXLIG]FIVEXXEGOWSR807EVIEGEWISJYWMRK
MXWWXVIRKXLEKEMRWXMX*SVMRWXERGIXLIGSYRXIVQIEWYVIJSVXLI&)%78EXXEGO[LMGL
I\TPSMXWE[IEORIWWMR'&'']TLIV&PSGO'LEMRMRK
SJ807[EWERMRXVSHYGXMSRSJ
JVEKQIRXMRKSJHEXEXSFIWIRX,S[IZIVXLMWGSYRXIVQIEWYVIJVEKQIRXEXMSR
PIHXS
a new exploit known as the truncation attack where fragments of the message to be
sent could be dropped by an attacker and fragments that meant something else are
delivered.
7MQMPEVP]XLI,IEVXFPIIHFYKMWERI\TPSMXSJXLIWXVIRKXLSJ807XLILIEVXFIEXTEGOIX
is sent by a client computer to a server in order to keep a session active because of
XLIHMJGYPX]SJWIXXMRKYTERI[WIWWMSR8LMWMWEWXVIRKXLXLEXFIGEQIEZYPRIVEFMPMX]
when the heartbeat packet was maliciously constructed, such that the server is made
XSVIWTSRH[MXLQSVIHEXESRMXWQIQSV]XLERMXWLSYPH8LMWHEXEGSYPHMRGPYHI
TEWW[SVHWERHSXLIVWIRWMXMZIHEXEXLEX807[EWTVSGIWWMRKEXXLIXMQISJXLI
VIUYIWX8LMWWIIQWPMOIEGEWISJRI[WSPYXMSRWPIEHMRKXSRI[ZYPRIVEFMPMX][LMGLMW
common with most technological advancement. However, the question that comes
to mind is: What if this new vulnerability was discovered and exploited maliciously
long before cyber security programmers and professionals discover it existed?
2IZIVXLIPIWWPMOIIZIV]SXLIVSTIRWSYVGITVSNIGXETTPMGEXMSRWWSJX[EVIERH
STIVEXMRKW]WXIQW
XLI]FIGSQIFIXXIVEWHIZIPSTIVWGSRXVMFYXIXSMXF]EHHMRKRI[
JYRGXMSREPMXMIWSV\MRKHMWGSZIVIHFYKW3RXLISXLIVLERHWIGYVMX]TVSXSGSPWXLEX
EVI[MHIP]YWIHPMOI807770QMKLXRSXFIRIXJVSQXLMWOMRHSJGSRXVMFYXMSRFIGEYWI
XLIIGSW]WXIQMWFYMPXEVSYRHG]FIVWIGYVMX]8LIVIJSVIXLIVIMWRIIHXSWIVMSYWP]
consider whether security protocols should be made open or closed source.
Continuous research in more resilient protocols is needed, while bearing in mind that
technological measures are to ensure that breaking security systems becomes more
HMJGYPXERHI\TIRWMZIJSVEXXEGOIVWFIGEYWIXLIVIMWRSTIVJIGXWIGYVMX]W]WXIQ
(V'LEV7EQTPI')68ERH(V%RHVI/EVEQERMER
Why Study
Cyber Security
at Warwick?
t Security Architectures
t Network Defence
t Digital Forensics
t Data Protection
At WMG our world-class team of cyber security specialists combine insights into security
tools and techniques with strategic security management principles and practice. Whether you study
for an MSc or a PhD, your industrially focused research programme together with world-leading cyber
security skills will provide you with a highly-valued competitive edge in your career.
'SRWMHIVXLII\EQTPISJWQMPMRK[LIRWIVZMRKJEWXJSSH8LMWFILEZMSYVMWGSRWMHIVIH
RSVQEPMRXLI97ERHQER][IWXIVRGYPXYVIWFYX[LIRMX[EWMRXVSHYGIHMR6YWWME
customers were suspicious of the servers who smiled.
6IEH4EVXSJXLMWWIVMIWSJEVXMGPIW%(MJJIVIRX4IVWTIGXMZISR%XXVMFYXMSRSRPMRIJSVJVIIRS[EX[[[WSJXFS\GSYOG]FIVXEPOMWWYIJSYV
THE
UT R
O
AB THO gnus
AU e: Ma r
m nde
er.
and
ka
Wa ://wak p://
p
htt m, htt m
gs:
o
co
Blo gspot. gspot.c
:
o
l
lo
n
b
b
.
o
r
i
a
t
tacw ccupa curity &
O al se den
ion
we
Nat litics, S
po
Na
y
t
i
r
u
c
0
e
.
s
6
r
m
e
b
s
i
Cy pital
a
C
&
8LIIZIRXWMR9OVEMRILEZIF]VMKLX
unsettled many of us, mostly because
we now understand that it still can
happen in Europe. We in the Western
world have been given the luxury of
relaxation, consumption and recreation
for a couple of decades now and the
worry is that that period of calm is
now over. I think many have forgotten
XLITS[IVMRKISKVETLMGEPP]HIRIH
mechanisms and they wonder why
someone is doing something. Perhaps
that is the wrong question; or rather it
should be complemented with what
does our geography try to force us to
do? Free will, its never as free as you
would want it to be.
&ERIMR&EXQER The Dark Knight Rises, WE]WYRXS&EXQER
4IEGILEWGSWX]SY]SYVWXVIRKXL:MGXSV]LEWHIJIEXIH]SY
ERHXLI[SVHWEVI[SVXLVIIGXMRKYTSR-XMWE[IPPORS[R
fact that predators attack weak animals, weakness encourages
EKKVIWWMSR&YXQMWTPEGIHWXVIRKXLMRXLI[VSRKWLETIGEREPWS
trigger unintended and desperate aggression.
;LIR6YWWMERS[TYXWXLIRKIVSRXLIYRLIEPIH[SYRHW
SJSPHGSRMGXW[IMRXLI)9EVIWSQI[LEXPSWXEXWIE-XMW
not that our citizens dont want to be responsible and do
the right thing. It is, rather, the eerie fact that the European
9RMSRERHMXWREXMSRWMWWXMPPEGSRXMRIRXQEHISYXSJZIV]
different nations and with different heritages. It is also the most
empire-dense place in the world. And with that I mean nations
that used to be empires remember what that used to be like
and somewhere in every nation some form of retrospective
nationalism is still smouldering: We had the answers, and we
still do, but no one is listening.
Europe is also made up of different sets of values that, when
push comes to shove, tend to collide and European nations
have poor records of internal cooperation in tense times. And
make no mistake; we are now in what I would argue are the
XIRWIWXXMQIWMR)YVSTIWMRGIXLI7IGSRH;SVPH;EV8LI]EVI
tense because Europe now understands that it neither controls
RSVYRHIVWXERHW[LEXMWLETTIRMRK8LIVIEWSR[L]XLMWMWWS
GERFIMPPYWXVEXIH[MXLXLIXEFPISRTEKI
PEACE
HAS COST
YOU YOUR
STRENGTH.
VICTORY
HAS
DEFEATED
YOU.
Changes in vulnerability
3RI[E]SJPSSOMRKEXXLIXIVQ[MWIMWXSHIRIMXEW8S
be wise is to know what I dont know, to know why I should
know it and to have the tenacity to evolve enough so that I
can make that knowledge a part of my future actions while
I\LMFMXMRKKSSHNYHKIQIRX8LEXMWQ]S[RHIRMXMSR]SY
GERRHQER]QSVIMRXLIMRRMXIWTEGISJ']FIV
2SXMQIJSVVIIGXMSRSVWPS[
everything happens and then something else
happens, and then something else.
Russia publicly
considers the Internet
to be a product of the
US Central Intelligence
Agency.
6YWWMESJLEWFIIRGSQTEVIH[MXLLS[MXYWIH
XSFIYRHIVXLI8WEVW;MPP)YVSTIFIGSQI[LEX
Europe used to be as well or evolve and understand
that something else is needed in order to protect
everything weve accomplished during the last
HIGEHIW#&IGEYWIIZIRMJ[IGERRHQER]JEYPXW
ERHWLSVXGSQMRKWMRSYVW]WXIQERH]IWQER]
people are not as happy as we would wish them to
FI
[IWXMPPLEZIXLIFIWXHIQSGVEXMGW]WXIQ[IZI
ever seen and we have freedom of speech, mind
and soul. And our system is the only one in the
world that has care and empathy built in from the
FIKMRRMRK%RHJSVYWKLXMRKJSVJVIIHSQTIVWSREP
security and integrity on the Internet is the same as
protecting our democracies.
8LIWERGXMSRWMQTSWIHSR6YWWMEQEOIWQSRI]
E[IEOIVTPE]IVSRXLI6YWWMERREXMSREPWGIRI
3RP]SRIFPSGOFIRIXWJVSQXLMWXLI7MPSZMOM
4YXMR
'S
%FWSPYXIGPEVMX]SJZMWMSR
;MWHSQ
3.
Endurance.
6IWMPMIRGI
5.
Adaptation.
0IEHIVWLMTERHXLIEFMPMX]XSEGX
)QTEXL]ERHGEVI
0SZIJSVXLIHIQSGVEXMGW]WXIQ
7SPMHEVMX]XLVSYKLEGXMSRWERHRSX
through words.
8LIRERGMEPQEVOIXMWEFVEOI
on war and through sanctions
6YWWMEGERGEWXSJJXLMWGPSEOSJ
TEGMGEXMSRERHGSRXMRYIEPSRKXLI
hostile road it has worked to get up on
JSVHIGEHIW8LI'SPH;EV[EWRSXQYGLSJE
war although the sense of urgency was great.
(YVMRK+SVFEGLIZXLI7MPSZMOMQEHIYT SJXLI
power structure, today they are to be considered
an absolute power. You cannot understand what
comes next if you only focus on Putin. And if you
believe money actually means anything in itself
XS4YXMR
'SXLMROEKEMR%RH6YWWMETYFPMGP]
considers the Internet to be a product of the US
Central Intelligence Agency.
VICTORIOUS WARRIORS
WIN FIRST AND THEN GO
TO WAR, WHILE DEFEATED
WARRIORS GO TO WAR
FIRST AND THEN SEEK TO
WIN,
SUN TZU, THE ART OF WAR
SPEAR PHISHING
& PIRATES:
HOW TO STAY SAFE IN THE CYBER SEA
Andrew
Fitzmaurice
')3SJ
8IQTPEV
Executives
SPEAR PHISHING
7TIEVTLMWLMRKMWERIQEMPWTSSRKJVEYHEXXIQTX
XLEXXEVKIXWEWTIGMGSVKERMWEXMSRSVMRHMZMHYEP
WIIOMRKYREYXLSVMWIHEGGIWWXSGSRHIRXMEPHEXE
Spear phishing email messages appear to come from
a trusted source such as a well-known company
SVSRPMRIIRXMX][MXLEFVSEHQIQFIVWLMTFEWI8S
make an email appear to be authentic, the sender will
typically include a company logo and a copyright slogan
enticing individuals to click on either attachments or
links containing malware.
SOCIAL ENGINEERING
Social engineering is a form of spear phishing whereby
hackers will glean key information on individuals to con
TISTPIMRXSTIVJSVQMRKEGXMSRWSVHMZYPKMRKGSRHIRXMEP
MRJSVQEXMSR8SKIXMRHMZMHYEPWXSVIPIEWIMRJSVQEXMSR
hackers will use social media to gain information
about a person as well as phone calls to build up an
MRHMZMHYEPWTVSPI
Prevention Techniques:
Do not give out personal information over
the phone or in an email unless completely sure.
Social engineering is a process of deceiving individuals
into providing personal information to seemingly
trusted agents who turn out to be malicious actors.
If contacted over the phone by someone claiming to
be a retailer or collection agency, do not give out your
personal information. Ask them to provide you their
name and a call-back number.
Never click on links in emails. If you do think
the email is legitimate, go to the site and log on
HMVIGXP];LEXIZIVRSXMGEXMSRSVWIVZMGISJJIVMRK[EW
referenced in the email, if valid, will be available via
regular log on.
Rethink what you share on social media. Many
individuals continue to share every aspect of their
lives on social media from their date of birth to home
addresses, likes and dislikes. All of this is fodder for
social engineers and can be used to target you for
attack.
PIRATED SOFTWARE
A lot of todays software is not free. Lots of people
are looking for ways to get access to free software
F]TEWWMRKTVSXIGXMSRXSPSSOJSVGVEGOIHWSJX[EVI8LMW
is the perfect opportunity for hackers to advertise free
downloads to gain access to computers.
Prevention Techniques:
&Y]PIKMXMQEXIWSJX[EVI7SJX[EVIGERFII\TIRWMZIFYX
the costs far outweigh the loss of data through use of
cracked software.
INFECTED MEDIA
8LIGVIEXMSRSJTSVXEFPIQIHMEHVMZIWWYGLEW
97&WERH'(WLEWKMZIRLEGOIVWE[SRHIVJYPRI[
STTSVXYRMX]97&HVMZIWGERFIMRJIGXIHF]XLIWMQTPI
EGXSJMRWIVXMRKER97&TIRHVMZIMRXSERMRJIGXIH
QEGLMRI%RMRJIGXIH97&WXMGO[MPPXLIRTEWWXLI
malware onto any machine in which it is used.
Prevention Techniques:
7IX97&XSVIEHSRP]1EOMRKE97&WXMGOVIEH
only should prevent infections when plugging into a
different machine.
Clean it. An up-to-date version of an antivirus
WSJX[EVI[MPPEPPS[]SYXSGPIERYT]SYV97&ERH
remove the infection if it has been compromised.
Identity
Trust and reputation
Cryptography
Network security
Malware and intrusion detection
Risk management
Development of high assurance
systems
Narrow skeins of laser sharp static form coruscating cuffs coursing around
TSHERHTMPPEV6MFFSRWSJFMREV][LMXIPMKLXGIEWIPIWWP][VMXLMRKERHTYPWMRKYT
and down the imagined lengths. As the energy traversing one pillar passes that
traversing another, an arc of incandescent plasma sparks and stabs between
them. Cracking and fracturing and tearing, but never illuminating, the blackness
FIX[IIR8LITSHWGEWXE[IEOJIFVMPITMROMWLKPS[XLEX[ERP]QEVKMREPP]
contests but never defeats the enshrouding darkness.
8LIGSPYQRWEVIEWXLSYKLWYWTIRHIH[MXLMRERIXIVREPERHPMQMXPIWWZSMH
%JEFVMGEXIHERHSSVPIWWERHVSSIWWJSVIWX%KVSXIWUYIWMQYPEGVYQSJ
nature and nurture. A contemptuous sneer at fertility. Sterile, barren shafts
of metal and machines morphing into and out of organic and made forms. A
GSVTSVIEPI\TVIWWMSRSJERMKLXQEVIHMEPIGXMG%TIVZIVXIHTEVSH]SJE8YVMRK
morphogenesis. A fractal forest. A topography machined in mocking homage to
the minds of those who created its makers. A precision machine made hell of
mathematical sequences.
Colin
Williams
7&0
8LI1EXVM\MWFYXSRISJEZEWXGERSRVITVIWIRXMRKERHHITMGXMRK[LEXMW
essentially the same cultural phenomenon; the human fear of human ingenuity
ERHMRZIRXMSR3VTIVLETWQSVIFVSEHP]XLILYQERJIEVSJGLERKI[VSYKLXF]
SYVS[RLERH3VTIVLETWJVSQEWPMKLXP]HMJJIVIRXERKPIXLILYQERJIEVSJPSWW
of control over those instruments of change wrought by our own hand as a
TVSHYGXSJSYVTS[IVWSJGVIEXMSR3VTIVLETWSYVS[RJIEVSJSYVWIPZIW
8LIWIEVIXLIJIEVWVIJIVVIHXSF]-WEEG%WMQSZMRLMWJSVQYPEXMSRSJ[LEXLI
called the Frankenstein complex3VMKMREPP]%WMQSZIRZMWEKIHXLIGSQTPI\
MRWSJEVEWMXSFXEMRIHXSXLIJIEVXLEXLYQERWHMVIGXWTIGMGEPP]XS[EVHWVSFSXW
Here, robots are anthropomorphic representations of the powers of human
ingenuity and physical manifestations of the powers of science and technology.
Hence, his deployment of the reference to Mary Shelleys often referenced, but
somewhat less often read, book. In his early thinking on the subject the essence
of the trope is man creates robot; robot kills man5 . Later, he widened the
scope to include the human fear of computers. For Asimov, the Frankenstein
Complex is a manifestation of a propensity towards the yet wider phenomenon
of what he himself called technophobia. Such technophobia, for Asimov, being
EQERMJIWXEXMSRSJEKIRIVEPFPMRHYRVIEWSRMRKVIWMWXERGIXSGLERKI8LI
author of the four laws of robotics was clear in his position on the subject.
8IGLRSTLSFMEMRKIRIVEPERHJIEVSJVSFSXWMRTEVXMGYPEV[EWEWIVMSYWQEXXIV
FIGEYWIMX[EWPMOIP]XSHSQYGLLEVQXSXLI[SVPHMRKIRIVEP6SFSXWEVI
going to play an inevitable role in advancing technology, and, for Asimov,
technology and robots are both very good things. Asimov was a scientist as
QYGLEWLI[EWEREYXLSVSJWGMIRGIGXMSR
8LIMRRYQIVEFPITMPPEVWSJLIPPSS^IXLIMVGSYRXPIWWTYWXYPSYWTSP]TWEW
scrofulous and scabrous pods; seeds as scabs on the machine. Stems and seeds
attended to by spider like insectoidal robots that scuttle and skitter within
XLIIRHPIWWTMX8LIYRXLMROMRKQMRMSRWSJXLI3XLIV8LIVSFSXEYXSQEXESJ
XLIQEWXIVWSJHEQREXMSR8LIG]FIVWTMHIVWQSZIFIX[IIRXLIXS[IVWERH
amongst the bulbous suppurations with programmed and unthinking purpose.
8LIGSQTVILIRWMSRSJXLIREXYVISJXLIMVXEWOWHIQERHIHF]SYVMRXIPPMKIRGI
yet denied by our humanity.
For, each of the innumerable pods is a cell in a vast energy source furnishing heat
ERHTS[IVXSEGMZMPMWEXMSRSJWIRXMIRXGSRWGMSYWQEGLMRIW8LILIPPSJLYQERMX]
LEWFIGSQIXLIPMJIJSVGISJXLI3XLIV8LIIRXMVIGSRWXVYGXMWEKIRIVEXSV%
TS[IVWXEXMSR)EGLGIPPGSRXEMRWERSVKERMGGSVI8LIYPXMQEXIWSYVGISJXLI
energy upon which an entire world, an entire species, depends, is; humanity. We
are the meat for the machine. We are the damned.
The three1
Laws of
Robotics
Individually and collectively, each human, each cell, is implanted with and
EWWMQMPEXIH[MXLMR8LI1EXVM\%GSQTYXIVGSRWXVYGX%WLEVIHLEPPYGMREXMSR%
world of the mind made real through manipulation by machines of the meat
of humanity. A vast complexity of binary code collectively and simultaneously
experienced as sense data; as reality. A communal and manufactured imagination.
%REVVEXMZI%WXSV]%GSRWXVYGXIHGSRWGMSYWRIWW%REVXMGMEPMRXIPPMKIRGI
Gibsons cyberspace as a collective hallucination.
_ZEROTH LAW
A robot may not harm
humanity, or, by inaction,
allow humanity to come to
harm.
8LI1EXVM\MWEXSSPSJTS[IVERHHSQMRERGI%RMRWXVYQIRXSJGSRXVSP[LIVIMR
humans are rendered as passive objects by, and to, incomprehensibly complex
QEGLMRIW8LI1EXVM\MWEHMKMXMWIHH]WXSTMEGVIEXIHF]GSQTYXIVWGSRXVSPPIHF]
computers. It is hell.
_FIRST LAW
A robot may not injure a
human being or, through
inaction, allow a human being
to come to harm.
8LIWIQERMJIWXEXMSRWEVILS[IZIVRSXGSRRIHXSXLIGXMSRWSJTSTYPEV
GYPXYVI8LI]EVITVIWIRXEGVSWWXLIWTIGXVYQSJLYQEREJJEMVWERHXLVSYKLSYX
XLILMWXSV]SJLYQERVIEGXMSRWXSXIGLRSPSK]3RGI]SYORS[[LEXXSPSSO
JSV]SY[MPPRH(V*VEROIRWXIMRWTVSKIR]IZIV][LIVI8LI+VIIOQ]XLSJ
Prometheus expresses a primordial form of the complex in relation to the
LYQEREFMPMX]XSLEVRIWWVIMXWIPJ4VSQIXLIYWWXIEPWVIJVSQ3P]QTYWERH
KMJXWMXXSLYQERMX]>IYWTYRMWLIWLMQJSVLMWLYFVMW-RXLILERHWSJLYQERWVI
HIWXVS]WERHOMPPWEWQYGLEWMX[EVQWERHTVSXIGXW5YIIR:MGXSVMESVHIVIHXLI
HVMZIVSJXLIVWXXVEMRYTSR[LMGLWLIVSHIXSXVEZIPEXQYGLPIWWXLERXLIJSVX]
miles an hour of which it was capable lest the force of such unnatural velocity
did her physical harm.
_SECOND LAW
A robot must obey the
orders given to it by human
beings, except where such
SVHIVW[SYPHGSRMGX[MXL
the First Law.
_THIRD LAW
8LITSTYPEVQIHMESJXLI:MGXSVMERHE][IVITPE]MRKXSXLIJIEVXLEXXVEZIP
at such unheard of speeds as technology could now grant would disintegrate
the human form, at precisely the same time as the very same technology was
TVSTIPPMRKXLIZIV]RI[WTVMRXJIIHMRKXLMWJIEVEXNYWXXLSWIWTIIHW&]EREGXSJ
TEVPMEQIRXXLIVWXGEVWXSHVMZISRXLIVSEHWSJ)RKPERH[IVISVHIVIHXSFI
TVIGIHIHF]EQERFIEVMRKEVIHEKXS[EVRSJXLIMQQMRIRXEVVMZEPSJHMVI
danger. Similarly, later humans feared that breaking the sound barrier would
render the pilots body a deconstructed blob of jelly.
%XXLIHE[RSJXLIX[IRX]VWXGIRXYV]XLI-RXIVRIXFSVIXLIRI[WSJEXXIQTXW
to take legal injunctions against the operation of the Large Hadron Collider
JSVJIEVXLEXMXWSTIVEXMSR[SYPHGEYWIXLIHIWXVYGXMSRSJXLI)EVXL8LIWEQI
Internet that carries myriad warnings of the unknown and unproven, yet
apparently utterly incontrovertible, dangers of Frankenfoods; and will soon bear
VWXXLIQYVQYVMRKERHXLIRXLIGEGSTLSR]GSRHIQRMRKXLIEFSQMREXMSRSJ
HVMZIVPIWW*VEROIRGEVW8LIWEQI-RXIVRIXXLEXXLVYQWXSXLIJEQMPMEVHMWGSVHERX
beats of the ancient rallying cry that they are taking your jobs; the they are now
GSQTYXIVWERHVSFSXW8LIWEQI-RXIVRIXXLEXRS[[EVRWXLIPIKMSR[LS[MPP
listen of the impending and imminent fall of civilisation as the ineluctable end of
the inevitable Cyber Apocalypse.
Computers and robots will usurp humans across the spectrum of economic
ERHWSGMEPEGXMZMX]8IGLRSPSK]HMHHMWTPEGIXLILERHPSSQ[IEZIVWXLI
FPEGOWQMXLWERHXLIX]TMWXW6SFSXW[MPPXEOILYQERNSFW9RXMPXLI]GLSSWIRSX
XS8LMWXIGLRSPSK]MWXVERWJSVQEXMZIERHXVERWJSVQEXMSRWHMWVYTX(MWVYTXMSR
MWHMWGSVHERXERHJSVWSQITEMRJYP8LITS[IVSJXLI6SQER'EXLSPMG'LYVGL
never recovered the blow it was dealt by the invention of the movable type
mechanical printing press. Nonetheless, human society as a whole advanced
precisely because it became irreversibly and existentially dependent upon the
printed word.
8LIWEQI-RXIVRIXXLEXWMXWEXXLILIEVXSJXLIG]FIVTLIRSQIRSR8LIWEQI
Internet that has in a few short decades already done more to unleash human
creative potential and transform human society, overwhelmingly for the better,
than any other technology across the span of the millennia of the improvement
of the human condition.
'SQTYXIVFEWIHXIGLRSPSK]LEWIREFPIHXLIVWXS[IVMRKWSJTVMQMXMZI
HIQSGVEG]MRTVIZMSYWP]EYXSGVEXMGWXEXIW8LIWEQIXIGLRSPSK]LEWIREFPIH
undergraduate students to use a three dimensional printer to fabricate a
TVSWXLIXMGLERHJSVEGLMPHJSVEJI[LYRHVIHHSPPEVW8LIWEQIXIGLRSPSK]XLEX
if all goes according to plan, will allow a paralysed teenager wearing a cybernetic
exoskeleton driven telepathically through brain machine interface technology
XSVMWIJVSQXLIMV[LIIPGLEMVERHOMGOXLIVWXFEPPSJXLI*-*%;SVPH'YT
MR&VE^MP8LIWEQIXIGLRSPSK]XLEXLEWIREFPIHXLIQETTMRKSJXLILYQER
KIRSQITVSNIGXERHXLI0EVKI,EHVSR'SPPMHIV8LIWEQIXIGLRSPSK]XLEXQEOIW
it possible for us to even imagine our civilisation existing beyond the exhaustion
SJJSWWMPJYIPW8LMWXIGLRSPSK]LEWGVIEXIHNSFWERH[IEPXL-XMWVIJSVQMRKWSGMIX]
humans, even the nature of our humanity itself. And, it has enabled human
creativity and potential so far and so fast that throughout the historic heartlands
of western capitalism future shock has become a psycho-cultural pandemic.
8S[EXGL8LI1EXVM\MWXSI\TIVMIRGIEREVXIJEGXSJTVIGMWIP]XLIOMRHSJ
creative cultural osmosis relied upon by William Gibson8LMWGVIEXMZISWQSWMW
occurs in a cultural, human, social, solution. A matrix of memes, and neurons, and
thoughts. Endlessly being formed and reformed into ever morphing patterns of
ITLIQIVEPERHGSRXMRKIRXREVVEXMZIMRXIVEGXMSRW8LIJIEVWSJXLI*VEROIRWXIMR
'SQTPI\EVIHVE[RJVSQERHI\TVIWWIH[MXLMRXLMWQEXVM\8LMWQEXVM\MW
infused, if not super saturated, with the narratives of killer robots. Present, in
lesser solution, but only for the moment, are the narratives of the computers, the
robots, becoming life. Alongside the UN Convention on Certain Conventional
;IETSRWMR1E]X[SIQMRIRXEGEHIQMGW[MPPGSRHYGXERMRJSVQEPHIFEXI
LSWXIHF]XLI'EQTEMKRXS7XST/MPPIV6SFSXWERHGLEMVIHF]EWIRMSV*VIRGL
HMTPSQEXEFSYXJYPP]EYXSRSQSYWERH[IETSRMWIHVSFSXW6SFSXWEVIQIVIP]
means through which computers acquire locomotion, sense data, opposable
digits, telepathy, language formation and social forms. And, thus, the matrix of
consciousness.
Neither the reality nor the validity of the fears of the Frankenstein Complex are
WYJGMIRXXSEPPS[XLIREVVEXMZIXSTVSTEKEXIYRGLEPPIRKIH8LIREVVEXMZISJJIEV
must not be allowed to disseminate without contest. Narratives, stories, are both
WYFNIGXWERHSFNIGXWSJGVIEXMSR8LIREVVEXMZIQEXVM\MWFSXLGEYWIERHIJJIGXSJ
XLIEGXYEPMX]SJXLI[SVPHEWMXMW%VXMQMXEXIWPMJIERHPMJIMQMXEXIWEVX8SGLERKI
the world, we must change our narratives. In order to prevent an expression of a
real fear and an imagined future becoming a reality, we must generate a counter
REVVEXMZI3RIMR[LMGLLYQEREKIRG]MWTEVEQSYRX*VEROIRWXIMRWGVIEXMSR
became monster and destroyer because of the way it was treated, not because
of the way it was made. We must not allow ourselves to make our own stories
come true.
8LI7MRKYPEVMX]MWVIEP-X[MPPLETTIR8LIVYPIWSJXLI[SVPH[MPPGLERKI,YQERW
will change. Society will change. As they all have before. Witness the Agrarian
6IZSPYXMSRXLI)RPMKLXIRQIRXERHXLI-RHYWXVMEP6IZSPYXMSR6SFSXWGSQTYXIVW
with the capacity to move and sense and act socially, will attain whatever
HIRMXMSRWSJMRXIPPMKIRGIWIRXMIRGIERHGSRWGMSYWRIWW]SYGLSSWIXSJEZSYV
Perhaps the ultimate danger of the Frankenstein Complex is that it presents
as inevitable that which is merely possible and thus invites the negation of the
IJGEG]SJLYQEREKIRG].YWXEW[IQERYJEGXYVIHXLIJEFVMGSJ8LI7MRKYPEVMX]
so we can manage our role within it. If we choose too.
;MIRIVLEHEHMVIGXMRYIRGISRXLIXLMROMRKSJSRI.'0MGOPMHIV8LIWEQI
0MGOPMHIV[LS[IRXSRXSLIEHYTXLI&ILEZMSYVEP7GMIRGIWERH'SQQERHERH
'SRXVSP4VSKVEQQIWJSVXLI97(IJIRGI%HZERGIH6IWIEVGL4VSNIGXW%KIRG]
%64%
8LIWEQI0MGOPMHIV[LSMRXLIW[VSXIEFSYX[LEXLIGEPPIHXLI
man-machine symbiosis, and about computers as communications devices,
and about computers connected together in to a Galactic Network wherein
humans could interact socially and information could be stored and accessed
JVSQER]RSHISJXLIRIX[SVO8LIWEQI0MGOPMHIV[LSPIHXLIEGXMZMX]XLEX[EW
XSTVSHYGIXLI%64%2)8XLITVMQSKIRMXSVSJXLI-RXIVRIX
-RSVHIVXSHMWTIPJIEVMXMWRIGIWWEV]EPXLSYKLF]RSQIERWWYJGMIRXXSEGUYMVI
ORS[PIHKI/RS[PIHKISJSVMKMRWFIMRKSJTEVXMGYPEVMQTSVXERGI8SYRHIVWXERH
our cyber world, to acquire the knowledge of the origins of cyber itself, to
IZIRFIKMRXSGSQTVILIRH8LI7MRKYPEVMX]ERHFIJSVI[IHIZIPSTXLIGSYRXIV
narratives to the Frankenstein Complex, we must turn to and rediscover the
frame of the matrix that Wiener laid out. Wiener coined the term cybernetics
as the name of a new multi-disciplinary science devoted to the study of complex
systems in which humans and machines operated as equally instrumental agents.
3VMRLMW[SVHWXLIWXYH]SJRSRPMRIEVWXVYGXYVIWERHW]WXIQW[LIXLIVIPIGXVMG
SVQIGLERMGEP[LIXLIVREXYVEPSVEVXMGMEPLEWRIIHIHEJVIWLERHMRHITIRHIRX
point of commencement.
For Wiener a cyber system is precisely one in which the meat and the machine
interact within the system with no distinction insofar as the fact of their agency
is concerned. More, a cyber system is one wherein the distinctions between the
organic and the inorganic modalities of operation becomes ever less meaningful.
Cyber is real. And different. And inexorable. For those who imagine cyber to
be simply a new way of describing the Internet, or perhaps a shorthand for
XLI-RXIVRIXSJ8LMRKWSVQE]FIXLIFIPEXIHI\XIRWMSRSJXLIWGSTISJSYV
understanding of computer networks to industrial control systems; their matrix is
about to deconstruct.
']FIVMWXLIHSQMRERXJSVQEXMZIERHHIRMXMSREPGSRXI\XJSVXLIRI\XTLEWI
of the development of our society, for the evolution of humanity. And, for
XLIIZSPYXMSRSJXLIRI[PMJIJSVQWSJ8LI7MRKYPEVMX]7SSR[I[MPPWLEVIXLMW
TPERIX[MXL3XLIVGSRWGMSYWRIWW']FIVMWEFSYXYXXIVP]RI[ERHTVIZMSYWP]
unimaginable intermingling between the real and the virtual, the imagined and
the actual, the meat and the machine. Cyber will give us the question of how
QYGLQIEXQYWXXLIVIFIMREQEGLMRIJSVXLIIRXMX]XSFILYQER3VLS[
QYGLQEGLMRIQYWXXLIVIFIMRXLIQIEXJSVXLIIRXMX]XSFIEVSFSX8LVII
dimensional printers are replicating humans. We are on the verge of sharing a
new world with new life. We need better narratives. We need to read Wiener.
References
Its deliberate!
6IJIVIRGIWXS8LI1EXVM\EVIXSXLIPQ8LSWIXS8LI1EXVM\EVIXSXLIREVVEXMZI
GSRWXVYGX[MXLMRXLIPQ8LIQIERMRKWERHWMKRMGERGIWSJER]SXLIVVIJIVIRGIWXSER]
SXLIVQEXVM\SVQEXVMGIWEVIYTXS]SYXSKYVISYX8EOIXLIFPYITMPPSVXLIVIHTMPP
8LIGLSMGIMWTVSFEFP]
]SYVW
3
An abyss deeper even than the pits of Hades. A prison of ceaseless torture worse even than
hell.
It was Asimovs custom to enclose references to the phenomenon in quotation marks.
5
Asimov develops and extends his thinking around the Frankenstein complex in his
MRXVSHYGXMSRXS1EGLMRIW8LEX8LMRO8LIERXLSPSK]SJWGMIRGIGXMSRWLSVX
stories he edited with Patricia Warwick and Martin Greenberg. All of the quotes from
%WMQSZEVIXEOIRJVSQLMWMRXVSHYGXMSRXSXLI4IRKYMRIHMXMSRSJXLMWERXLSPSK]
%WMQSZWYFWIUYIRXP]EHHIHXLI^IVSXLPE[XSXLISVMKMREP8LVII0E[WSJ6SFSXMGW8LI
zeroth expands and precedes the First Law thus: A robot may not harm humanity, or, by
inaction, allow humanity to come to harm.
%TSGV]TLEPSVRSXXLMW[MHIP]VITSVXIHXEPIGETXYVIWERMQTSVXERXIPIQIRXSJXLI:MGXSVMER
zeitgeist just as it illustrates the abiding power of the narrative of the Frankenstein Complex.
LXXT[[[[MPPMEQKMFWSRFSSOWGSQEVGLMZICCCEVGLMZIEWT6IXVMIZIH
XL1E]
http://virtualreality.duke.edu/project/walk-again-project/
Norbert Wiener, Cybernetics: of Control and Communication in the Animal and the
1EGLMRI7IGSRH)HMXMSR1-84VIWWTZMMM
For a more detailed treatment of the connections between Wiener, Campbell and Asimov,
WII4EXVMGME7;EVVMGO8LI']FIVRIXMG-QEKMREXMSRMR7GMIRGI*MGXMSRTEVXMGYPEVP]GLETXIV
ADVERTORIAL
94% OF PEOPLE
ONLY 44%
always install internet security
software on new equipment
ONLY 37%
FIFTH (21%)
for smartphones and mobile devices
O
T
N
G
I
A
P
A CAM ERY DAY
MAKE EV EHAVIOUR
ONLINE B
SAFER
,HYSPLY[OPZ`LHY;OL/VTL6JLPUJVUQ\UJ[PVU
with the Department of Business, Innovation and
:RPSSZ)0:HUK[OL*HIPUL[6JLSH\UJOLK[OL
*`ILY:[YLL[^PZLPUP[PH[P]L
The awareness campaign, aiming to change the way SMEs and consumers view
online safety, focused on how safety precautions in the real world have similar
YLSL]HUJLPU[OL]PY[\HS^VYSK
Cyber Streetwise is funded by the Governments National Cyber Security
Programme, with a number of private sector partners also provided support
and investment, including Sophos, Facebook, RBS Group, and Financial Fraud
(J[PVU<2
LESS THAN A
THIRD (30%)
habitually use complex passwords to
protect online accounts
57%
MULTIPLE DEVICES
>OPSLTHU`VM\ZOH]LHU[P]PY\ZHUKYL^HSSZLJ\YP[`ZVM[^HYL
installed on our personal computers at home, our mobile internetenabled devices such as phones and laptops are often
ULNSLJ[LKPUJVTWHYPZVU7Z`JOVSVNPJHSS`HWOVULMLLSZSPRLH]LY`
personal device we put covers on them and have our photos on
[OLZJYLLU0[MLLSZSPRLHUL_[LUZPVUVMV\YZLS]LZI\[P[ZHJ[\HSS`H
WVY[HS[VHW\ISPJYLHSTHKKZ>OP[[`
0[ZUV[Q\Z[WLYZVUHSPZLKNHKNL[Z[OH[JHUNP]LHMHSZLZLUZLVM
security online its partly down to where and how we log online,
[VV3V[ZVM\ZMLLS]LY`YLSH_LKHUKJVTMVY[HISLVUSPULILJH\ZL
were using the internet at ease, in our own homes, reveals Jacky
7HYZVUZ+PYLJ[VYVMPUZPNO[HNLUJ`:LUZL>VYSK^PKL
Any mobile internet-enabled device such as a tablet or laptop
NP]LZKPYLJ[HJJLZZ[V[OLV\[ZPKL^VYSKI\[P[KVLZU[MLLSSPRL[OH[
Unlike walking down a dark alley in an unfamiliar neighbourhood late
at night when were totally on our guard, when were online at home,
^LKVU[HKVW[[OLZHTLZVY[VM^HYPULZZ>LYLPUV\YJVTMVY[
aVULZV^LYLT\JOTVYLSPRLS`[V[HRLYPZRZVUSPUL
KEEPING UP-TO-DATE
Simple steps such as updating software when prompted can make
HO\NLKPLYLUJL[VV\YVUSPULZLJ\YP[`I\[7HYZVUZILSPL]LZ[OH[
[OLSHUN\HNL\ZLKI`[LJOUVSVN`KL]LSVWLYZPZU[HS^H`ZOLSWM\S
6ULVM[OLRL`UKPUNZMYVTV\YYLZLHYJOPZ[OH[[OLSHUN\HNL
about and on the internet is all about speed and convenience; the
messages are about easy access to whatever you want to do online,
such as accessing entertainment, shopping, communicating and
ZOHYPUN^P[OMYPLUKZ^LJHYY`[OH[^P[O\Z
Parsons points out that alerts instructing users to update software
can seem frustrating: Some see it as a massive inconvenience
[OH[ZNVPUN[VZSV^\ZKV^U0[TPNO[Q\Z[[HRLHML^TPU\[LZI\[PU
V\YMHZ[WHJLKKPNP[HSSPML[OH[MLLSZSPRL[VVSVUN[V^HP[ZOLZH`Z
Visit www.cyberstreetwise.com
Cyber Streetwise can be found on Facebook,Twitter and YouTube:
www.facebook.com/cyberstreetwise
@cyberstreetwise
www.youtube.com/user/becyberstreetwise/videos
Join the conversation on #BeCyberStreetwise
Helping vunerable
children and
teenagers
Our motoring events dont
require a special vehicle or
advanced driving skills...
Only a sense of humour and an
adventurous spirit are needed
to enjoy the fun!
CyberTalk #6
THE SCI-FI ISSUE
Supported By
www.whitehatrally.org
+44 700 596 4779
Andy Cook
7&0
8LISYXVEKISVVEXLIVPEGOSJWYVVSYRHMRKXLI
7RS[HIRPIEOWMRXLI9/MWYRWYVTVMWMRK8LIVI
are, we presume, debates raging behind closed
doors in Whitehall, Cheltenham et al. but in
pubs and coffee shops across the country
]SYVIYRPMOIP]XSRHSTIRHMWGYWWMSRSJXLI
latest regarding the misuse of metadata and
algorithms. Especially not when Cheryl and
Simon have come back to the X Factor.
So why did Snowden bother? He gave up
LMWLSQIMR,E[EMMLMWOE]IEVNSF
ERHRS[PMZIWMRIJJIGXMZII\MPIMR6YWWME
constantly looking over his shoulder for
fear of reprisal from the country of
his birth. Upon revealing his identity
7RS[HIRWXEXIH-Q[MPPMRKXSWEGVMGI
all of that because I cant in good
conscience allow the US government
to destroy privacy, internet freedom
and basic liberties for people
around the world with this massive
surveillance machine theyre secretly
building. If true, it is a noble cause
but there are many who believe
that his motives were less than
altruistic.
In a letter to German politician
Hans-Christian Strbele,
he describes his decision
XSHMWGPSWIGPEWWMIH97
government information as
a moral duty, claiming as
a result of reporting these
concerns, I have faced
a severe and sustained
campaign of prosecution
that forced me from my
JEQMP]ERHLSQI8LMWQE]
Centralized Management
High Availability
[
Contact us today and see how the McAfee Next Generation Firewall protects you
against illion AETs and oers the highest level of security protection.
Tel:
Email: k
Web:
WHO
WANTS
STOVEPIPES?
-8-7%*%'892-:)67%00=
%'/23;0)(+)(8,%8
stovepipes
3*'31192-8-)73*-28)6)78
%6)7)0(31-28,)49&0-'
+33(=)8783:)4-4)7%6)
:)6=19',%6)%0-8=
;-8,-28,)'=&)6(31%-2
-ER&V]ERX
8IGLRMGEP(MVIGXSV
SJXLI9/
8VYWX[SVXL]
Software Initiative
87-
33
For the context of this article I use the term stovepipe to represent communities of
interest that have erected barriers between themselves and the rest of their domain.
-XMWTIVLETWMRXIVIWXMRKXSVIIGXXLEXXLIXIVQWXSZITMTIMWMXWIPJEJSVQSJFEVVMIVMR
that depending on the readers perspective it will conjure up visions of either the literal
stovepipe from a fossil fuel combustion device or one of two different fashion trends
EWX]PISJLEXMRXLIXLGIRXYV]EWX]PISJXVSYWIVWMRXLIXLGIRXYV]
%REPXIVREXMZIXIVQYWIHXSHITMGXWYGLWIPJHIRIHGSQQYRMX]FEVVMIVW[SYPHFIWMPS
which again illustrates the potential for situation of appreciation by terminology, for in
addition to this organisational context, it may also be taken to mean somewhere that grain
MWWXSVIHXLIPMOIP]VWXXLSYKLXJSVXLSWIIRKEKIHMREKVMGYPXYVI
SVWSQI[LIVIEQMWWMPI
MWTVSXIGXIHTVMSVXSPEYRGLXLIPMOIP]VWXXLSYKLXSJXLSWISJEQMPMXEV]TIVWYEWMSR
=IX[IRHQER]WXSZITMTIW[MXLMRXLMWHSQEMR[LIVIHIWTMXI
obvious similarities the communities of interest insist on regarding
XLIQWIPZIWEWFIMRKHMWXMRGXJSVMRWXERGIFYWMRIWW-8GSQTEVIHXS
GSRWYQIV-8
8LIQSWXGLEPPIRKMRKSJXLIWIWIXWSJWXSZITMTIWMWXLIWIIQMRKP]
MQTIVQIEFPIFEVVMIVFIX[IIR-8ERH38
8LIXIVQ-8MWVIPEXMZIP][IPPEGGITXIHIZIRMJMXWIPJTVSRI
XSWXSZITMTIWEWQIRXMSRIHTVIZMSYWP][LIVIEW38MWER
emergent term standing for
3TIVEXMSREP8IGLRSPSK]E
superset of another set
of stovepipes, such as
-'7-RHYWXVMEP
'SRXVSP7]WXIQW
)QTMVIW
)\GPYWMSR
)\XIVREPMXMIW
,MWXSVMGEPP]LYQERWSGMIXMIWLEZIHIGSQTSWIHMRXS[LEXEVIORS[REW'MVGPIWSJ8VYWX
with the smaller the circle, the greater the degree of trust, with this pattern of behaviour
tracing back over the millennia.
Within such Empires, dominant personalities will then emerge, whose status is
dependent on the continuation of the Empire: these individuals in particular are
therefore particularly disinclined to breaking down Stovepipes.
Exclusion refers to the implication from the formation of Empires aligned to
TEVXMGMTERXWMRXIVIWXWXLEXXLIMRZIVWIQEXXIVWRSX[MXLMRTEVXMGMTERXWMRXIVIWXW
[MPPEPWSI\MWX3RGIWYGLEZMI[WXEVXWXSJSVQXLI)QTMVIFIGSQIWJSGYWIHSR
MXWS[RMRXIVIWXWERH[MPPWIIOXSI\GPYHI3XLIVWMRXIVIWXW
HUMANITY
8LMWPIEHWXSXLITIVGITXMSRXLEXMXMWTPEYWMFP]HIRMEFPIXSLEZIER]
VIWTSRWMFMPMXMIWJSV3XLIVWGSRGIVRWERHERMRXVMRWMGHMWMRGIRXMZIXSFVIEOMRK
down Stovepipes is to avoid having to accept such responsibilities.
8LI)GSRSQMWXWGSRGITXSJ)\XIVREPMXMIWVIPEXIWXSXLMRKWXLEXEVISJGSRGIVRXS
3XLIVWRSXXLI)QTMVIJSV[LMGLX[SGSRGITXWEVIMQTSVXERXXSYRHIVWXERH
COALITION
OF NATIONS
6MZEPVSYWKSSHW[LMGLGERFIGSRWYQIHF]SRP]SRITIVWSREXXLI
same time
)\GPYHEFPIKSSHWJSVXLSWI[LSLEZIRSXTEMHJSVGSRWYQTXMSRERH[LMGL
can reasonably have access prevented
8LMWPIEHWXSXLIQSHIPSJ+SSHWERH7IVZMGIWEWPEMHHS[RMR8EFPI
NATION
Excludable
Non-Excludable
Rivalrious
Private Goods
Common Goods
NonRivalrious
Club Goods
2EXYVEP1SRSTSP]
Public Goods
Table 1
CLASS
/ TRIBE
/RS[PIHKI1EVOIX
/RS[PIHKIMW2SR6MZEPVSYW'PYF+SSH
ERH_MRERMHIEPMWIH[SVPHEX
least, for Corpus community like Academia} Non-Excludable
4YFPMG+SSH
4VSHYGXWERH7IVZMGIW1EVOIX
8]TMGEPP]6MZEPVSYWERH)\GPYHEFPI4VMZEXI+SSHW
%R]PEGOSJYTXEOISJ+SSH4VEGXMGI/RS[PIHKI
F]7YTTP]7MHI
tends to imposes Negative Externality on Demand Side
%GSRGIVRMWXLEXXLI7XSZITMTIFIX[IIR(IQERHERH7YTTP]MRE4VSHYGXERH
Service Market amounts to Moral Hazard risk taking by one party typically
incurs cost on different party, unless there are compensating measures to transfer
or treat such risks.
FAMILY
8YVRMRKRS[XSXLIUYIWXMSRSJXLI']FIVHSQEMR[IIRGSYRXIVSYVVWX
WTIGMGWIXWSJWXSZITMTIW
In my perception, the Cyber domain encompasses the entire ecosystem
EWWSGMEXIH[MXLHMKMXEPPSKMGGSRXVSPPIHXIGLRSPSKMIWMRGPYHMRKLEVH[EVIFSXL
PSKMGFEWIHERHVIPEXIHRSRPSKMGFEWIH
WSJX[EVI[IX[EVIXLILYQERJEGXSV
data / information, and the electromagnetic environment.
Figure 1
7'%(%7YTIVZMWSV]'SRXVSPERH
(EXE%GUYMWMXMSR
ERH)QFIHHIH
Systems found in sectors such as
transport, with self-isolating niches
for road, rail, aviation, and maritime.
So although the building blocks of
XLI']FIVHSQEMRIKRIX[SVO
TVSXSGSPWTVSGIWWSV
EVIPEVKIP]
common, the stovepiped views
represent an impediment to
innovation and a barrier to
knowledge transfer.
8LIUYIWXMSRSJXIRWMSRWFIX[IIR
innovation and associated risks was
memorably highlighted in the early
TLEWIWSJXLI-RHYWXVMEP6IZSPYXMSR
in England by the clergyman, writer
ERHWSGMEPGVMXMGXLI6IZIVIRH7]HRI]
Smith, who was a great support of
XLIRI[6EMP[E]WFYXJIEVIHXLIPEGO
of consensus on good practice was
societally damaging. Noting humans
well known predisposition to only
PIEVRJVSQXLIMVQMWXEOIWMRLI
stated Every fresh accident on the
railways is an advantage, and leads to
improvements. What we want is an
overturn that kills a bishop or at
least a dean.
=IXMRGSRRMRKSYVWIPZIWXS
stovepipes we are actually reducing
our ability to learn from mistakes.
And within those concerned with
-RJEGXXLI7IGYVMX]7EJIX]HIPMRIEXMSRMWMRMXWIPJEVXMGMEP
[MXLEQSVIYWIJYPHIWGVMTXMSRFIMRK8VYWX[SVXLMRIWW
consisting of 5 overlapping facets:
8LMWGPYWXIVMRKMRIZMXEFP]VEMWIWGLEPPIRKIWMRVIWTIGXSJ8LI
Es, in particular Exclusion, with few Cyber risk practitioners
EHHVIWWMRKEPPWSYVGIWSJ%HZIVWMX]XLIWYTIVWIXSJ,E^EVH
ERH8LVIEXW
8LSWIIRKEKIHMRXLI-RJSVQEXMSR7IGYVMX]WXSZITMTI
GSRWMHIVWXLIMVJSGYWXSWSPIP]FIEHHVIWWMRK8LVIEXHIEPMRK
[MXL8LVIEX%GXSVW[MXL-RXIRXERH'ETEFMPMX]
[LMGLMW
intrinsically a deterministic model that has challenges if the
6MWOEVMWIWJVSQ9RORS[RERH9RORS[EFPIJEGXSVW8LMW
often therefore ignores Hazards, yet Hazards may have
security impacts.
3RXLISXLIVLERHXLI7EJIX]WXSZITMTIGSRWMHIVWXLIMV
JSGYWXSWSPIP]FIEHHVIWWMRK,E^EVHWVERHSQQMWGLERGI
E
largely stochastic model that therefore ignores deterministic
8LVIEXW]IX8LVIEXWQE]LEZIWEJIX]MQTEGXW
35
7EJIX]8LIEFMPMX]SJXLIW]WXIQXSSTIVEXI[MXLSYX
harmful states
6IPMEFMPMX]8LIEFMPMX]SJXLIW]WXIQXSHIPMZIV
WIVZMGIWEWWTIGMIH
%ZEMPEFMPMX]8LIEFMPMX]SJXLIW]WXIQXSHIPMZIV
services when requested
6IWMPMIRGI8LIEFMPMX]SJXLIW]WXIQXSXVERWJSVQ
renew, and recover in timely response to events
7IGYVMX]8LIEFMPMX]SJXLIW]WXIQXSVIQEMR
protected against accidental or deliberate attacks
A Road to
Competency
8LSQEW&,MPFYVR
)QFV]6MHHPI
Aeronautical University,
2ERG]61IEH
Software Engineering
Institute
<WVLW]\UWZMIJW]\5K)NMM[QV^WT^MUMV\_Q\P*TM\KPTMa8IZS
^Q[Q\___UKINMMI\JTM\KPMTaXIZSKW]S
<WLQ[K][[aW]Z+aJMZ;MK]ZQ\a
IVLPW_5K)NMMKIVPMTXaW]
XTMI[MKWV\IK\;*4WV
Tel: 01347 812100
Email: MVY]QZQM[([WN\JW`KW]S
WZWeb:___[WN\JW`KW]S
For the past year, a group of industry professionals and university faculty
LEZIFIIR[SVOMRK[MXLXLI7SJX[EVI)RKMRIIVMRK-RWXMXYXI7)-
MRWYTTSVX
SJXLI(ITEVXQIRXSJ,SQIPERH7IGYVMX](,7
XSHIZIPSTEGSQTIXIRG]
JVEQI[SVOXLEXWYTTSVXWWSJX[EVIWIGYVMX]WTIGMEPMWXW8LIVIWYPXMWXLI
7SJX[EVI%WWYVERGI'SQTIXIRG]1SHIP7[%1SHIP
;IYWIXLIXIVQ
software assurance to mean the application of technologies and processes to
EGLMIZIEVIUYMVIHPIZIPSJGSRHIRGIXLEXWSJX[EVIW]WXIQWERHWIVZMGIWJYRGXMSR
MRXLIMRXIRHIHQERRIVEVIJVIIJVSQEGGMHIRXEPSVMRXIRXMSREPZYPRIVEFMPMXMIW
TVSZMHIWIGYVMX]GETEFMPMXMIWETTVSTVMEXIXSXLIXLVIEXIRZMVSRQIRXERHVIGSZIV
JVSQMRXVYWMSRWERHJEMPYVIW
8LI7[%'SV&SORSXSRP]WXVYGXYVIWERHSVKERMWIWWSJX[EVIEWWYVERGIknowledge
MRXSORS[PIHKIEVIEWYRMXWERHXSTMGW
FYXMXEPWSHIXEMPWLS[ORS[PIHKIWLSYPHFI
YRHIVWXSSHERHYWIH*SVI\EQTPI8EFPIWTIGMIWXLEXER7[%TVSJIWWMSREPWLSYPHFI
able to perform analysis of the threats to which software is most likely to be vulnerable
MRWTIGMGSTIVEXMRKIRZMVSRQIRXWERHHSQEMRWERHLEZIXLIEFMPMX]XSHYTPMGEXIXLI
attacks that have been used to interfere with an applications or systems operations.
8LMWPIZIPSJHIXEMPGERLIPTMRHMZMHYEPWHIXIVQMRIXLIMVGYVVIRXWXEXISJORS[PIHKIERH
plan for additional professional development.
8LI7[%'SQTIXIRG]1SHIPRSXSRP]TVSZMHIWXLIFEWMWJSVEWWIWWMRKER
individuals current competency in software assurance practice, but it can also
provide direction on professional growth and career advancement. Figure 3
broadly outlines the stair steps in career progression, including guidance about
educational preparation and experience expectations. Each level of competency
EWWYQIWGSQTIXIRG]EXXLIPS[IVPIZIPW8LI7[%'SQTIXIRG]1SHIPEPWS
TVSZMHIWEGSQTVILIRWMZIQETTMRKFIX[IIRXLI7[%'SV&S/ORS[PIHKIEVIEW
ERHYRMXW
ERHXLIGSQTIXIRG]PIZIPW8EFPIMPPYWXVEXIWXLMWQETTMRKJSVXLI
7]WXIQ7IGYVMX]%WWYVERGI/%
Knowledge
Units
KA Competency
6MWO1EREKIQIRX
8LIEFMPMX]XSTIVJSVQVMWOEREP]WMW
and tradeoff assessment, and to
prioritise security measures
Assurance Assessment
8LIEFMPMX]XSEREP]WIERHZEPMHEXI
the effectiveness of assurance
operations and create auditable
evidence of security measures
Assurance Management
7]WXIQ3TIVEXMSREP%WWYVERGI
8LIEFMPMX]XSQEOIEFYWMRIWW
case for software assurance, lead
assurance efforts, understand
standards, comply with regulations,
plan for business continuity,
and keep current in security
technologies
8LIEFMPMX]XSMRGSVTSVEXIIJJIGXMZI
security technologies and methods into new and existing systems
8LIEFMPMX]XSZIVMJ]RI[ERHI\isting software system functionality
for conformance to requirements
and to help reveal malicious
content
8LIEFMPMX]XSQSRMXSVERHEWWIWW
system operational security and
respond to new threats
8EFPI'SV&S//RS[PIHKI%VIEWERH'SQTIXIRGMIW
Knowledge Topics
*SV(MZIVWI
3TIVEXMSREP
)\MWXMRK
Systems
Ethics and
Integrity in
Creation,
Acquisition,
and
3TIVEXMSR
of Software
Systems
4SWWIWWIWFVIEHXLERHHITXLSJORS[PIHKIWOMPPWERHIJJIGXMZIRIWWERH
EZEVMIX]SJ[SVOI\TIVMIRGIWFI]SRHXLI0PIZIP[MXLZIXSXIR]IEVW
of professional experience and advanced professional development, at
the masters level or with equivalent education/training.
4IVWSRRIPEXXLMWPIZIPQE]MHIRXMJ]ERHI\TPSVIIJJIGXMZIWSJX[EVI
assurance practices for implementation, manage large projects, interact
with external agencies, etc.
1ENSVVMWOWEWWYVERGIEWWIWWQIRXEWWYVERGIQEREKIQIRXVMWO
management across the lifecycle
Competency Activities
For Newly
(IZIPSTIH
and
Acquired
Software
JSV(MZIVWI
Applications
L2: (IWGVMFIXLIZEVMIX]SJQIXLSHWF][LMGL
attackers can damage software or data associated
with that software by exploiting weaknesses in the
system design or implementation.
0Apply software assurance countermeasures
such as layers, access controls, privileges, intrusion
detection, encryption, and code review checklists.
L4: Analyse the threats to which software is
QSWXPMOIP]XSFIZYPRIVEFPIMRWTIGMGSTIVEXMRK
environments and domains.
L5: Perform research on security risks and attack
QIXLSHWERHYWIMXXSWYTTSVXQSHMGEXMSRSV
creation of techniques used to counter such risks
and attacks.
System
Security
Assurance
04VEGXMXMSRIV
4SWWIWWIWFVIEHXLERHHITXLSJORS[PIHKIWOMPPWERHIJJIGXMZIRIWW
FI]SRHXLI0PIZIPERHX]TMGEPP]LEWX[SXSZI]IEVWSJTVSJIWWMSREP
experience.
4IVWSRRIPEXXLMWPIZIPQE]WIXTPERWXEWOWERHWGLIHYPIWJSVMRLSYWI
TVSNIGXWHIRIERHQEREKIWYGLTVSNIGXWERHWYTIVZMWIXIEQWSR
the enterprise level, report to management, assess the assurance quality
of a system, and implement and promote commonly accepted software
assurance practices.
1ENSVXEWOWVIUYMVIQIRXWEREP]WMWEVGLMXIGXYVEPHIWMKRXVEHISJJEREP]WMW
risk assessment
*SV(MZIVWI
3TIVEXMSREP
)\MWXMRK
Systems
4SWWIWWIWETTPMGEXMSRFEWIHORS[PIHKIERHWOMPPWERHIRXV]PIZIP
professional effectiveness, typically gained through a bachelors degree in
computing or through equivalent professional experience.
4IVWSRRIPEXXLMWPIZIPQE]QEREKIEWQEPPMRXIVREPTVSNIGXWYTIVZMWI
ERHEWWMKRWYFXEWOWJSV0TIVWSRRIPWYTIVZMWIERHEWWIWWW]WXIQ
operations, and implement commonly accepted assurance practices.
1ENSVXEWOWVIUYMVIQIRXWJYRHEQIRXEPWGSQTSRIRXHIWMKR
implementation
4SWWIWWIWXIGLRMGEPPIZIPORS[PIHKIERHWOMPPWX]TMGEPP]KEMRIHXLVSYKL
EGIVXMGEXISVEREWWSGMEXIHIKVIITVSKVEQSVIUYMZEPIRXORS[PIHKI
and experience
4IVWSRRIPEXXLMWPIZIPSJGSQTIXIRG]QE]FIIQTPS]IHMRW]WXIQ
STIVEXSVMQTPIQIRXIVXIWXIVERHQEMRXIRERGITSWMXMSRW[MXLWTIGMG
individual tasks assigned by someone at a higher level.
1ENSVXEWOWXSSPWYTTSVXPS[PIZIPMQTPIQIRXEXMSRXIWXMRKERH
maintenance
0(IWMKRSJERHTPERJSVEGGIWWGSRXVSPERH
authentication.
L4: Analyse the threats to which software is
QSWXPMOIP]XSFIZYPRIVEFPIMRWTIGMGSTIVEXMRK
environments and domains.
L5: Perform research on security risks and attack
QIXLSHWERHYWIMXXSWYTTSVXQSHMGEXMSRSV
creation of techniques used to counter such risks
and attacks.
Unit
L4 Senior Practitioner
/RS[PIHKISJLS[TISTPI[LSEVIORS[PIHKIEFPIEFSYXEXXEGO
and prevention methods are obligated to use their abilities, both
legally and ethically, referencing the Software Engineering Code of
Ethical and Professional Conduct
KA
4SWWIWWIWGSQTIRXIRG]FI]SRHXLI0PIZIPEHZERGIWXLIIPWF]
developing, modifying, and creating methods, practices, and principles
at the orginizational level or higher; has peer/industry recognition;
typically includes a low percentage of an organizations workforce within
XLI7[%TVSJIWWMSRIK SVPIWW
L1 Technician
/RS[PIHKISJXLIPIKEPERHIXLMGEPGSRWMHIVEXMSRWMRZSPZIHMR
analysing a variety of historical events and investigations
8EFPI7[%'SQTIXIRG]7TIGMGEXMSR
L5 Expert
3ZIVZMI[SJIXLMGWGSHISJIXLMGWERHPIKEPGSRWXVEMRXW
8LI7[%'SQTIXIRG]1SHIP[EWMRXIRHIHXSFIKIRIVEPIRSYKLWSXLEXERMRHMZMHYEP
SVSVKERMWEXMSRGSYPHIEWMP]XEMPSVMXXSEWTIGMGIQTPS]QIRXWIGXSVETTPMGEXMSRHSQEMR
SVSVKERMWEXMSREPGYPXYVI8LI7[%1SHIPEPWSMRGPYHIWEGSQTEVMWSRXSXLI(,7
Competency Model and to a set of mappings of actual organisational positions, which
should help organisations adapt it to related purposes.
Conclusion
8LMW7SJX[EVI%WWYVERGI'SQTIXIRG]1SHIP[EWHIZIPSTIHXSGVIEXIEJSYRHEXMSR
JSVEWWIWWMRKERHEHZERGMRKXLIGETEFMPMX]SJWSJX[EVIEWWYVERGITVSJIWWMSREPW3JEPPXLI
participants in recent SEI presentations and webinars on software assurance, only about
LEPJLEHETPERJSVXLIMVS[R7[%GSQTIXIRG]HIZIPSTQIRXFYXQSVIXLER WEMH
XLI]GSYPHYWIXLI7[%'SQTIXIRG]1SHIPMRWXEJRKETVSNIGX
8LIWTERSJGSQTIXIRG]PIZIPW0XLVSYKL0ERHXLIMVHIGSQTSWMXMSRMRXSMRHMZMHYEP
GSQTIXIRGMIWFEWIHSRXLIORS[PIHKIERHWOMPPWHIWGVMFIHMRXLI7[%'SV&S/TVSZMHI
the features necessary for an organisation or individual to determine SwA competency
EGVSWWXLIVERKISJORS[PIHKIEVIEWERHYRMXW3VKERMWEXMSRWGSYPHEPWSEHETXXLI
models features to the organisations particular domain, culture, or structure.
Acknowledgments
;IETTVIGMEXIXLIWYTTSVXSJXLI7SJX[EVI%WWYVERGI'YVVMGYPYQXIEQERH.SI.EV^SQFIOEX
(ITEVXQIRXSJ,SQIPERH7IGYVMX]
8LMWQEXIVMEPMWFEWIHYTSR[SVOJYRHIHERHWYTTSVXIHF]XLI(ITEVXQIRXSJ(IJIRWIYRHIV
'SRXVEGX2S*%'[MXL'EVRIKMI1IPPSR9RMZIVWMX]JSVXLISTIVEXMSRSJXLI7SJX[EVI
Engineering Institute, a federally funded research and development center.
8LMWQEXIVMEPLEWFIIRETTVSZIHJSVTYFPMGVIPIEWIERHYRPMQMXIHHMWXVMFYXMSR
8LI+SZIVRQIRXSJXLI9RMXIH7XEXIWLEWEVS]EPX]JVIIKSZIVRQIRXTYVTSWIPMGIRWIXSYWIHYTPMGEXI
or disclose the work, in whole or in part and in any manner, and to have or permit others to do so,
JSVKSZIVRQIRXTYVTSWIWTYVWYERXXSXLIGST]VMKLXPMGIRWIYRHIVXLIGPEYWIEXERH
%PXIVREXI-(1
References
8,MPFYVRIXEP7SJX[EVI%WWYVERGI'SQTIXIRG]1SHIP8IGLRMGEP2SXI'197)-82
7SJX[EVI)RKMRIIVMRK-RWXMXYXI'EVRIKMI1IPPSR9RMZIVWMX]1EVGLLXXT[[[WIMGQYIHYPMFVEV]
EFWXVEGXWVITSVXWXRGJQ
2ERG]61IEHIXEP7SJX[EVI%WWYVERGI'YVVMGYPYQ4VSNIGX:SPYQI-1EWXIVSJ7SJX[EVI%WWYVERGI
6IJIVIRGI'YVVMGYPYQ8IGLRMGEP6ITSVX'197)-867SJX[EVI)RKMRIIVMRK-RWXMXYXI
'EVRIKMI1IPPSR9RMZIVWMX]%YKYWXLXXT[[[WIMGQYIHYPMFVEV]EFWXVEGXWVITSVXWXVGJQ
I,HUMAN
In the design of
a machine world,
humanity is being
overlooked.
8SQ,SSO
7&0
AI has also been developed to act as a Personal Assistant. In Microsofts research arm,
JSVI\EQTPI'SHMVIGXSV)VMG,SVZMX^LEWEQEGLMRIWXEXMSRIHSYXWMHILMWSJGIXS
take queries about his diary, among other things. Complete with microphone, camera
and a voice, the PA has a conversation with the colleague in order to answer their
UYIV]-XGERXLIRXEOIER]EGXMSRFSSOMRKERETTSMRXQIRXJSVI\EQTPI
EWELYQER
PA would.
8LMWMWNYWXXSYGLMRKSRXLITSXIRXMEPXLEX%-GEREGLMIZIMREHQMRMWXVEXMZI[SVOEPSRI
and yet it has already proved that it can drastically reduce the amount of human
GSRZIVWEXMSRWXLEX[MPPXEOITPEGIMRERSJGI;MXLEPPXLIGSRZIRMIRGIXLEXMXEHHWXS
work and personal life, AI like this could also detract from the relationships, creativity
and shared learning that all branch out of a 5 minute human conversation that would
otherwise have taken place.
8LITSXIRXMEPJSVLYQERJYRGXMSRWXSFIGSQTYXIVMWIHERHXLIEGGIPIVEXMRKTEGIEX
[LMGL%-HIZIPSTWQIERWXLEXXLIIJJIGXWSRWSGMIX]GSYPHKSJVSQMRWMKRMGERXXS
colossal in the space of just a few years.
3RIGSRGITXXLEXGSYPHHVEWXMGEPP]JEWXJSV[EVHXLIWTIIHSJ%-HIZIPSTQIRX
is the Intelligence Explosion; the idea that we can use an AI machine to devise
improvements to itself, with the resulting machine able to design improvements to
MXWIPJJYVXLIVERHWSSR8LMW[SYPHHIZIPST%-QYGLQSVIWYGGIWWJYPP]XLERLYQERW
can, because we have a limited ability to perform calculations and spot areas for
MQTVSZIQIRXMRXIVQWSJIJGMIRG]
%VXMGMEP-RXIPPMKIRGIWIIQWXSLEZIXLIQSWXTSXIRXMEPXSXVERWJSVQWSGMIX]8LI
possibility of creating machines that move, walk, talk and work like humans worries
QER]JSVGSYRXPIWWVIEWSRW3RIGSRGIVRIHKVSYTMWXLI7SYXLIVR)ZERKIPMGEP
Seminary, a fundamentalist Christian group in North Carolina. SES have recently
bought one of the most advanced pieces of AI on the market in order to study
XLITSXIRXMEPXLVIEXWXLEX%-TSWIXSLYQERMX]8LI][MPPFIWXYH]MRKXLI2ESER
EYXSRSQSYWTVSKVEQQEFPILYQERSMHVSFSXHIZIPSTIHF]%PHIFEVER6SFSXMGW2ES
is marketed as a true companion who understands you and evolves based on its
experience of the world.
(ERMIP(I[I]6IWIEVGL*IPPS[EXXLI9RMZIVWMX]SJ3\JSVHW*YXYVISJ,YQERMX]
Institute, explains that the resulting increase in machine intelligence could be very
rapid, and could give rise to super-intelligent machinesQYGLQSVIIJGMIRXEXIK
inference, planning, and problem-solving than any human or group of humans.
8LITEVXSJXLMWXLISV]XLEXWIIQWMQQIHMEXIP]WXEVXPMRKMWXLEX[IGSYPHLEZIE
super-intelligent machine, whose programming no human can comprehend since it
has so far surpassed the original model. Human programmers would initially need to
WIXXLIVWX%-QEGLMRI[MXLHIXEMPIHKSEPWWSXLEXMXORS[W[LEXXSJSGYWSRMRXLI
HIWMKRSJXLIQEGLMRIWMXTVSHYGIW8LIHMJGYPX][SYPHGSQIJVSQTVIGMWIP]HIRMRK
XLIKSEPWERHZEPYIWXLEX[I[ERX%-XSEP[E]WEFMHIF]8LIVIWYPXMRK%-[SYPHJSGYW
militantly on achieving these goals in whichever arbitrary way it deems logical and
QSWXIJGMIRXWSXLIVIGERFIRSQEVKMRJSVIVVSV
3FZMSYWP]XLI2ESVSFSXLEWWSQI[E]XSKSFIJSVIMXWJYRGXMSRWEVI
indistinguishable from humans, but scientists are persistently edging closer towards
that end goal. Neuromorphic chips are now being developed that are modelled on
FMSPSKMGEPFVEMRW[MXLXLIIUYMZEPIRXSJLYQERRIYVSRWERHW]RETWIW8LMWMWRSXE
WYTIVGMEPG]RMGEPEXXIQTXEXTVSHYGMRKWSQIXLMRKLYQERPMOIJSVRSZIPX]WWEOI'LMTW
QSHIPPIHMRXLMW[E]EVIWLS[RXSFIQYGLQSVIIJGMIRXXLERXVEHMXMSREPGLMTWEX
TVSGIWWMRKWIRWSV]HEXEWYGLEWWSYRHERHMQEKIV]
ERHVIWTSRHMRKETTVSTVMEXIP]
;I[SYPHLEZIXSHIRIIZIV]XLMRKMRGPYHIHMRXLIWIKSEPWXSEHIKVIISJEGGYVEG]
XLEXIZIRXLI)RKPMWLSVER]
PERKYEKIQMKLXTVSLMFMX4VIWYQEFP][IH[ERXXS
create an AI that looks out for human interests. As such, the concept of a human
[SYPHRIIHHIRMXMSR[MXLSYXER]EQFMKYMX]8LMWGSYPHGEYWIHMJGYPXMIW[LIRXLIVI
QMKLXFII\GITXMSRWXSXLIVYPIW[IKMZI;IQMKLXHIRIELYQEREWEGSQTPIXIP]
biological entity but the machine would then consider anyone with a prosthetic
limb, for example, as not human.
:EWXMRZIWXQIRXMWFIMRKTYXMRXSRIYVSQSVTLMGWERHXLITSXIRXMEPJSVMXWYWIMR
IZIV]HE]IPIGXVSRMGWMWFIGSQMRKQSVI[MHIP]EGORS[PIHKIH8LI,YQER&VEMR
4VSNIGXMR)YVSTIMWVITSVXIHP]WTIRHMRKQSRRIYVSQSVTLMGTVSNIGXWSRISJ
[LMGLMWXEOMRKTPEGIEXXLI9RMZIVWMX]SJ1ERGLIWXIV%PWS-&16IWIEVGLERH,60
0EFSVEXSVMIWLEZIIEGLHIZIPSTIHRIYVSQSVTLMGGLMTWYRHIVEQTVSNIGXJSV
XLI97(ITEVXQIRXSJ(IJIRGIJYRHIHF]XLI(IJIRGI%HZERGIH6IWIEVGL4VSNIGXW
Agency.
;IQMKLXEPWS[ERXXSHIRI[LEX[I[ERX%-XSHSJSVLYQERW+SMRKFEGOXS
Asimovs Zeroth Law, a robot may not by inaction, allow humanity to come to
LEVQ)ZIRMJ[IWYGGIWWJYPP]TVSKVEQQIHXLMWPE[MRXS%-[LMGLMWHMJGYPXMRMXWIPJ
XLI%-GSYPHXLIRXEOIXLMWPE[EWJEVMWMXHIIQWRIGIWWEV]8LI%-QMKLXPSSOEXEPP
TSWWMFPIVMWOWXSLYQERLIEPXLERHHS[LEXIZIVMXGERXSIPMQMREXIXLIQ8LMWGSYPH
IRHYT[MXLQEGLMRIWFYV]MRKEPPLYQERWEQMPIYRHIVKVSYRHXSIPMQMREXIVMWOSJ
QIXISVWXVMOIW
WITEVEXMRKYWMRMRHMZMHYEPGIPPWXSWXSTYWEXXEGOMRKIEGLSXLIV
ERH
HVMTJIIHMRKYWXEWXIPIWWKVYIPXSKMZIYWRYXVMIRXW[MXLRSVMWOSJSZIVIEXMRKJEXX]
JSSHW
Qualcomm, however, are seen as the most promising developers of this brainemulating technology, with their Zeroth program, named after Isaac Asimovs Zeroth
0E[SJ6SFSXMGWXLIJSYVXLPE[LIEHHIHXSXLIJEQSYW8LVII0E[WSJ6SFSXMGWXS
TVSXIGXLYQERMX]EWE[LSPIVEXLIVXLERNYWXMRHMZMHYEPW
A robot may not harm humanity, or, by inaction, allow humanity to come to harm.
5YEPGSQQWTVSKVEQ[SYPHFIXLIVWXPEVKIWGEPIGSQQIVGMEPTPEXJSVQJSV
RIYVSQSVTLMGGSQTYXMRK[MXLWEPIWTSXIRXMEPP]WXEVXMRKMRIEVP]
8LMWI\EQTPIMWI\XVIQIFYXMJXLITVSKVEQQIVW[LSHIZIPSTSYVVWX%-EVI
MRGETEFPISJWIXXMRKXLIVMKLXHIRMXMSRWERHTEVEQIXIVWMXWETSWWMFMPMX]8LIQEMR
problem is that even basic instructions and concepts involve implicitly understood
features that cant always be spelled out. A gap in the translation might be overlooked
MJMXWRSXRIIHIHJSV SJXLIQEGLMRIWJYRGXMSRWFYXEWXLIMRXIPPMKIRGI
explosion progresses, a tiny hole in the machines programming could be enough to
lead to a spiral in disastrous AI decisions.
8LMWXIGLRSPSK]LEWI\TERWMZITSXIRXMEPEWXLIGLMTWGERFIIQFIHHIHMRER]HIZMGI
we could consider using. With neuromorphic chips, our smartphones for example
could be extremely perceptive, and could assist us in our needs before we even
ORS[[ILEZIXLIQ7EQMV/YQEVEX5YEPGSQQWVIWIEVGLJEGMPMX]WE]WXLEXMJ]SY
and your device can perceive the environment in the same way, your device will be
better able to understand your intentions and anticipate your needs. Neuromorphic
technology will vastly increase the functionality of robots like Nao, with the concept
of an AI with the learning and cognitive abilities of a human gradually moving from
GXMSRXSVIEPMX]
%GGSVHMRKXS*VERO1IILER[LSIZIV[VMXIWXLIVWXWYGGIWWJYP%-TVSKVEQ+SSKPI
LITVIHMGXW
MWPMOIP]XSFIQEOMRKXLIVYPIWJSVEPP%-W-JJYVXLIV%-MWHIZIPSTIH
FEWIHSRXLIVWXWYGGIWWJYPZIVWMSRJSVI\EQTPIMRXLI[E]XLEXXLIMRXIPPMKIRGI
I\TPSWMSRGSRGITXWYKKIWXW
XLIVIMWERMQQIEWYVEFPIVIWTSRWMFMPMX]JSVXLEX
developer to do things perfectly. Not only would we have to trust the developer to
program the AI fully and competently, we would also have to trust that they have the
MRXIKVMX]XSQEOITVSKVEQQMRKHIGMWMSRWXLEXVIIGXLYQERMX]WFIWXMRXIVIWXWERH
are not solely driven by commercial gain.
When robots do reach their full potential to function as humans do, there are
many possible consequences that understandably worry the likes of the Southern
)ZERKIPMGEP7IQMREV]%OI]GSRGIVRSJ(V/IZMR7XEPI]SJ7)7MWXLEXXVEHMXMSREPP]
human roles will instead be completed by machines, dehumanising society due to less
human interaction and a change in our relationships. Even Frank Meehan, who was
MRZSPZIHMR%-FYWMRIWWIW7MVMERH(IIT1MRHFIJSVIXLI][IVIEGUYMVIHF]%TTPI
ERH+SSKPIVIWTIGXMZIP]
[SVVMIWXLEXTEVIRXW[MPPJIIPXLEXVSFSXWGERFIYWIHEW
company for their children.
9PXMQEXIP]XLIVWXWYGGIWWJYP%-TVSKVEQQIVGSYPHLEZIJYRHEQIRXEPGSRXVSPERH
MRYIRGISZIVXLI[E]XLEX%-TVSKVIWWIWERHEW%-[MPPPMOIP]GSQIXSLEZIELYKI
impact on society, this control could span the human race as a whole. So a key
question now stands: How can we trust the directors of one corporation with the
future of the human race?
8LIVITPEGIQIRXSJLYQERWMRIZIV]HE]JYRGXMSRWMWEPVIEH]LETTIRMRKVMWMRK
numbers of self-service checkouts mean that we can do our weekly shop without
any interaction with another human being. Clearly this might be a much more
convenient way of shopping, but the consequences on human interaction are obvious.
ture
an race?
8LIX[SMHIEWLS[IZIVEVIRXQYXYEPP]I\GPYWMZI[IGERWYVVIRHIV
huge dependence to a servant. If we give the amount of dependence
that leads parents to trust AI with the care of their children, society
will have surrendered a great deal. If AI is allowed to take over every
previously human task in society, we will be at its mercy, and humanity
is in danger of becoming subservient.
AI enthusiasts are right to say that this technology can give us countless
advantages. If done correctly, well have minimum negative disruption
to our relationships and overall way of life, with maximum assistance
[LIVIZIVMXQMKLXFIYWIJYP8LITVSFPIQMWXLEXXLIJYPPHIRMXMSR
of correctly hasnt been established, and whether it ever will be is
HSYFXJYP(IZIPSTIVW[MPPEP[E]WFIJSGYWWIHSRGSQQIVGMEPWYGGIWW
the problem of balance in everyday society will not be their concern.
&EPERGIGSYPHEPWSFISZIVPSSOIHF]XLIVIWXSJLYQERMX]EWMXJSGYWIW
SRI\GMXIQIRXJSVXLIPEXIWXXIGLRSPSK]8LMWQEOIWWXYQFPMRKMRXSE
computer-controlled dystopian society a real danger.
If humans do become AI-dependent, a likely consequence is apathy
MRSXLIV[SVHWWPSXLERSXLIVGSRGIVRSJ7)7
ERHEKIRIVEPPEGOSJ
awareness or knowledge, because computers will have made our input
redundant. Humanity cannot be seen to have progressed if it becomes
blind, deaf and dumb to the dangers of imperfect machines dictating
our lives. Luddism is never something that should be favoured, but
restraint and extreme care is needed during the development of such
a precarious and transformative technology as AI.
8LIWIJSVQEXMZIWXEKIWSJHIZIPSTQIRX[MPPFILYKIP]MQTSVXERX3RI
of the key reasons that the Southern Evangelical Seminary are studying
Nao, is because of worries that super-intelligent AI could lead to
humans surrendering a great deal of trust and dependence with the
TSXIRXMEPXSXVIEXEWYTIV%-EWKSH'SRZIVWIP](V7XYEVX%VQWXVSRK
6IWIEVGL*IPPS[EXXLI*YXYVISJ,YQERMX]-RWXMXYXIFIPMIZIWXLEXE
super-intelligent AI wouldnt be seen as a god but as a servant.
e
How an w trust the dire
ctors o
f one c
orpora
tion with
fu
he
um
he h
ft
The rst and only full integration of servers, storage, networking and management in only 5U.
Up until now, there hasnt been an IT solution designed specically for an office environment.
Enter the new Dell PowerEdge VRTX powered by the Intel Xeon processor, an integrated
end-to-end solution built specically for the growing office. Its the only 5U PowerEdge
shared infrastructure platform design based on input from over 7,000 customers, featuring
four integrated servers, 48TBs of storage, networking and systems management to simplify
all aspects of IT. You inspired it. Dell built it.
(SRXKMZI]SYVWIPZIWXSXLIWIYRREXYVEPQIR
machine men with machine minds and machine
hearts! You are not machines! You are not cattle! You
are men! You have a love of humanity in your hearts!
Charlie Chaplin, The Great Dictator (1940)
&DOO
Premier
Dell PartnerDirect Partner
IRUDTXRWHRUHPDLO
'HOO#VRIWER[FRXN
)LQGRXWDERXW6%/
VKDUGZDUHVROXWLRQVDWKWWSZZZVRIWER[FRXNKDUGZDUH
G-Cloud
With the launch of G-Cloud, SBL have focused heavily on
significantly expanding our Cloud Services portfolio to
the PSN Public Sector Network. SBL deliver a number of
secure Cloud Services across the Public Sector through
the medium of the G-Cloud initiative. SBLs innovations
will support the Government Cloud Strategy to transform
the public sector ICT estate into one that is agile, cost
effective and environmentally sustainable. Working with
leading global security vendors various research projects
and pilots are currently underway to scope the delivery of
the next generation of Community Cloud Services via the
DOBUS platform.
SBL can announce that the following services are now available via the CloudStore:
DOBUS
DOBUS To Go
REVIEW
A new feature in this years event was an academic presentation. Char Sample, Security Solutions Engineer
EX'EVRIKMI1IPPSR9RMZIVWMX]FVMIJIHHIPIKEXIWSRXLIPEXIWXVIWIEVGL[LMGLEREP]WIWERHUYERXMIWXLI
XLVIEXZIGXSVWFEWIHYTSRXLIGLEVEGXIVMWXMGWSJTSXIRXMEPWEXXEGOIVW8LIVIMWMRGVIEWMRKMRXIVIWXMR']FIV
7IGYVMX]6IWIEVGLEWSYVMRHYWXV]QSZIWXS[EVHWMRGVIEWIHTVSJIWWMSREPMWQERH'EVRIKMI1IPPSRMWSRI
SJXLIYRMZIVWMXMIWEPVIEH]GSRXVMFYXMRKXSXLI']FIV7IGYVMX]6IWIEVGL;MOMXLEX7&0ERRSYRGIHHYVMRK
the IA Practitioners Event.
The IA Practitioners
EVENT 2014
eview
7&0MW[SVOMRK[MXLMRHYWXV]TEVXRIVWERH9RMZIVWMXMIWMRGPYHMRK3\JSVH&MVQMRKLEQ6IEHMRK(I
1SRXJSVXERH=SVOXSEWWMWX[MXLXLITVSHYGXMSRSJXLI']FIV7IGYVMX]6IWIEVGL;MOMERHGS
SVHMREXMSRGSPPEXMSRERHQSRMXSVMRKSJMXWGSRXIRX6IGIRXGSPPEFSVEXMSR[MXL%GEHIQMEERH-RHYWXV]
both here and overseas has served to identify a clear and profound requirement for a central
repository of useful and leading edge cyber security research, information, and best practice
KYMHERGIQEXIVMEP7&0LEWHIZIPSTIHXLMW;MOMXSTVSZMHIHIZIPSTERHQEMRXEMREVIWXVMGXIH
space in which practitioners will be able to access this information in one place.
8LIJSYVXLERRYEP-RJSVQEXMSR%WWYVERGI
-%
4VEGXMXMSRIVW)ZIRXXSSOTPEGIEX=SVO
6EGIGSYVWISRXL
XL1EVGL
-%4VEGXMXMSRIVW)ZIRXHIPMZIVIHSRFSXLQ]TVSJIWWMSREPVIUYMVIQIRXWERH
expectations. An excellent event! (IPIKEXI*IIHFEGO
In addition to keynotes/plenary sessions, delegates had the choice of attending one of six
workshops on each day. Feedback from these sessions indicates that delegates not only
IRNS]FYXFIRIXJVSQXLISTTSVXYRMX]XSMRXIVEGX[MXLTIIVW')7+ERHZIRHSVWSR
HMZIVWIXSTMGWWYGLEW%HZERGI']FIV8LVIEXW4VEGXMGEP%TTPMGEXMSRSJ-%MRER%KMPI
World and An Industry Perspective of Cyber Security Skills.
&VSYKLXXS]SYF]')7+ERH7&0XLMW]IEVWIZIRX[EWGLEMVIHF]'LVMW9PPMSXX
8IGLRMGEP(MVIGXSVERH'LMIJ7IGYVMX]%VGLMXIGX')7+[MXL'SPMR;MPPMEQW7&0
&YWMRIWW(IZIPSTQIRX(MVIGXSV
ZMWMXMRK4VSJIWWSVEX(I1SRXJSVX9RMZIVWMX]
reprising his role as the Master of Ceremonies throughout.
Practitioners
Event 2014
IA Practitioners
)ZIRXHIPMZIVIH
on both my professional
requirements and
expectations. An
excellent event!
Delegate
Feedback
3ZIVEXXIRHIIWVIKMWXIVIHJSVXLIIZIRXQEOMRKMXXLIFMKKIWX-%
4VEGXMXMSRIVW)ZIRXWSJEVEPSRK[E]JVSQXLILYQFPISVMKMRWMRXLIVWX
(-4'3+)ZIRXLIPHSRXL7ITXIQFIV[LIRXLIVI[IVINYWX
HIPIKEXIWERHI\LMFMXSVW
8LIGSRXMRYMRKKVS[XLERHTSTYPEVMX]SJXLI-%4VEGXMXMSRIVW)ZIRXMWMRRS
small part attributable to the fact that we do listen to the feedback we receive
and continually seek to improve the event and enhance the experience for
delegates and sponsors alike.
Some of this years enhancements included a mobile site so delegates
GSYPHOIITEFVIEWXSJXLIEKIRHEERHIZIRXMRJSVQEXMSR(MKMXEPHMWTPE]
screens also provided quick reference to information and iPad stations
provided the opportunity for instant feedback on the presentations.
Lead Sponsor
8LI-%4VEGXMXMSRIVW)ZIRXEPWSQEOIWTVSZMWMSRJSVXLI-87IGYVMX]3JGIVW*SVYQ
-873*
1SVIXLEREHIPIKEXIWEXXLIIZIRX[IVIVIKMWXIVIHEW-87IGYVMX]
3JGIVWERHXLIVI[IVIGPSWIHWIWWMSRWEZEMPEFPIJSVXLIQVYRRMRKEPSRKWMHIXLI
main programme each day.
8LEROWXSXLISVKERMWIVWJSVEVVERKMRKXLMW-X[EWXLIFIWXIZIRXSJMXWX]TI-
have attended and I will be back next year!! (IPIKEXI*IIHFEGO
8LVSYKLSYXXLIX[SHE]WSJXLIIZIRXXLIVI[EWERI\LMFMXMSRJIEXYVMRKEVIGSVH
WXERHWWLS[GEWMRK[IPPORS[RERHIQIVKMRKZIRHSVWERHTVSJIWWMSREPFSHMIW
TVSZMHMRKG]FIVVIPEXIHWIVZMGIWMRGPYHMRK1S(()
7--74&'7ERH%41+%W
well as dedicated vendor presentations and workshops, both the delegates and
ZIRHSVWFIRIXJVSQXLIJEGIXSJEGIRIX[SVOMRKSTTSVXYRMX]XLEXXLII\LMFMXMSR
EVIETVIWIRXWWEMH2EXEPMI1YVVE]1EVOIXMRKERH)ZIRXW1EREKIVEX7&08LI-%
Practitioners who attend the event value the chance to get hands-on with the latest
technologies and to ask questions of the manufacturers.
Lead Networking
Sponsor
8LI-%4VEGXMXMSRIVW)ZIRXMWVIRS[RIHJSVXLIUYEPMX]SJMXWMRTYXTEVXP]
because the programme is kept strictly to time and topic but also by working
EGVSWW')7++SZIVRQIRX(ITEVXQIRXWERH:IRHSVGSQTERMIW[IEVIEFPI
to draw on a vast resource of speakers from different backgrounds who
provide excellent and stimulating input to the conference. Some of this years
speakers included:
It was always
going to be
difcult to build
on the successes of
previous events, yet,
the quality of speakers
and attendee interaction
made this years
IA Practitioners Event
even bigger and better.
Planning for the next IA Practitioners Event is already under way and will see the
IZIRXVIXYVRMRKXSXLI=SVO6EGIGSYVWIMRIEVP]
'SRXEGXXLIIZIRXWXIEQEX7&0
)ZIRXW$WSJXFS\GSYO
for more information.
6IJVIWLQIRXWEXXLIIZIRXEVIWIVZIH[MXLMRXLII\LMFMXMSREVIEXSQE\MQMWIXLI
RIX[SVOMRKSTTSVXYRMX]JSVHIPIKEXIW[MXLXLIMVTIIVWERHSYVI\LMFMXSVW8LI)ZIRXW
8IEQMWHIHMGEXIHXSFYMPHMRKVIPEXMSRWLMTW[MXLZIRHSVWRI[XSXLI-%4VEGXMXMSRIVW
)ZIRXERHEP[E]W[IPGSQIWWYKKIWXMSRWERHVIUYIWXW8LII\LMFMXMSREPWS
LSWXIHXLI;LMXI,EX6EPP]ERSVKERMWEXMSRJSVQIHMRF]MRHMZMHYEPWJVSQXLI
9/-RJSVQEXMSR7IGYVMX]MRHYWXV][LMGLSVKERMWIWRSRGSQTIXMXMZIQSXSVWTSVXW
events to raise funds for charities working with vulnerable children.
(See more at http://info.whitehatrally.org)
CESG had a strong presence in the exhibition area with a number of technical and
policy staff on hand during the day. In addition, they offered an hour of dedicated tea
XMQIWYVKIVMIWEXXLIMVWXERHEXXLIIRHSJXLIVWXHE]EPPS[MRKHIPIKEXIWXSTVI
FSSOETTSMRXQIRXWERHWTIRHXMQI[MXLEWTIGMEPMWXSRESRIXSSRISVSRIXSJI[
basis to discuss their concerns and get answers to any questions they had.
8LIIZIVTSTYPEVRIX[SVOMRKHMRRIVSRXLIIZIRMRKSJHE]SRITVSZMHIHJYVXLIV
opportunity to build relationships. Pre-dinner drinks and excellent food and wine
[IVIIRNS]IHF]HIPIKEXIW[LSXLIRWIXXPIHHS[RXSPMWXIRXSXLIGYWXSQEV]
EJXIVHMRRIVWTIEOIV8LMW]IEV[IMRZMXIH8:TVIWIRXIV4IRR]1EPPSV][LSKEZIER
interesting and amusing account of her journey from being in her own words a total
waster to a champion rally driver.
As might be expected throughout the conference there was considerable interest
in the then imminent implementation of the changes to the Government Protective
1EVOMRK7GLIQI8LIETTVSEGLYRHIVXLIRI[+SZIVRQIRX'PEWWMGEXMSR7GLIQI
MWJSVMRGVIEWIHPSGEPEYXSRSQ]ERHEGGSYRXEFMPMX]8LIKYMHMRKTVMRGMTPISJXLI
+SZIVRQIRX'PEWWMGEXMSR7GLIQIMWXLEXEPP+SZIVRQIRXMRJSVQEXMSRLEWEZEPYI
and requires a basic level of protection and individuals are personally responsible and
accountable for exercising good judgement in securing the information.
8LIPEWX[SVHSRXLMWGEQIJVSQ')7+WXEXMRKXLEX8LIVIMWRSXERH[MPPRSXFIE
check list for achieving network security. It is up to the data owner to assess the risk
and take appropriate counter measures.
8LI-%4VEGXMXMSRIVW)ZIRXMWGSRWMWXIRXP]TVEMWIHF]FSXLHIPIKEXIWERHWTSRWSVWJSV
the quality of its speakers, exhibition and organisation and enjoys its reputation as a
must attend event in the IA calendar.
-XLMROXLMW]IEVWIZIRXLEWFIIRI\GIPPIRXEGPIEVMRWMKLXMRXSLS[
Government Departments are working, how Suppliers are working with
them to achieve IA Compliance. It has been very useful that vendors had
to discuss a topic without too much sales pitch. (IPIKEXI*IIHFEGO
*MVWXPIXQIWE][LEXEJERXEWXMGNSF]SYERH]SYVXIEQHMHTYXXMRKXSKIXLIVERH
running yet another successful IA Practitioner event. As both a delegate visiting
the stands and listening to conference presentations and as a Director for the
IISP manning our stand and taking questions and queries from members and CCP
applicants I found again, that the conference provides an excellent opportunity to
update myself regarding current policy, network and provide support and guidance
to members and applicants. Thank you again. Exhibitor Feedback
Brought to
You By
8LEROWXSXLI
organisers for arranging
this. It was the best
event of its type I have
attended and I will be
back next year!!
Delegate
Feedback
&
EVENTS
lmanac
AofEvents
2014
June-SEPT
at De Montfort University
9/+VIIGI97%%YWXVEPME.ETER&VE^MP'LMRE-XEP]4SPERH'EREHE
JUNE
23 - 26
3-4
10 - 11
IA14
London, UK
OWASP APPSEC
EUROPE
Cambridge, UK
CFET 2014
Canterbury, UK
25
8,)9634)%2
CONFERENCE ON CYBER
WARFARE AND SECURITY
ECCWS-2014
Piraeus, Greece
PSN SUMMIT
London, UK
7-9
CLOUD WORLD
FORUM 2014
London, UK
17 - 19
26
THE CYBER
SECURITY
SUMMIT
London, UK
23 - 26
SECURITY & RISK
MANAGEMENT SUMMIT
Washington D.C, USA
19TH AUSTRALASIAN
CONFERENCE ON
INFORMATION SECURITY
AND PRIVACY (ACISP 2014)
Wollongong, Australia
16 - 18
PRIVACY ENHANCING
TECHNOLOGIES
SYMPOSIUM (PETS14)
Amsterdam, Netherlands
22 - 23
RSA CONFERENCE
ASIA PACIFIC & JAPAN
Marina Bay Sands, Singapore
ST14 NORTH
Manchester, UK
AUGUST
SEPTEMBER
2-7
17 - 21
3-5
9 -11
22 - 24
RYPTO 2014
6(INTERNATIONAL
CRYPTOLOGY
CONFERENCE)
California, USA
9TH CONFERENCE
ON SECURITY AND
CRYPTOGRAPHY FOR
NETWORKS
%QEP-XEP]
27 - 29
8 -10
7-28,)8,
INTERNATIONAL
CONFERENCE ON
THE SECURITY OF
INFORMATION AND
NETWORKS
Glasgow, UK
6(-28)62%8-32%0
CONFERENCE ON
CRYPTOGRAPHY AND
SECURITY SYSTEMS
(CSS14)
Lublin, Poland
9TH INTERNATIONAL
WORKSHOP ON
SECURITY
(IWSEC 2014)
Hirosaki, Japan
TDWI BI
SYMPOSIUM
London, UK
14 - 15
SELECTED AREAS IN
CRYPTOGRAPHY
(SAC2014)
Montreal, Canada
JULY
16 - 17
17 - 18
8 -12
CYBER WEEK
Leicester, UK
24 - 26
17
19
8,-)))
(LATINCRYPT) THIRD
INTERNATIONAL
CONFERENCE ON
CRYPTOLOGY AND
INFORMATION
SECURITY IN LATIN
AMERICA
Resort Costao do
Santinho, Brazil
INTERNATIONAL
CONFERENCE ON
TRUST, SECURITY
AND PRIVACY IN
COMPUTING AND
COMMUNICATIONS
Beijing, China
25
4TH CYBER RISK AND
DATA PROTECTION
INSURANCE FORUM
London, UK
Visit
www.softbox.co.uk
for more information
cyber talk@softbox.co.uk
www.softbox.co.uk/cyber talk
cybertalkmagazine
$']FIV8EPO9/