SARNET – ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET - Enhancing Cyber Resilience

Relation to NCSRA II

SARNET | October 5th 2016 CYBER THREATS ARE EVOLVING…

Key trends

Cyber Cyber Cyber Cyber Magnitude of Sophistication Degree of crime activism espionage warfare vulnerabilities of attacks organisation

DDoS attack Sony Playstation DDoS wave Apple by Anonymous Network hack KPN Dorifel NL Finance iCloud hack Diginotar hack virus PRISM Shellshock Stuxnet RSA hack Lektober Flame APT1 Belgacom Heartbleed Sony pictures

2010 2011 2012 2013 2014

SARNET | October 5th 2016 …AS ARE RESILIENCE STRATEGIES

often induced by (severe) incident

Traditional Monitoring & Threat intelligence Autonomous prevention response construct capabilities response & recovery put up walls and detect (potential) attacks anticipate and take reduce dependency hope for the best and limit damage proactive precautions on human operation

Automation is required to mitigate cyber threats and attacks in time SARNET | October 5th 2016 … THE IDEA IS NOT NEW

Part of IBM’s Automic Computing In 2001 IBM defined Autonomic Computing with Self-Protection and Self-Healing

Autonomous Response & Recovery

SARNET | October 5th 2016 … THE IDEA IS NOT NEW

Part of IBM’s Automic Computing In 2001 IBM defined Autonomic Computing with Self-Protection and Self-Healing

Autonomous Response & Recovery FP6 project IST–2004–026600–DESEREC

SARNET | October 5th 2016 … BUT IT IS HAPPENING NOW

The World's First All-Machine Hacking Tournament August 2016

SARNET | October 5th 2016 SARNET

Make use of SDN and NFV technology to create cyber resilient ICT infrastructures

Cyber resilience - “The ability of an ICT system to anticipate, withstand, recover from, and evolve to improve capabilities in the face of cyber threats & attacks”

SARNET | October 5th 2016 SARNET - Enhancing Cyber Resilience

Relation to NCSRA II

SARNET | October 5th 2016 NATIONAL CYBER SECURITY RESEARCH AGENDA II Published in November 2013 Basis for call for proposals: NWO Cyber Security SBIR Cyber Security Produced by IIP-VV http://www.iipvv.nl https://www.dcypher.nl/

Authors of the NCSRA II prof.dr.ir. Herbert Bos (VU) prof.dr. Sandro Etalle (TUE/UT) ir. Frank Fransen (TNO) dr.ir. Erik Poll (RUN)

SARNET | October 5th 2016 NCSRA II APPLICATION DOMAINS & RESEARCH THEMES

12 Application Domains

9 Research Themes

SARNET | October 5th 2016 NCSRA II Relation to SARNET

Autonomous Response Self-protection & Self-healing

SARNET | October 5th 2016 THANK YOU

ReinderFrankWolthuis Fransen +31+31 66 535191 72 33 49 79 00 [email protected]@tno.nl

SARNET | October 5th 2016