Let's Clear up the Debris - What the Snowden Leaks Mean for Your IT Security Strategies presented at Troopers 2015

by Kai Nothdurft, Sylvia Johnigk,

Summary : The Snowden Leaks triggered a worldwide scandal. The public interest and discussions focus on the mass surveillance of internet users by secret services. But another even more severe aspect that was revealed by Snowden is the total compromise of nearly everything that is important for IT security: crypto products and standards, worldwide spread masses of infiltrated Internet servers ready for botnet misuse, manipulation of hardware and software components partly with knowledge or collaboration of producers and vendors. The underlying trust model as a whole has to be reviewed and checked from the scratch. This has to lead to huge consequences on companies' IT security strategies that (if at all) are just partly realized by decision makers on senior management level. Therefore most of the needed and important consequences are still pending. Our talk gives an overview on the requirements und some first step recommendations for companies' IT security strategies considering the change of the IT security game triggered by the Snowden Leaks.