KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
A digital twin is a virtual representation of a real-life subject. This mapping encompasses its entire lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to support decision-making.
Human beings and their behavior can also be copied and simulated by digital twins. During the last talk at the EIC conference, we already looked at the threats, challenges and opportunities creating digital twins in cybersecurity.
This time we want to discuss how we can dive into a world through a digital twin of a cybercriminal to change perspectives and to understand the cybercriminals behavior.
Imagine having a tool that can perform these simulations at the highest level. Why not use it to our own advantage?
A digital twin that not only simulates the approach and behavioral patterns of cyber criminals but can also predict ahead of time. What if we can turn the tables on cybercriminals by fighting fire with fire?
A digital twin is a virtual representation of a real-life subject. This mapping encompasses its entire lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to support decision-making.
Human beings and their behavior can also be copied and simulated by digital twins. During the last talk at the EIC conference, we already looked at the threats, challenges and opportunities creating digital twins in cybersecurity.
This time we want to discuss how we can dive into a world through a digital twin of a cybercriminal to change perspectives and to understand the cybercriminals behavior.
Imagine having a tool that can perform these simulations at the highest level. Why not use it to our own advantage?
A digital twin that not only simulates the approach and behavioral patterns of cyber criminals but can also predict ahead of time. What if we can turn the tables on cybercriminals by fighting fire with fire?
So good evening all. My name is Sylvia Ni. I'm director at PWC and leading the team of enterprise security architects where we are working on topics around zero trust. So you might have heard my colleague Fark talking about zero trusts, but we are also looking at emerging technologies. I started almost 20 years ago when working as an identity engineer and I also do have some kind of research background.
And back then when I was working at the universities, the good thing there was that there was always money for software hardware and we were draining students for doing pen tests and the students had a lot of fun pen testing each other. So their task was homework, hack each other to get some kind of credits. Our admins had a hell of a nightmare in setting up this training environment where say the student could hack each other without breaking out to our university network systems.
So around 2010 it became more convenience by utilization of virtualization techniques whereby the pushover the button. So admins were able to set up a whole Panta lap environment where the pan and the students could hack it at and reset it and clean it up when the, the course was done was the term cyber end range was not invented yet. So in my last year's presentation that's I conference, we discussed the threats and challenges and opportunities of digital twins.
So thanks to coping a call to have me here again and this time I will discuss and show how we can dive into a world by using a digital twin of a cyber criminal to change perspective and understands the behavior of cyber criminals. Now imagine having a tool that can perform the simulation to the highest level. So why wouldn't we use it to our advantage?
And before I do set, I will introduce some concept around the digital twin, where we come from, where the history is but also son we I will show how we utilize digital twins to understand criminal or misbehavior and son, I will also give a small wraparound zero trust, how zero trust could help to prevent hackers. Now looking around, where are we coming from and what a digital twin is. So yesterday Katherine Dok, everything is identity. So a digital twin can be a digital model or replica of basically anything a human being.
Cities, buildings, machines, things and on. So it's a regular expression of what digital twin could all be. And digital replica or digital twins captures the entire lifecycle of the object and is continuously updated also with real-time data.
So, so digital twin utilize a whole bunch of techniques and technologies like simulation, machine learning, A I R A and so on, you name it. And also the interference to support decision making. So digital twins can be used for a whole lot of use cases. I short some also last year in last year's presentation and such as for example optimization, predictive maintenance testing and also LE learning and raising awareness. Well second also used to model human behavior and interaction allowing for assimilation and analysis of complex systems and processes.
And if you look at where the digital twin comes from, so unlikely as today where in the 1960s for na it says it's more convenient to have a model of rockets or Apollo mission before the start going into Mars universe. So they have created some kind of living model for the Apollo mission. So term digital twin wasn't used yet in the 1960s however say continue to use this kind of digital representation and models to explore space and prepare for missions. So which means the concept of digital twin is not new. However the scale and nature and the models are evolving.
And in so 1991 David Gilland wrote a book, it was called Mirror Worlds and he predicts it by backen, a revolution in computing that will transform society. And he was calling it's Ari Rise of Mirror Worlds. And he said So vast public software programs will provide an image of reality allowing us to explore the world in an unprecedented depths in detail without leaving our homes.
So, and he explains mirror words were built will be built by using technologies that's already available and he called it disembodied machines and he used the term digital
Michael, I don't know how to pronounce him. So he's running the digital twin lab and he comes from a manufacturing per view and from the product life cycle side and he defines the concept of a digital driven also as a virtual representation of a physical product. And also here he has a concept model of virtual products that closely resembles the physical counterpart. And in his model he has physical products in the real space, virtual products in the virtual space and connections that links them.
And he uses this kind of technology to reduce costs faster innovation and improves the quality of products NASA and 2007 has on its roadmap to use digital twin technology also for to improving spacecraft design, manufacturing and maintenance of spacecraft. And this involves also creating virtual models, monitor and predict performance in real time allowing for early detection and resolution of issues. So they called also for a roadmap and for a framework to share twin models between NASA and their partners.
And as I said since 1960s NASA is using this kind of modeling few and using twin and going further in in the time. So we are now in 2011 where we have the cyber range range evolve. So I'm introducing this concept cause we later on needed to have our cyber criminals modeled and cyber range evolved from approaches but it had a big footprint in military simulation training and also the simulations of development of hacking simulators. And so first cyber range platforms was a net was platform developed by the science institute and introduced into the DEFCON security conference in 2011.
And since then also cyber range platforms evolved and were developed depending on what kind of provider and platform you're looking. And most recent developments are developments are also integrating AI and machine learning technologies for threat detection and defense and of course also integration of cloud technologists for scaling up and 2017 Sam discussed AI and machine learning tools for detecting and defending against cyber threats and also tools that can analyze large amounts of data and identify patterns to detect potential threats in real time.
So all those kind of developments are necessary for digital twin but also for modeling digital twin and also for modeling cyber criminals behavior. Just one outlook for from European commission Digital digital identity to provide European citizens, residents and business with secure and trusted identities. I think we've heard a lot about it on this conference so I don't dive into this. So now how could we learn from the twin and misbehavior And of course in this our audience I do not have to talk a lot about hackers and cyber criminals.
Iza was selling okay, hackers have organized the good guys have not. We all know the damage cyber can dam costs to our organizations. Financial losses, reputation, legal consequences. Babar showed this morning session a successful use case as with multimillion dollar damages, which means to protect organization we must invest in resilience and choosing the right technologies as well as ensures that employees are aware of the risk, associate risk associated with cyber attacks and such a follows best practices.
So now the idea is now is to have a digital twin that simulates approach and behavior patterns of cyber criminals that we can use for make prediction And this is our idea to dehus and the idea is to turn the table on cyber criminalists by fighting fire with fire. And just one more outlook about what we have to consider share. So the potential threats. Also my previous speakers have talked about many of the potential threat and attacks patterns that are out there.
I won't dive deep into this but just a few sets are more relevant Also for as a digital twin, like identity abuse deep blocker, which is one of the frauds that uses AI technology, what we've seen and c o frauds is becoming also known as boss fraud or fake president fraud is also interesting that it's coming back. It was some kind of fraud using email or telephone. And now if you look at technologies like deep fake, that's also some kind of interesting pattern for cyber criminal behavior. And in America for example, grandchild where impersonations comes on the rise.
And so us also by using AI technology which have been made it easier and cheaper for bad actors. Now in 2022 it was the second most popular record in America resulting in over 36,000 reports of people being spindled and one 11 million of losses by our powered tooling. Now I was telling about emergence effects. In fact it is some kind of typo here. It's not one multiplier by one equals three, it's I was meaning one plus one is three, it's from Aristos who sets a hole is more some of its parts and immigrants. And in it in attacks is just to give you an simple example.
For example, I have this watch, it's a smartwatch. It tells me that I have to walk more to drain more and as there are apps out there where I can look where I was having my walks, which is a potential use case to bring me more in in draining and and such kind of information are also used for by attackers when the people were trained where American soldiers and they un reveals all also layout of the military facilities. So merchants effects showed informations which wasn't so. So individual parts were designed for.
And now one example as the link is over here, you will get the slides afterward, which I would also recommend to have a look at because that's some kind of technology. It's a YouTube tutorial technologies that is meant for gaming for television and film. It used technologies from Unreal engine and it shows you in five and a half minutes how you can capture facial motion picture, which means on the right hand side is the real person on the left hand side you see a digital twin of the person.
And this kind of technology is easy possible to have some kind of digital twin of a person with always oppression facial expressions. It's meant for gaming television films or you might have heard about ZPA digital twins.
However, from a cybersecurity standpoint, this technology presents both opportunities and challenges. So the opportunity can be that you could enhance accuracy and effectiveness of security systems that use facial recognition systems.
However, I also fear that this is also potential risk for cyber criminals to use or up use this kind of system for the next way for deep fights videos. So and now let's have a look for how we design and implement si digital twins of criminals. So we leverage the techniques that I was introducing. We have on the left-hand side potential threats attack vectors coming from well espionage hackers, nation state actors, whatever. And we have a digital twin of our infrastructure, which means we have a digital twin of the copy of the company or the organization networks.
And those are exact copies of the actual networks and that are used to replicate attacks by art hackers in a simulated environment while and it's utilized cyber range technologies that I was talking about. And you see here potential attacks that could happen. And so cyber criminal behavior will be simulated of course. Well if you're brave enough you could also invite potential hackers to to work on this digital twin infrastructure.
However, my recommendation is to have it also in a first in a closed environment to start it up. The experts now help of cyber range technology and hackers launch their tax all relevant data about what the hackers are operate, which vulnerabilities exploit, and what the data says still. And it's then analyzed by the experts to increase the company's defense measures.
And while from step two then it's pretty much following the system, collect all the data, set the simulation you will get from the simulation and send, let it experts analyze it and to understand how hackers operate and what dataset, target and data may include. Also information about previous attacks, vulnerabilities and companies IT structures. So and which brings you in a position to have some kind of analysis. And here is also some kind of good a way to apply artificial AI and machine learnings to identify unusual patterns and anomalies in the data.
So such kind of infrastructure could help you to analyze and improve companies defense measure to look where your vulnerabilities are and to measure, put your measures close to your vulnerabilities and also to network your architecture. And you're designed to minimize future risk and attacks. So what we have already hold and what we are directly doing is some kind of digital twin environment and we use the gamification approach we call it's a game of threat.
It's, it's not an real organization but it's some kind of enterprise like environment where we typically have executives invited to have both roles to have the role of attacker where you have always attack vector and threats that I've showed you and the other ones are trying to defend it and our experts coach them. And quite often it's a aha effect when we have executive doing the scheme to to learn what it means, getting an attack and to see what kind of defense measures they might use and to defend some those attacks. The other things that we are doing is also for raising awareness.
We call it cyber escape room. It's some kind of similar escape rooms where a group of people have to escape from a physical room here they have to escape from a virtual room. We are using it also to strengthen the human firewall and also to raise awareness. So regulators have also recognized the human factor. We've heard it before, homo securities and zaen. So was risk for cybersecurity lazing a greater focus on awareness and training and such also. So regulators looking at this and our security awareness programs use gamification in realistic scenarios.
Digital twins to engage both employees and teach them about cybersecurity. And in two weeks we will launch also a metaverse use case. We have metaverse also lots of potential use cases from retail finance, et cetera. So our colleagues have developed a lot and I was sales telling them, okay, we also have to look at some misuse cases. So we have also implemented one misuse case in the metaverse, having some kind of deep fake identity scenario also as part of awareness measures. So with set, I think we are running out of time, so I'd rather stop my talk here. Zero trust.
That was the conclusion is one, architecture, principle and strategy would I recommend also to design your organization, network. And I'm happy to take your questions. Any questions from the audience? We have no questions. Well thank you so much. Thank you for having me.
