Original Prezi presentation available on http://prezi.com/qhv0ra2qhxoz/asfws-2012-keynote-2/. Prezi converted slides available on http://asfws12.files.wordpress.com/2012/11/asfws2012_keynote2.pdf
Olivier Brique, VP Cybersecurity Technology of Swiss company Kudelski offered us an insightful and dynamic dive into the history of his company, initially producing high quality microphone before developing Pay-TV solution and finally announcing, on the 21st of last month, a new cyber security division.
But before talking about the new division officially launched two weeks after this presentation, Olivier gave us more details of what a Pay-TV solution was composed of, how it evolved and how it was attacked. Based on the first attacks back in the end 1990’s, Kudelski developed an internal intelligence unit, gathering information on internet and monitoring forums talking about reverse engineering smart cards. At the same time, efforts for research and development were done on various fronts, especially in terms of a lab to test internal products from an attacker’s perspective before there are released.
Of course, the cat-and-mouse game continued between the company and hackers. Around 2005, Kudelski launched a new generation of Smart Cards considered as secure but the game did not end there either. With the progress of Internet, attackers could now, using legitimate Smart Cards, decrypt given TV channels and distribute the clear text signal via the network. The emergence of such “Piracy as a Service” platforms owned by organized crime triggered the need of further Internet monitoring from Kudelski and developed internal competences in network forensic. A world-wide network of lawyers was also set up to be able to response to the threat via legal means.
With such a history, starting at securing hardware and becoming an “insurance-safety service”, this company featuring 1’000 security engineers on a total of 3’000 employees certainly has some cards to play on the market nowadays. But how does this specific knowledge of Pay-TV apply for other, service oriented, companies such as banks? According to Olivier, strong similarities exist with issues such as migration to cloud services (how to secure data on the move and at rest on uncontrolled and partially untrusted equipment) or Bring-Your-Own-Device (where the device must be resilient against attacks).
The initial slide set, based on Prezi, gave this little added dynamic touch to the whole presentation, which got lost in the PDF versions of the slides. Despite this, I recommend you the read of the slides for further details, especially about all the Pay-TV relevant data. Enjoy viewing the Prezi set, as it will lead you through a dynamic history of Kudelski and of the Pay TV.
[Updated on 10.12.2012 to include the link to the Prezi presentation Olivier submitted in the comments and alter slightly the conclusion]