Cyber Security Investor Presentation 17 November 2011 - Hemscott IR

Cyber securityInvestor presentation17th November 2011JP Morgan Cazenove, London

Rakesh SharmaChief ExecutiveIntroduction

ScheduleUltra Electronics: Slide 3• Introduction• Cyber and the cyber threat• Cyber security• UK’s crypto modernisation programme• Key managementRakesh Sharma Chief ExecutiveDr. Alex Tarter Group Cyber Security Technical LeadNigel Mackie Group Cyber Security LeadDr. Jonathan Blogh Chief Engineer, Communication & Integrated SystemsPaul Maguire President, ProLogic• Summary & Questions• Demonstrations:• Assured communications• Key management• Securing the cloudDr. Jonathan Blogh Chief Engineer, Communication & Integrated SystemsPeter van de Geest Managing Director, AEP NetworksDr. Alex Tarter Group Cyber Security Technical Lead• DinnerNovember 2011 © Ultra Electronics: Proprietary Data

Dr. Alex TarterGroup Cyber Security Technical LeadCyber and the cyber threat… A bad day in cyber space!

Ultra Electronics: Slide 5What is cyber?THE EXPONENTIAL GROWTH OF THE INTERNET AND COMMUNICATIONS2 billion userson the InternetFibre optic bandwidthacross the globe -2010THE INTERNET IS DRIVEN BY UTILITY NOT SECURITYNovember 2011 © Ultra Electronics: Proprietary Data

What is cyber?A DEFINITIONUltra Electronics: Slide 6Cyber:The interdependent network of Information Systems;including the Internet, telecommunications networks,critical infrastructure computer systems and embeddedprocessors and controllers.This can be divided into 4 categories:– Datathe information contained in the cyber domainNeed categorypictures here– Devicesthe technology on which data is processed in thecyber domain– Networksthe connects and communication traffic between devicesin the cyber domain© 2011 Ultra Electronics– Peoplethe participants within the cyber domainNovember 2011 © Ultra Electronics: Proprietary Data

What is cyber security?CIA – CONFIDENTIALITY, INTEGRITY AND AVAILABILITYUltra Electronics: Slide 7Cyber security:The body of technologies, processes and practices designed toprotect the network of Information systems.Courtesy of the CIA web siteActivities in Cyber Security comprise the protection, defence,Information gathering or attack on the ‘Confidentiality, Integrityor Availability’ of Information Systems.ConfidentialityIntegrityOnly those authorised can understand the information or systemsOnly those authorised can create, modify, use or destroyinformation or systemsAvailabilityNo not this one!Information or systems are available to those authorisedto see/use themNovember 2011 © Ultra Electronics: Proprietary Data

What is cyber security?EXAMPLES OF CONFIDENTIALITY, INTEGRITY AND AVAILABILITYUltra Electronics: Slide 8• Online banking– only you can access your account (C)– the balance is correct (I)– you can access it when you need to (A)• Medical records– only you and your doctor can see them (C)– the records accurately give your blood type (I)– in an emergency doctors can find out your blood type (A)• Power station control system– only authorised operators can shutdown the station (C)– commands are not corrupted from the control station to the actuator (I)– in an emergency shutdown commands can reach the actuators (A)November 2011 © Ultra Electronics: Proprietary Data

Cyber attacksHOW DOES THIS AFFECT YOU?Ultra Electronics: Slide 9• Internet banking?– hackers routinely pretend to be your bank– cost UK nearly £60m in 2009(New Card and Banking Fraud Figures UKCards Association)• Mobile phone calls?– anyone can listen into a mobile call in 3 minutes with equipmentcosting £10, instructions online(Wideband GSM Sniffing, Nohl & Muaut, 27 th Chaos Communication Congress)• Corporate networks?– RSA lost its SecureID secret, costing parent company EMC £50m– 20% of Fortune 100 companies hacked the same way(Who else was hit by the RSA Attackers?, Brian Krebs, KrebsonSecurity.com)• Confidential financial market data?– Nasdaq OMX got repeatedly hacked, attackers viewed a wealth ofconfidential data(NSA to Investigate Nasdaq Hack, Kim Zetter, Wired Magazine)• Aviation?– in 2008 a hacker almost shut down US Air Traffic Control(FAA report number FI-2009-049)November 2011 © Ultra Electronics: Proprietary Data

Cyber attacksSOPHISTICATED ATTACKSUltra Electronics: Slide 10• Is the government spying on you?– German government has admitted installing malware on suspects’computers to monitor and track them(Germany spyware: Minister calls for probe of state use, BBC News 11/10/11)• Can hackers disrupt the market?– This year, hackers described how to manipulate flash tradingsystems, and that they have less security than your home PC!(Security When Nano Seconds Count, Arlen, DEFCON 19)• Effects on the physical world– Stuxnet showed how to covertly manipulate crucial control equipmentso that it broke– stopped Iranian nuclear production via a thumb drive(W32.Stuxnet Dossier, Symantec)• What next?– Duqu just showed up, hidden in lots of places, allows attackers tomonitor & control industrial manufacturers– could be used to turn off production facilities, power stations,transport networks etc(W32.Duqu The precursor to the next Stuxnet, Symantec)• But no-one is blowing anything up right?– US allegedly manipulated control software for the Trans-SiberianPipeline causing the largest non-nuclear explosion & fire ever seenfrom space!(At the Abyss: An Insider’s History of the Cold War, Thomas C. Reed former U.S. Air Force Secretary)November 2011 © Ultra Electronics: Proprietary Data

Nigel MackieGroup Cyber Security LeadWhat is cyber security?

What is cyber security?MARKET SEGMENTATIONUltra Electronics: Slide 12Availability Integrity Confidentiality© 2011 Ultra ElectronicsData Devices NetworksPeople© 2011 Ultra ElectronicsNovember 2011 © Ultra Electronics: Proprietary Data

What is cyber security?KEY MARKETSUltra Electronics: Slide 13A model to analysethe cyber securitymarketAvailability Integrity ConfidentialityTraffic Encryption&Key ManagementTransactionProtectionLegal Intercept&CloudComputingData at RestEncryption&Key ManagementPenetration Testing&Vulnerability ScanningReliabilityNetwork Hardening&Boundary ProtectionAttack Identification&ResponseDDoSProtectionMulti-factorAuthenticationTrainingCollaborativeWorking© 2011UltraElectronicsData Devices NetworksPeople© 2011 Ultra ElectronicsNovember 2011 © Ultra Electronics: Proprietary Data

Ultra Electronics: Slide 14What is cyber security?MARKET SIZE AND GROWTH – GLOBAL & HIGH THREAT MARKETSAnnual growth %Global market p.a.High threat market p.a.Global total:$49.8bHigh threat total:$13.8bSource:Frost & Sullivan 2011Forrester 2009Accenture 2009Pike Research 2011Availability Integrity Confidentiality6%$6.1b$2bTraffic Encryption&Key Management12%$2.8b$0.8bTransactionProtection10%$3.2b$2bLegal Intercept&CloudComputing2%$3.5b$1.5bData at RestEncryption&Key Management11%$3.1b$0.5bPenetration Testing&Vulnerability Scanning2%$1.5b$0.5bReliability6%$8.5b$2bNetwork Hardening&Boundary Protection11%$3.5b$1.5bAttack Identification&Response5%$2b$1bDDoSProtection20%$4.1b$0.5bMulti-factorAuthentication8%$8b$1bTraining10%$3.5b$0.5bCollaborativeWorking© 2011UltraElectronicsData Devices NetworksPeople© 2011 Ultra ElectronicsNovember 2011 © Ultra Electronics: Proprietary Data

What is cyber security?MARKET NICHESUltra Electronics: Slide 15…and drill down toidentify the marketniches thatcomprise the cybersecurity marketAvailability Integrity ConfidentialityCryptographyKey ManagementMeta-Data ProductionLegal InterceptKeyless DecryptionDisposalObfuscationStorageAudited ActionsSecure SoftwareAuthenticationNon-RepudiationAttack VectorUnauthorised DuplicationMalwareTestingAuditManipulationRisk AssessmentRemote RetrievalMeta-Data ProvisionFlow ControlLegal InterceptLocal retrievalCompressionSpoofingAccessAccessKey ManagementAuthenticationRecoveryTestingData RetentionUsage RestrictionsAudited ActionsIntrusion DetectionIntrusion ResponseSecure OperationAttack VectorOperational ValidationTestingRisk AssessmentDamageUser InterfacePrioritisationLegal InterceptOperationContinued OperationSpoofingEfficiencyRestorationSafetyLink CryptographyNetwork CryptographyObfuscationAccessKey ManagementMulti-level SecurityLogical SeparationTestingUsage RestrictionsRoutingAttack VectorAuthenticationMonitoringDirection ControlAudited ActionsSpoofingAccuracyRisk AssessmentTestingWired AccessWireless AccessPrioritisationFlow ControlLegal InterceptShapingAttack ResponseSafetyAuthenticationAccessKnowledgeSpoofingTestingRisk AssessmentRisk AppetiteProceduresPracticeBehaviourSituational AwarenessSocial NetworksBusiness ContinuityBusiness RecoveryAccess© 2011UltraElectronicsData Devices NetworksPeople© 2011 Ultra ElectronicsNovember 2011 © Ultra Electronics: Proprietary Data

What is cyber security?MARKET NICHESUltra Electronics: Slide 16Ultra’s niches:Today’s nichesAdjacent nichesNo current plansAvailability Integrity ConfidentialityCryptographyKey ManagementMeta-Data ProductionLegal InterceptKeyless DecryptionDisposalObfuscationStorageAudited ActionsSecure SoftwareAuthenticationNon-RepudiationAttack VectorUnauthorised DuplicationMalwareTestingAuditManipulationRisk AssessmentRemote RetrievalMeta-Data ProvisionFlow ControlLegal InterceptLocal retrievalCompressionSpoofingAccessAccessKey ManagementAuthenticationRecoveryTestingData RetentionUsage RestrictionsAudited ActionsIntrusion DetectionIntrusion ResponseSecure OperationAttack VectorOperational ValidationTestingRisk AssessmentDamageUser InterfacePrioritisationLegal InterceptOperationContinued OperationSpoofingEfficiencyRestorationSafetyLink CryptographyNetwork CryptographyObfuscationAccessKey ManagementMulti-level SecurityLogical SeparationTestingUsage RestrictionsRoutingAttack VectorAuthenticationMonitoringDirection ControlAudited ActionsSpoofingAccuracyRisk AssessmentTestingWired AccessWireless AccessPrioritisationFlow ControlLegal InterceptShapingAttack ResponseSafetyAuthenticationAccessKnowledgeSpoofingTestingRisk AssessmentRisk AppetiteProceduresPracticeBehaviourSituational AwarenessSocial NetworksBusiness ContinuityBusiness RecoveryAccess© 2011UltraElectronicsData Devices NetworksPeople© 2011 Ultra ElectronicsNovember 2011 © Ultra Electronics: Proprietary Data

Cyber securityULTRA’S TARGET MARKETUltra Electronics: Slide 17Ultra’stargetmarketHigh Threat ClubDefenceIntelligenceCritical National InfrastructureFinancialTelecommunicationsEnergyTransportWider MarketLocal governmentLarge businessesSmall & medium businessesPersonalNovember 2011 © Ultra Electronics: Proprietary Data

What is cyber security?A MARKET FRAMEWORK – INFORMATION CLASSIFICATIONUltra Electronics: Slide 18UnitvolumeUnitvalueNovember 2011 © Ultra Electronics: Proprietary Data

What is cyber security?WHY THE MARKET IS DEVELOPING SO RAPIDLYUltra Electronics: Slide 19Threat scopeImpact ofattackNational economicharm & warLarge scale harm andpsychological impact12National governments(China, Russia, NK, Iran)Terrorists(AQ, Hamas, Hezbollah)Serious financial harm andIntellectual property drain3Industrial spiesOrganised crimeLarge scale embarrassmentand confidence impact4Hacktivists(Anonymous, LulzSec, etc)Frequencyof attackSerious embarrassment5Hackers(K Mitnik, B Manning etc)November 2011 © Ultra Electronics: Proprietary Data

Cyber securitySPECIALIST CAPABILITIESUltra Electronics: Slide 20November 2011 © Ultra Electronics: Proprietary Data

Ultra Electronics: Slide 21Cyber securitySPECIALIST CAPABILITIES – CRYPTOGRAPHY AND KEY MANAGEMENT• Crypto and key management – to ‘high grade’– securing the highest classification of information– over the network key management– legacy, current & future algorithms• CARDS & Solitaire– COMSEC accounting– secure key order & black key distribution– handheld secure key loader• Keyper crypto– PKI Signing– protects the internet backbone– protects valuable crypto keysNovember 2011 © Ultra Electronics: Proprietary Data

Cyber securitySPECIALIST CAPABILITIES – LEGAL INTERCEPTUltra Electronics: Slide 22• IP Reveal– processes legally intercepted voice internet traffic– deep packet analysis– visualise target behaviour & communications• Medirva– process high volume of audio intelligence– speech-to-text conversion– data-minable results– speaker identificationNovember 2011 © Ultra Electronics: Proprietary Data

Ultra Electronics: Slide 23Cyber securitySPECIALIST CAPABILITIES – EXTRANET, GATEWAYS & INTEGRATEDSOLUTIONS• National Resilience Extranet– secure (IL3) communication & exchange system– supports the resilience community– 800+ UK Government agencies & organisations• Syntaxis– secure gateway– collaborative working environment– Public Key Infrastructure (PKI) enabled• Integrated systems - vessel traffic management– protected and integral database– processes and controls sensors– data fusion and target trackingNovember 2011 © Ultra Electronics: Proprietary Data

Cyber securitySPECIALIST CAPABILITIES – SECURE NETWORKINGUltra Electronics: Slide 24• PacketAssure– enforced lower layer Quality of Service– intelligent adaptive load balancing– real-time traffic shaping• DarkNode– non-discoverable encrypted gateway– network obfuscation– industrial control protection• Secure WiFi– FIPS 140-2 validated– wireless mesh networked– protects national infrastructure– web services• CloudProtect– security as a service– provides secure cloud computing– secure application accessNovember 2011 © Ultra Electronics: Proprietary Data

Dr. Jonathan BloghChief Engineer, Communication & Integrated SystemsThe UK MOD crypto modernisation programme

Cryptographic equipmentHIGH GRADE ENCRYPTION HERITAGE & EXPERTISEUltra Electronics: Slide 26• Developing secure communicationsproducts and systems since 1950s• The only non-US company to design andcertify a US Type 1 crypto• Awarded the End Cryptographic UnitReplacement Programme (ECU RP) in 2010(worth £86m), the first phase of the UK MOD’scrypto modernisation programme• Awarded the VLF (SM) replacement in 2011(worth £18m) protecting the highest level ofclassified information for UK MODUS Type 1 CryptoVLF (SM)ULTRA IS THE UK’s LEADING PROVIDER OF TACTICALHIGH GRADE CRYPTOGRAPHIC EQUIPMENTECU RPcrypto modernisationprogrammeNovember 2011 © Ultra Electronics: Proprietary Data

ECU Replacement Programme (ECU RP)A SYSTEM ENGINEERED SOLUTIONUltra Electronics: Slide 27• ECU RP will replace 5,000+ high grade crypto’s• 23 different types of crypto will be replaced• Replacing legacy link, airborne, special, networkand telephony equipmentThe Common Core Crypto (C 3 )• Ultra’s Common Core Crypto (C3) is common to allunits and is the first UK programmable crypto to beintroduced in high grade equipmentKG-84(R)• ECU RP equipment will be integrated on 30platform types and 150 sites and systems• Interoperability with UK, UK/US, 5 Eyes and coalitionforces in legacy and future modesKW-46(R)• Field upgradeable for new algorithms and protocols• ‘Form and Fit’ compatible with legacy equipment tominimise platform integration costECU RP IS THE FIRST PHASE OF THE UK’SCRYPTO MODERNISATION PROGRAMMEFuture LinkCrypto (FLC)ProgrammableTactical Crypto(PTC)Future BulkCrypto (FBC)November 2011 © Ultra Electronics: Proprietary Data

Paul MaguirePresident, ProLogicKey management

Key managementMARKETUltra Electronics: Page 29• Key material is used to keep crypto hardware running• It has to be updated periodically• Most US and UK defence key material is still moved by secure courier• The biggest vulnerability in the key management niche is people• The largest cost in the key management niche is people• Ultra’s solutions allow key material to be moved electronically• Ultra’s solutions reduce costs by reducing people and travel• Ultra’s solutions increase security by reducing people’s access to keys• The consumer market is beginning to use more key material and thatconvergence with the defence market is fueling growthNovember 2011 © Ultra Electronics: Proprietary Data

Key managementGLOBAL MARKETUltra Electronics: Slide 30• Key management – multi-billiondollar market– creation– dissemination– inventory– $10 billion+• Increased demand– 9% annual growth• Broad solution set– hardware– software– services• End-to-end generator-to-consumerkey delivery• Ready to support the ‘mobileinternet tsunami’• Solves the the biggest cost problem- peopleAddressable Market ($B)8765432104.8Security-related Services StillDominate7.5Professional ServicesCAGR 9.2%2.94.5Software ProductsCAGR 9.2%0.9201020151.4EquipmentCAGR 8.1%Source: INPUT© 2010 Deltek, Inc. All Rights Reserved 1 2 3 4 5 6 7 8 964November 2011 © Ultra Electronics: Proprietary Data

Key managementCURRENT & FUTURE MARKET OFFERINGSUltra Electronics: Slide 31• Application software solutions – military and consumer– Ultra’s solutions manage the majority of US key material - CARDS– it is being sold internationally– it has applications for the consumer key management market as well• Hardware– Solitaire – a portable computer that can be used in classified spaces to managekey material. It runs the CARDS software as an ‘app’– programmable solutions that are upgradeable• Services– on-site services to application software customers (e.g., Central Office of Record(COR) Management Services for CARDS users)November 2011 © Ultra Electronics: Proprietary Data

SolitaireTHE COMSEC MANAGERS HAND-HELD PCUltra Electronics: Slide 32• CARDS on hand-held touch screen PC for use in secureareas• ‘App’ culture type device– stand alone tactical CARDS server– commercial AES 256 Key generation, overwrap, decrypt– supports barcode inventory management– ‘Black Key’ regional collector– key media conversion – from paper tape– key distribution for UAVs– configuration management– available now!CARDS SolitaireNovember 2011 © Ultra Electronics: Proprietary Data

Key managementFUTURE GROWTHFuture growth will come fromsales of value-added productsand services to:• Exploit adjacent consumermarkets for key management– banking– health– mobile devices• Exploit adjacent markets forhigh value asset managementsolutions– parts, weapons, etc.• Improve the use of UnmannedSystems (UxS) internationallyand in the US by reducingdependence on manpowerto keep systems ‘keyed’Ultra Electronics: Slide 33The convergence of consumer and non-consumer level solutions willoccur more rapidly in the key management niche because of the largesums of money involved in consumer transactions.November 2011 © Ultra Electronics: Proprietary Data

Cyber securityReference books and papers

ReferencesUltra Electronics: Slide 35http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet_research.pdfhttp://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdfhttp://hbgary.com/hbgary-threat-report-operation-aurorahttp://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdfhttp://krebsonsecurity.com/2011/10/who-else-was-hit-by-the-rsa-attackers/http://www.ft.com/intl/indepth/cyber-warfareCyber security: attacks and vulnerabilities – Dr Alex TarterBooks:Dissecting the Hack – StreetCyber War – Clarke, KnakeAviation Security Engineering – Markarian, Koelle, TarterHacking: The Art of Exploitation - EricksonFatal System Error - MennNovember 2011 © Ultra Electronics: Proprietary Data