Hello and welcome to this conference. Thank you very much for attending this presentation. Today we are going to introduce you to a very innovative Solution for cyber security. We are going to, start with the first slide and introduce some of the concepts and I will deliberately, go slow so all these concepts can be well digested because some of them may be relatively new or relatively not very common in the world of cyber security. So first thing first. Internet2. ai, so number two is because This is the evolution of internet in a more secure internet and AI because we do use AI in most or all of our processes. And in particular, we use that in a very key process in this solution that we will explain later. We are, as long as we are aware, The first company in the world for doing ISP reputation. So basically ISP reputation is to put a rating to the ISP. Originating the traffic. So when we receive traffic from internet, from a specific network that belongs to an ISP, we know how good or bad this specific ISP and network has behaved in internet. And for this purpose, we use multiple ways. We will go in detail in the other slides, but. It is good that you start understanding that this solution or this approach is different from what you are used to see, in the cybersecurity space. This time, we are going to start the controls in the ISP originating the traffic, not on the destination of the traffic where your company is. We are going to take one step forward and enhance the security perimeter. Basically, this is all about. If you understand this concept, the enhancement of the security perimeter, this is what it is all about. Based on a specific technology related to the rating, to the reputation of the ISP. But the concept is this enhancement of the security perimeter, which by the way, is a concept that in other areas of defense, like the military, it is a very well understood, technique or strategy to use. When we say AI being used in our processes, there is one key process, which is the, the rating. So what rating we apply to different scenarios of the ISPs, networks delivering traffic. this policy is dictated by AI with very minimal human oversight. So let's go slide by slide, introducing the concept in more depth. So the security challenge, the current landscape. is terrible. The threats are evolving, we get more threats, defending an organization is really difficult these days because they attack from multiple places, they are dedicated, dedicated, targeting, there are different types of attackers, so it's really difficult. And unfortunately, I have to say that if that was a race, we are not winning. At least, what we hear from the media is that large organizations with many resources, they are also victims of attacks. Which make us think that there is something that needs to change, but something at the base, something different. We need to do something different if we want to change the direction of the race. So basically, the speed this is going, we do need to take action on it. As soon as possible. Okay, so at the moment, in cyber security, the main idea, different colors, good, but the idea is to do the defense at destination. You put firewalls, you put all type of defenses when you receive the traffic from internet, the offending traffic. And this is basically what you are doing, for your defense. This is good. It's really very good, but it has some issues. Or maybe to say that in a different way, it is not enough. There is something missing here. Otherwise, we wouldn't be in the situation we are. So we are getting millions of attacks every day from different angles. It's if we were to make an analogy with the real world, it's like having millions of people hitting your doors And your windows in your house, which is something that obviously is not something you want to have. And probably because some of them may be also to get into your house at some point, because there are millions. And they are doing that every day in every second. Even when you are at home, when you are not, in the morning, in the afternoon, in the evening, and when you're sleeping. So basically the breach is warranted. We all in cybersecurity say that is not the question of when, but sorry, not but if, but when it's going to happen, we all know it's going to happen. I have an anecdote related to this is one CIO of a very large organization. One of the statements, last statement I read a few weeks ago was, We have the enemy already inside, so we need to make our defenses based on the idea that they are already inside. what they were saying here is that we don't have this perimeter anyway, so we need to start defending ourselves inside the house. Which really sounds a little bit Too much. And legal complexities. Due to the nature of Internet, which is, international, you can be attacked from many multiple different countries and the legal enforcement there is very difficult because by the time you raise a complaint really it is very difficult that you hit the attackers in, in, in the final country, in the country where they are originating these attacks. It's almost impossible. That's why we sometimes do see in the news that the FBI has captured, some, malicious attackers somewhere and they have deactivated, thousands of boats and stuff like that for ransomware, for phishing, for all these attacks. But the thing is still continues. it's Something really is not working because this is not. Only continuing, this is growing. So we are in a worse situation than we were yesterday. So the trend is not good. We need something else to stop this trend. So our suggestion is that we change something at the strategic level. A big change in cyber security. So this big change is related to the issues related to the root cause. We think it is the cyber impunity. We think that the lack of, there is no deterrent at the moment for attackers. They basically can attack at zero cost. they are anonymous. They can attack pretty much from anywhere and they don't have any consequences. So it is for free. For example, it is a term that is not being used that often these days, but in the past we had, we had this script kiddies. And how is that possible that large organizations with multiple millions or miles of employees, millions of revenue, there are script kiddies that These large organizations and sometimes they even penetrate these companies and they commit fraud. So why is this happening? Because really these attackers are very difficult to catch. So it is basically, in summary, attacking is for free. So the return of the investment is very high. So as we say, the solution, we think that we need a change. We need to think out of the box. The change requires A different type of change, not only making your doors and windows stronger, which is very good. It's something you need to do, but we need something else, and we suggest Taking a strategic approach and make our doors strong, make our windows strong, but also enhance the perimeter and put some distance between the attackers and our house. So then we can control them from far away from where they are and not from where we are. some of them probably, obviously, will penetrate this first perimeter, but many of them may be filtered because you are already, by default, you're doubling the control. So you have two controls instead of one, and one of the controls is not anymore at your doors. It's at their doors. It's where they are. You get close to them, you are moving the defenses, or doubling the defenses, next to them. And then the things change, because I'm sure that all these script kiddies we have mentioned before, they will think it twice before attacking a large organization. If they know that the ISP to where they are connecting and which is where the attack is going to be originated is controlling them and may raise a complaint and they could be prosecuted because the ISP is in the same country they are and then can do the prosecution of the malicious attacker, which is something that at the moment is not happening because of the complexity in the international law. So we have two defenses, and one of the questions that sometimes arises when I do this presentation is that, yeah, okay, but We all know that the attackers are, chaining through multiple, country servers, before launching the attacks. That's true. But the same way that they chain, we can chain it back as well. And I'm going to explain that in the next slide. Once that we have introduced what the specific technique we suggest to enhance this perimeter. So the tech we suggest is the rating. The rating is very, extremely powerful tool. Large organizations like Amazon, eBay is an excellent example. it wouldn't exist if that wasn't for the rating. Who of us would buy something in internet without knowing who is selling that? Thanks to the rating, we can buy goods, that, and we are safe that these goods, will, we will receive them and they will be in relative good conditions. So the rating is, is an powerful, very useful technique to use. So then the question is why we are not using the rating of the ISPs, that are launching or sending this traffic of the malicious attackers to internet. Because if we had. A rating of these ISP networks, we could say, okay, the traffic coming from this network is usually malicious and the traffic coming from this network is usually is good. So this would strongly support and help the security analyst in our organizations. And yeah, the rating is something that is an extremely good candidate to be introduced in the cyber security because the power it has may help us, doing the things better in our particular case. We do have, some intelligence of the malicious traffic because we do have some probes worldwide, distributed through geographically around the world. And we do also take some reports from third parties on the IP addresses, and then we assign this, this rating to the ISP to which. this IP address to the ISP to which this IP address belongs. And we also do have proprietary algorithms. This collection of data is done in real time and the good thing here is, many people, also another key question is that, okay, yeah, but we already do have IP rating. Yeah, but the IP rating, the problem is that there are billions of IP addresses and they don't have a history. ones that, for example, a server with malicious, I don't know, phishing or whatever, or some malware, Once that this has been clear, this IP address is disappears. we remove that from our filter list and it is again a good IP address. It doesn't keep a history, while in the ISP rating we do keep this history. We know that today this ISP network was behaving well. But we also know that yesterday, this ISP network was launching an attack to our, and that was detected by our probes or by any other means. And so we know how many times we have rated this network and what the ratings were for the different, times. So we keep a history of that. And this history is like when you go to the restaurant, there are like, it is not the same to have a rating of, of five or four to five for a restaurant. if there are two people that are doing the rating for this restaurant, when you see a restaurant that has 1, 542 ratings and this one has a fault of three, it's probably a very good rating and patent pending application. Yeah. We are about to make this application in the next few days. we have this coverage geographically, through worldwide. And we get this rating is continuously updated. One of the key things again that I want to mention here is that this policy of the rating is dictated by the AI. We do have a little bit human oversight, but the policy of the rating is dictated by the AI. And you will be surprised, with the evolution of the AIs these days, rational data statements look when asking for a specific, scenarios. So they really, really logical and really, explained why this, rating should be applied based on the scenarios we have, suggested to the AI. That is awesome. Some use cases, very typical is that you use the sim here to ingest this cyber intelligence, into the sim, which at the moment, we have a straightforward integration with Microsoft Sentinel for which you don't need to change your ingestion layer. so this is the most typical scenario, monitoring the traffic, but there are some other customers that they do, have, more sophisticated or they do have, a different, sorry, a different risk appetite. And they do, for example, financial entities, they can do, limit the operations. For example, they may only allow you to see the balance of your account if you are connecting from an ISP with a poor rating, or they may just limit the transfer of the money, if that is, this connection is coming from one of those, ISP networks. and the risk assessment, for example, when you get, Customers or employees connecting to your network, you can make a profile and look at, how many of them are connecting from, from ISPs with a good rating or a poor rating, and then you can make a profile on them. Yeah. What risk is your organization having based on allowing some poor ISPs and make decisions based on that. So this is what basically the intelligence obviously allows you, the intelligence we provide to you. One of the things also to maybe mention here before going to the next slide is that we do rate the origin ISPs, we are in touch with them, we have a strong relationship with them, contact and a community with the ISPs. So we do not only do the rating in a cold way. We do support the ISPs and try to all these ISPs that don't have, very good or these networks that they don't have very good rating, we support them improving the rating. And this is very important because we are here to, our mission is to make Internet more secure, make this second Internet, the evolution of Internet, where we can be safe. And the reason, and again, sorry for extending a little bit, but the reason is that sometimes we are not Aware of how far internet is getting into our lives and I have a little bit of a dramatic anecdote regarding to this. I'm living in the UK and a few months ago, I am a blood donor and receive, An email from NHS asking for blood, additional blood, because they were running out of stock due to a kind of a perfect storm. And one of the, one of the key components of this perfect storm was that the NHS was under attack. They were being cyber attacked. So what I'm saying is that this is not anymore about computers, about electrons, about circuits, about electricity, about all these things that we do love. it is going much deeper is, the impact in our lives of cyber attacks is getting bigger. And the way the digital, obviously the world is going to the digital direction, it's gonna get worse if we don't take strategic measures. As soon as possible, that's why we are in our mission. We are presenting this strategic approach here, some real world analogies. Okay. I have mentioned already the restaurant one, which is the one that I do the most, because I think it's very easy to understand. We all go to restaurants and we buy goods or we go dining. we look at the rating and I'm a big fan of looking at the restaurant and which one has the best rating and the comments of the people and all this stuff. the football defense is another one. we all like, many of us do like football, not necessarily and not a super big fan, but I do like to see my team playing and doing a good defense. And I couldn't imagine my team, like with all the 11 players, like in the goal. Score, they all waiting for the attackers to just, to wait until they score. It doesn't make sense. So we all will be asking, that, for example, we use a 4 4 2 strategy or something, some layered security, in place, not all the players in the score. So basically that's what we are doing in our organizations at the moment. We are allowing, ISP networks to send traffic to us. and with a very poor rating and that is the same as football or it is in the restaurant and the home security. I have already mentioned that. all the solutions which are very good. Don't get me wrong. They are very good. These old tactical security cyber security solutions. But we need to go one step further. We need to do a strategic change. We need to think out of the box for cybersecurity solutions, or this race, we are not going to win it at the trend, at the speed direction is taking. Okay. So let's make our windows and doors strong, but also let's put some space between the attackers and ourselves and let's get us into their territory. to be next to them and protect ourselves better before they hit our house. I know that you cannot make any questions here, so this slide probably doesn't make much sense. but just to let you know that if, even if you cannot do the questions now, we are happy to answer you any questions. So for that, you just need to contact us in internet2. ai, easy to find in the website. you have the contact details. we are in Twitter, in, in email, obviously, and we have the website as well. And we do have a tool that you can check in our website to, to look at the rating of the different networks. And it is for free. We also do have free plans and blah, blah. We haven't discussed the commercials here. But if you're interested, we are happy to. Here is what was more the introduction of a new strategic approach in order to make internet more secure for the best of all of us. So thank you very much for attending the presentation. That was for me a pleasure. Thank you very much also conference 42 for letting me presenting this innovation here. And yeah, have a good day. Thank you.