Whether you made it to 2017’s RSA security conference and hit all its highlighted events or were busy at your office shoring up your own internal systems and procedures, fear not. We’ve gone through and picked out the key takeaways, insights, and lessons in prevention from the experts who presented. You can thank us later.
Dr. Zulfikar Ramzan, CTO at RSA Security, delivered the opening keynote and set the tone by discussing chaos and its challenges and opportunities. He talked about the US presidential election and how technology impacted it by changing the conversation around security and tied that to the larger issue of how innovation and security are relentlessly entwined. His main points about the inevitable chaos coming from new ideas are simple:
- Treat risk as a science. “Think things through all the way to the end, and ask yourself, ‘What if?'”
- Simplify what you can control. “I spoke to a vendor who has 84 vendors. How do you manage so many vendors and justify the ROI from so many? Consolidate your vendors. Work out what works and ditch everyone else.”
- Plan for what you can’t control: chaos. “Incident response must have availability, budget, and collaboration. Incident response isn’t a wish list. There will be unexpected costs, so get the budget authority. Without it, incident response will fail.”
Attacks keep coming
Beating back the beast of ransomware is getting more difficult, and in his presentation, James Lyne, global head of security research at Sophos Labs, cautioned that even if you pay a ransom, data has likely been shredded, so it’s not even accessible to the cybercriminal. Victims have no guarantee the same attacker won’t target them again.
To stay safe, Lyne recommended backing up somewhere offline—or risk infecting the encrypted backup. Craig Williams, senior technical leader and security outreach manager for Cisco Talos, advocates for cloud backups with unique user names and passwords for those services.
Seven deadly threats
Security experts from the SANS Institute were on hand to discuss the seven most common attacks to personal, corporate, and infrastructure technology—and what to do about them. They identified:
- Ransomware: It’ll come as no surprise that ransomware tops the list of threats, especially since it’s evolved into a terrifying form of malware—crypto-ransomware.
- Internet of Things: Connected devices are all the rage, but they’re vulnerable. Change default passwords and disable remote access, for starters.
- A collision of the two: An outgrowth of these two factors—which is theoretical at this point, but important to keep an eye on—is the intersection between ransomware and IoT. Ask yourself, “How much automation is too much?”
- Industrial IoT: Hacks to power stations affect citizens, but there’s not much they can do. Again, be careful about incorporating too much automation into your home systems.
- Random number generators: These aren’t all that random. It’s up to device manufacturers to deal with this issue, but consumers need to be aware that security isn’t guaranteed.
- Dependence on web services: Developers are tasked with fixing this problem, but everyone should be wary of mobile apps—which might not pose a threat on their own, but the service they connect to may.
- SoQL Attacks against NoSQL databases: These were identified as another challenge for developers, but the data collected may affect users personally.
Allaying fears of robots and cyber attacks
Google cofounder and chairman of Alphabet Eric Schmidt took the stage to have a conversation with Gideon Lewis-Kraus, author of The Great A.I. Awakening. Together, they discussed developments in artificial intelligence—in areas as far-ranging as health care and data center design. They both underscored that machine learning and AI are simply tools for humans to use and that, because they can “see” and “speak,” doesn’t mean they have the human capabilities required to take us over.
Schmidt also talked about the necessity for openness, even as the audience hyper-focused on security. “Security is not one layer,” said Schmidt. “Naive engineers say they can build a better firewall, but that’s not really how things work. If you build a system that is perfect and closed, you will find out it’s neither perfect or closed.”
The Innovation Sandbox Contest
Each year, the RSA security conference offers the best and brightest minds in the industry a place to innovate on the spot. This year was no different, except for the opening anecdote that illustrated how a bird accidentally caught inside a passenger airplane could expose security threats. The ease of trapping a live bird demonstrates how simple it is to send a robotic bird loaded with explosives into a plane. The weakness is often due to human error—humans just don’t always know what to do when faced with a new security threat.
Teams got to work, and the results were inspiring. Among them, finalist EN/VEIL used massive parallelism and a homomorphic encryption engine on an API-based platform to encrypt data while it was processed. The winner, though, was UnifyID with its “implicit authentication platform” that matches a user’s online and physical self using machine learning and their own devices to identify them by the way they move.
Conferences, like this year’s RSA event, can reinvigorate passions for tech and clearly outline where innovation in the industry stands with some of the top minds in the business. Security is a full-time job, but it’s a team effort that’s worth committing to.