RSA Conference 2018 offered lots of engaging and thought-provoking content. Here are some entries from our conference notebook:
Over 20 topics and tracks covered everything from IoT, analytics to intelligence and response to dev ops, privacy, cyber threats, and cryptography. – There was a stronger emphasis on promoting Inclusion and Diversity in Cybersecurity, with “Think Differently” being one of the main themes of the show. Diversity is the key to making good organizations great and, as individuals, it is what makes us succeed.
Data breaches have gone further over the top than ever.
According to Gemalto, the scale of data breaches hit an all-time high last year with over 2.5 billion records stolen, lost or compromised. Breaches have proven to be inevitable. The best way to protect your data and the individuals who can access it is to secure the breach with encryption and stronger user access controls.
Heard in the press room:
Survey results show one out of every four organizations using public cloud has had data stolen.
An interesting and wide-ranging discussion covered the current state of blockchain, security and privacy, as well as how the public conversation has evolved to impact companies, organizations and individuals. Asked if there are any silver linings inside the complex threat landscape, panelists noted advances in hardware technology, a focus on election security, and a broadening awareness of privacy as critical to protecting the digital world we all want to live in.
Key cyberthreats to watch in 2018:
Data repository leaks. Bad actors are zoning in on cloud-based data storage and online code repositories, according to keynote speaker Ed Skoudis, instructor at SANS. Open AWS S3 buckets were the root of data leaks from the Department of Defense and Verizon, among others. Skoudis recommended putting a data curator in place and preventing developers from “committing code with leaked credentials.” AI or ML solutions can detect a leak in the cloud and CSPs like AWS and Microsoft offer automatic services that will “crawl through” buckets seeking any PII in a company’s collected data.
Vulnerable industrial code. James Lyne, head of R&D at SANS Institute noted that in the near future threats will go beyond money and fraud to threaten “life and limb.” Hackers have begun focusing on industrial code like power grids and controllers, whose lagging operating systems and application software makes it much slower to defend against malicious code. The shift toward disrupting sensors within the infrastructure may bring us to a point where “the source of truth is lying to us” and our detection alerts are effectively “poisoned.”
Cryptomining. According to Johannes Ullrich, dean of research at SANS Technology Institute, the sale of PII like credit cards is decreasing in value because there is just too much of it for sale. “Hackers don’t like to make the news,” Ullrich said. To avoid tracking that bitcoin, hackers are turning to cryptomining. By installing cryptocurrency miners, hackers can act in a sneakier manner with less of chance of being traced.