RSA Conference 2018: Security Industry Is a Work in Progress

Another action-packed RSA Conference wrapped up this week in San Francisco. What is clear is that our cybersecurity industry is a work in progress on many levels. Here are some conference highlights and top-notch cybersecurity content to ponder.

by / April 22, 2018
Front of Moscone Center, San Francisco 2018, credit: D. Lohrmann

As visitors to San Francisco approached the Moscone Center to attend the 2018 version of the biggest cybersecurity conference in the world, construction was evident at every turn. But it wasn’t just the buildings outside that were undergoing radical change.

After another record-breaking year for security breaches in 2017, another overhaul is underway within the security industry to try to steady global technology, data and privacy efforts. This year’s RSA Conference reconfirmed the amazing growth in breadth, depth and width of the security industry — along with the importance of protecting the huge investments in innovation which are transforming every area of life.

As described in this RSA Conference 2018 press release:

“More than 42,000 attendees experienced keynote presentations, peer-to-peer sessions, track sessions, tutorials, expo floors and seminars during the course of the week focused on topics such as artificial intelligence, data privacy, gamification, the history of technology and innovation, among others. Records were set with the number of exhibitors in attendance along with overall number of sessions. …  

There were 17 keynote presentations, more than 700 speakers across 550+ sessions and more than 600 companies on the expo floors.”

Several Top Sessions

There were many excellent presentations that are worth watching, and to start my list, I want to highlight the remarks by the Honorable Kirstjen Nielsen, secretary of the Department of Homeland Security. You can see that video here:

Nielsen laid out the steps DHS is taking to address the evolving threats to our nation’s cybersecurity infrastructure. She also had many quotable one-liners such as:

  • Let me be very clear: the threat picture is getting dimmer, not brighter. ... Digital threats are multiplying faster than we can keep up.
  • Last year (2017) was the worst ever in terms of cyberattack volume.
  • By 2021, cybercrime damage is estimated to hit $6 trillion annually, according to Cybersecurity Ventures. To put that in perspective, that’s almost 10 percent of the world economy.
  • Last year, both Russia and North Korea unleashed destructive code that spread across the world, causing untold billions in damage.
  • Everyone is cybervulnerable. And everyone has a role to play in making cyberspace more secure.
  • The bad guys are crowdsourcing their attacks, so we need to crowdsource our response.

Another important session was the perspective offered from Andrus Ansip, vice president for Digital Single Market at the European Commission. He was interviewed by Riz Khan, international journalist and author.

I also thought the keynote session from Brad Smith, the president of Microsoft, was also intriguing for several reasons. As CNN reported in this article: Microsoft, Facebook and 32 other tech firms join CyberSecurity Tech Accord.

“On Tuesday, Microsoft, Facebook and 32 other companies signed on to the Cybersecurity Tech Accord, a pact to work together on cybersecurity issues. In addition to stymieing governmental cyberattacks, the companies also agreed to collaborate on stronger defense systems and protect against tampering of their products.

"We called on the world to borrow a page from history in the form of a Digital Geneva Convention, a long-term goal of updating international law to protect people in times of peace from malicious cyberattacks," Microsoft president Brad Smith wrote in a blog post Tuesday.

The financial impact of cybersecurity attacks on businesses and organizations is expected to reach $8 trillion by 2022.”

There were numerous intriguing sessions that were somewhat different, including a keynote by Monica Lewinsky. Her main message was that cybersecurity pros need to aid the vulnerable and help people stay safe online.

In her view, the Internet empowers huge groups of people to target unlucky victims with humiliation, and many instances of cyberbullying involve hacked or secretly recorded photos, videos or audio becoming public. 

“This scandal was brought to you by the digital revolution," she said.

So in an era of advanced persistent threats, we need to urgently focus on what I have called “advanced persistent resilience.”

Innovation Sandbox 2018

There were numerous sessions in the “Innovation Sandbox” that are fascinating to watch, and you can see many of these sessions listed at this YouTube channel for the 2018 RSA Conference. I really like the various "hands-on" sessions like the "IoT Village" and the "Car Hacking Village."

I urge readers to visit this great YouTube channel resource, as seeing these sessions live would cost several thousand dollars, but most sessions are available for free on YouTube after the conference.

According to ZDNet, an important message out of the RSA Conference this week is the coming of an AI-powered, data-centric model.

Also, Wired magazine highlighted how an elaborate hack shows how much damage IoT bugs can do:

“Senrio’s attack, which the company will present at the RSA conference Thursday, focuses on exploiting publicly known flaws — for which patches are available — in two devices and then jumping onto a third. The company discovered and disclosed the two vulnerabilities, one in an IP security camera and one in a router, and has tracked them closely. Using tools like Shodan, which scans for IoT devices that are sitting on the public internet, the Senrio researchers have seen meaningful patch adoption for the bugs, a heartening sign. Still, the researchers have observed tens of thousands still vulnerable devices — which is what makes their attack chain so ominous. A sophisticated hacker might pull off the same type of IoT attack using undisclosed, unpatched vulnerabilities that they invested resources to find or buy. But anyone can capitalize on long-known vulnerabilities at virtually no cost.”

My Thoughts on RSA Conference 2018

As I have highlighted in 2016 and 2017, this event more than any other I attend each year is simply overwhelming. There is way too much to do and not enough time to do it all.

Add in breakfasts, lunches, dinners and event parties, and almost everyone is burned-out by Saturday morning — if you can even make it past Thursday or Friday.

This year, I spoke on security awareness during the conference, and I also participated in this BrightTALK video panel on emerging threats and cyberdefense. (You can view it for free with registration.) The panel discussion included lessons from recent cyberattacks and breaches, a discussion on what keeps CISOs up at night and a discussion on the biggest cybersecurity challenges and how to overcome them.

Speakers:
- Chris Roberts, Chief Security Architect, Acalvio Technologies
- Nick Bilogorskiy, Cybersecurity Strategist, Juniper Networks
- Dan Lohrmann, Chief Strategist and Chief Security Officer, Security Mentor Inc.
- Joseph Carson, Chief Security Scientist, Thycotic

Which highlights what I like most about the annual event — the people you meet and conversations you have with trusted colleagues from around the globe. It is also a great chance to connect with government friends from around the country, current and former team members and colleagues from different organizations. These conversations inform new strategies for the future.

A friend asked how I would summarize the conference in 2018 in one sentence.

I would say that the security industry is larger and more complex than ever — and is a work in progress just like the Moscone Center in San Francisco that hosted the event.

This cybersecurity public- and private-sector complexity can be a weakness; nevertheless, I urge you become better informed and to take a close look at the RSA presentation content available. You will be glad you did.