IN DEPTH: RSA 2017 and the call to arms for those tasked with keeping our online defences intact
RSA Conference 2017 has come to a close in San Francisco, leaving the 40,000+ members of the cyber security community who attended with a lot to think about during the coming months.
Although this was my first RSA show, I’ve attended my fair share of security conferences over the last few years and I’ve got to say, something about this one felt different. And not just because of the sheer scale of the event.
As well as the usual updates on the latest cyber threats and developments in the industry over the last 12 months, the messages sent out by the speakers during Tuesday’s opening keynotes provoked the general feeling that this conference could signal the start of something bigger.
The security industry has of course been on a steep upward trajectory for some time now, but this really felt like a turning point. A communal acceptance that what is currently being done, simply isn’t enough. A realisation that the industry as a whole needs to be doing more and that now is the time for businesses, along with government, to really step up to the plate.
In many ways it felt like a call to arms for a battle that now touches virtually every digital entity on the planet. A rallying cry for those tasked with keeping our online defences intact. The start of a cyber security revolution.
The first takeaway of note was that, throughout the conference there was no dancing around the issues and no efforts to dodge the extent of the cyber threats that we now face every day.
The honesty on show by several of the speakers was hugely refreshing, although somewhat frightening at points, and suggests an acceptance that this problem isn’t going to be solved unless changes are made.
For example, Michael McCaul – Chairman of the House Committee on Homeland Security – was brutally honest when he outlined five reasons why we’re currently losing the cyber battle, bluntly declaring: “We are in the fight of our digital lives and we are not winning.”
He spoke about how “nation states are using cyber tools to steal our country’s secrets and copy our intellectual property. Faceless hackers are snatching our financial data and locking down access to our healthcare information. And terrorists are abusing encryption and social media to crowdsource the murder of innocent people”.
Looking forward, he warned about the era of Quantum computing and a “digital atomic bomb” not being too far away.
“The first hostile country to gain such capability will pose a serious threat to the rest of the world,” he said. “We should make sure we are prepared for what lies ahead.”
He even referenced Winston Churchill’s famous “we shall fight them on the beaches” speech delivered to the House of Commons during the second world war, emphasising how “we need to acknowledge that we are under siege in the cyber space and respond with urgency and resolve”.
The danger and prevalence of nation state attackers was echoed by Microsoft President Brad Smith, who spoke about “attacks on civilians in times of peace” and how the 2014 Sony hack was “a turning point” for this new breed of cyber threat.
“Cyber space is the new battlefield. The world of potential war has migrated from land, to sea, to air and now cyber space,” he said. “We all need to recognise the obvious. We are far away from declaring victory.”
Christopher Young, senior vice president and general manager at Intel Security was equally as straight-talking. He identified smart home attacks and data weaponisation as being the key threat vectors in the coming years, warning of the potential for IoT to become the “Internet of Terrorism” as cyber criminals “are moving faster”.
“They’ve got smarter tools and they’re scaling themselves like we’ve never seen before,” he said.
So, refreshing and frightening in equal measure, but also very necessary if today’s cyber threats are going to be addressed.
Another noticeable theme that permeated through the first set of keynote sessions was the impact of modern cyber threats on politics, with specific mention given to the recent US elections which was believed to have been impacted by Russian hackers.
RSA CTO Zulfikar Ramzan kicked things off by emphasising the potential widespread impacts of a politically-motivated attack: “The idea of foreign governments mounting cyber attacks to undermine a US election became mainstream front page news. That attack initiated a ripple that ultimately rocked the foundations of democracy.”
This was followed by Young, who actually predicted that such an attack would take place during his speech at RSA 2016.
“No matter your politics, we all have to agree that the role of data security was on stark display like we’ve never seen before,” he said. “In 2016 in our election, stolen and manipulated data was commissioned as propaganda to assassinate character and try to disrupt our democracy. That’s a real problem.
“While I’m not questioning the outcome of the election, I am calling out that cyber attacks played a real role. It was data manipulated and intended to mislead our ability to make good decisions.”
And then we got to McCaul, who tackled the topic of President Donald Trump’s much-condemned immigration orders that restricted the travel of people from seven predominantly Muslim countries.
Bringing cheers from the crowd, McCaul vowed to fight against the orders and ensure continuing access to the world’s top talent: “In light of recent events in Washington, I know there’s deep concern in this room about whether US policies will continue to welcome international talent.
“We should never forget that this is a country built by immigrants. This is a nation where the oppressed have long sought refuge. Our country is a magnet for creators and entrepreneurs who are willing to take risks and pursue their dreams. The United States must maintain that tradition, not only for our country’s credibility, but for the survival of liberty itself.
“That is why I will fight to ensure that America continues to expand and be open to peaceful, freedom loving people, regardless of where they were born, regardless of how they worship and regardless of the colour of their skin, because that is who we are and that is how we attract the world’s best talent to help build a stronger country and a more vibrant global economy.”
Strong words and a positive message for an industry struggling to come to terms with a much-publicised skills gap.
Continues on page 2…