On the plane trip to the annual RSA Conference I watched the documentary “Batkid Begins” which also takes place in San Francisco. SF becomes Gotham City for a day so a young cancer patient can realize his dream of becoming a superhero thanks to the Make a Wish program. The child teams up with a grownup Batman and saves a damsel in distress tied to a bomb on the cable-car tracks, thwarts The Riddler's robbery of a safe and races in the Batmobile to defeat The Penguin and free the kidnapped San Francisco Giant's Seal mascot. The mayor presents the child with a key to the city as tens of thousands of citizens from around the country cheer the triumph of good over evil.
As we landed at SFO, I thought to myself: As touching as the Batkid story is, how remote it is from today's cyber-crime scene of sophisticated hacks on retailers, power grids, hospitals and government offices. Many of today's cyber-crimes are the stuff Hollywood movie moguls haven't even thought up yet. The bad guys who plan and carry out these attacks are faceless cyber criminals and nation-states with intangible malware and other nasty software tools as their weapons that can even reach down and burn up firmware, for example, to turn off the power grid (yes, this is what they did in the Ukraine). And the threats seem to be growing in frequency and magnitude.
Definitely, a gloomy reality in need of a cyber superhero.
However, now after attending RSA 2016 in San Francisco, my mood has lifted. I am encouraged by the solutions presented in the sessions and the discussions that spilled out into the hallways and onto the exhibit floors -- about application and threat protection, cloud security, encryption and the limits of the judicial system, the Internet of Things (IoT), malware attacks, risk reduction and challenges for CISOs and the enterprise Boardroom.
RSA 2016 Insights
Reuven Harrison, CTO of Tufin, provided insights on cybersecurity and critical infrastructure protectionin his interview on Bloomberg Radio live from RSA.
SANS sessions “Securing Today's Online Kids” and the CyberSafety Village activities focused on internet cybersafety for children with participating organizations such as National Cyber Security Alliance, Hacker Highschool and Family Online Safety Institute.
Researcher Ann Cox of Homeland Security led a lively review of the advisory document “Security Tenets for Life Critical Embedded Systems” with detailed industry-independent cybersecurity best practices to provide guidance for systems that if attacked/compromised would result in loss of life. Controversies such as how to rapidly test and deploy essential security patches, regulatory constraints, considerations for technologies that cannot be updated such as implants, and more were discussed by attendees from diverse industries such as healthcare providers, medical devices, energy, transportation, defense, regulatory bodies and network security technologies.
With IoT, vulnerabilities are everywhere, exposing more attack surface. In the session “Why Transportation is a Target,” Kurt Baumgartner, principal security researcher at Kaspersky, said that the “biggest impact [on transportation] is IoT – the internet of things or Internet of threats depending how you look at it.” Cybersecurity evangelist for IoT, the automotive industry and medical devices Joshua Corman noted, “We are years behind PCI DSS… Cars have a hundred million lines of code… Segmentation is key.”
The expert panel of “Evolving Security Operations: The Future of Orchestration” with moderator Renee Tarun, Deputy Director, NSA Cyber Task Force focused on topics relevant for our cybersecurity “space”. Philip Quade, NSA Director's Special Assistant for Cyber and Director, NSA Cyber Task Force said, "Security orchestration is a really big deal, …a game changing approach.” He cited the example of ICS/SCADA as “a perfect environment for orchestration for critical infrastructure."
Automation and orchestration provide command and control. Dr. Peter Fonash, Chief Technology Officer for Cybersecurity and Communications, Department of Homeland Security, remarked that people and organizations should focus on innovation and their own IP and that "interoperability is key to automation." Oliver Friedrichs, Founder and CEO of Phantum Cyber, said, "We need to overcome the fear of automation." He emphasized that we have to automate, since there's a huge, growing shortage of security professionals. Fonash discussed foreign intelligence at speed and scale, describing the acute need for automation and integration in enterprise networks since "you don't want show up at a gun fight with a knife."
Keynote sessions by U.S. Attorney General Loretta Lynch and Admiral Michael A Rogers, U.S. Cyber Command, Director, U.S. Navy, Commander, National Security Agency/Chief, Central Security Service outlined their plans of action, calling for collaboration within the tech industry as well as nations with similar values and goals to combat cyber-attacks.
During this year's RSA conference, record-breaking astronaut Scott Kelly returned to earth after almost a year at the international Space Station. Admiral Rogers related this milestone to the global cooperation needed for cybersecurity, noting that “it took an international sustained effort for the space program.” Attorney General Lynch summed it up when she said, “There is nothing we can't solve. … The issues created by tech will be solved, as always, by humans working together.”
Perhaps everyone in the cybersecurity field actually dons an invisible cyber superhero suit every day. Although we may not view it that way, it may actually be so.
One More Thing
Whether you are a CISO, data center manager, cloud security expert, compliance officer or a tier-one analyst, I'd like to ask you:
If you could make a wish about cybersecurity for your organization, what would it be?
Share your reply with us here or email us at email@example.com, especially if you'd like to be a guest blogger.