RSA Conference 2013: A Newcomer’s Perspective

A few weeks ago, a couple of colleagues and I attended the annual RSA Conference in in San Francisco. My colleagues have already offered their detailed descriptions of the event; instead I’ll discuss the broader themes I saw at the event.

Contrasting atmopsheres

The exhibit floors were cheery – almost festive, in fact – with loud chatter, freebies, and buffets. Vendor booths offered an attraction that ranged from contests, to illusions, to arcade games. Even the keynotes on the first day started with a band singing We are the Champions and We Will Rock You.The mood in the track sessions and keynote lectures was completely different. Discussions there focused on offensive security touched on various aspects including legal concerns, requirements in skill sets, possible moral/ethical issues, and challenges in determining attribution. Sessions on cloud computing mentioned concerns on compliance and data protection, determining standards for cloud service provider partnerships, and managing risks, behavior, and organizational culture.

Some keynote sessions took a more contemplative note. Wikipedia’s Jimmy Wales shared the role of the Internet in democracy; former Secretary of State Condoleeza Rice noted that traditional ways of defending one’s self from an attack does not work especially with the current cybercrime landscape, the developments of the Internet and cloud computing.

Breaking down (big data) and building (one’s intelligence)

Among the themes highlighted during Arthur Coviello’s Big Data Redefines Security discourse was that big data is here and a big contributor is the increasing number of devices connecting to the Internet. However, information from big data can also be used by adversaries against individuals, organizations, or even nation-states. Organizations need to understand ow to act and not react to skewed information or FUD. This brought to mind the slew of APT campaigns discovered last year and how our researchers have called for organizations to begin focusing on threat intelligence and building a custom-defense strategy to deal with these threats.

In fact, sessions on intelligence sharing like Sean Barnum’s The Secret to Effective Cyber Threat Intelligence and Information Sharing showed information sharing communities that included segments from the government, technology vendors, and private institutions. The panel on Advancing the SOC: Agile, Intelligent, and Context Aware also highlighted the importance of both internal and external security intelligence in big data analytics and context awareness.

Starting and Ending with People

Considering the human element in security is just as critical. “The Human Element” sessions may have only been added this year, but some sessions on other conference tracks also tackled, if not highlighted, the flaws in user behavior that allow or may allow a security event to happen (such is the case in most mobile security/BYOD topics). Other sessions called for better security awareness programs for employees (or perhaps a different behavioral approach), while others still discussed managing one’s identity.

It has been said for the longest time that humans are the weakest element in an organization. But the changing tactics and techniques of cybercriminals, the developments in technology, and the convergence of mobile, cloud and big data now require them–us–to be the strongest. Most of us are, after all, called knowledge workers for a reason.

Post from: Trendlabs Security Intelligence Blog – by Trend Micro

RSA Conference 2013: A Newcomer’s Perspective