Posted on February 28, 2014
For a conference that opened with William Shatner and pushed attendees to Share, Learn and Secure throughout five days, the 2014 RSA Conference delivered value, challenges, and ideas on virtually every cyber topic. Speakers RSA CEO Art Coviello and Juniper Networks security executive Nawaf Bitar challenged attendees to replace apathy with action and push leaders to more thoughtfully address the concerns of offensive cyber weapons and privacy. The Chertoff Group’s Michael Hayden, and Richard Clarke from Good Harbor Security Risk Management discussed the Capitol Hill debate on NSA surveillance, and I spoke about the struggle many organizations face when attempting to better identify, rank and prioritize the assets that drive their profitability and are targets of attacks.
RSA attendees also saw attacker theory become reality when CrowdStrike’s Dmitri Alperovitch and George Kurtz demonstrated the ability to permanently and completely “brick” the device making it useful only as a doorstop or paperweight This kind of destruction could be much worse than Shamoon, which destroyed the data on 30,000 laptops, but left them operational.
Booz Allen had a significant presence at the conference and my colleagues and I believe that the following themes will continue to be top of mind for security professionals:
- A growing cyber R&D industry is creating new products to address specific cyber issues, increasingly through big data, machine learning, anti-malware and crypto. Organizations still need integrated, cost effective solutions and need to consider how true solutions can be achieved. One aspect for many public and private organizations includes trying to understand and respond to the privacy concerns over the mining of public data, which is essential to predictive intelligence.
- Instant messaging and other innovative mobile technologies allow brands to meet their customers’ needs in more cost effective ways, yet, more and more hackers are making a decent living by developing and selling zero-day and other exploits that take advantage of the growing use of mobile. CISOs must work with senior management to help them understand and balance the threat risks with the business opportunities. Read Booz Allen’s interactive infographic to learn more.
- The personnel needed to effectively manage technology risks is not available. The industry needs to focus on building a tradecraft – intelligence-based defense teams that can turn information into intelligence, insight and action – that blends experience, training and technology.
- Organizations continue to need better ways to measure, manage and improve their risk management capabilities. For better or worse, cyber security is dominated by its IT roots and many organizations find it hard to move away from the focus on buying, implementing and owning technology products to patch poor design and system engineering. Those who have moved to a holistic cyber security program that includes process and risk management with a predictive edge are ahead of the game.
- Citizens, businesses, and governments have been put on notice that a new set of behaviors and practices is needed to navigate the level of potential surveillance individuals and organizations can exercise in the still evolving Internet space. Gaining a level of confidence to operate in this environment and understand the risks will take time.
The RSA Conference offers sharing, networking and learning in spades, however, the largest gathering of cyber professionals demonstrated yet again that our community is still focused on point products and band-aids: anti-virus, firewalls, administrative controls, filtering, IDS, etc. When CISOs turn to off-the-shelf products they’re often left dealing with training, integration and implementation by themselves. Recently, Booz Allen released a white paper, “Shifting Risks and IT Complexities Create Demands for New Enterprise Security Strategies,” that helps security decision-makers address this challenge. The white paper, which received positive feedback from RSA attendees, provides actionable information on the current threat landscape, the changing role of the CISO and CRO, and the consequential need for an end-to-end security and service partner.