2017 RSA Security Conference – Dealing with Emerging Threats

As the traditional security conference begins the 26th year, its scope has significantly developed to address a new era of threats such as ransomware.
A lot has altered since a small group of cryptographers gathered to form the first RSA Security conference (RSAC) back in 1991.This year more than 40,000 people are requested to go to in San Francisco when the conference kicks off with a day of seminars on Feb. 13 adopted by keyinformation and displays the rest of the week. .

“The conference develops every year,” Linda Gray Martin, common manager of RSAC, distributed to eWEEK. She information the Innovation Sandbox, where “next era innovators” from established up the kind of display off their security gear has developed and there are new classes on diversity and cyber-safety for parents.

“There’s also a policy discussion and a focus on privacy that’s bigger than ever,” adds Britta Glade, older duplicate manager at RSAC. “Security used to be something bolted on as part of something the IT department managed but now it’s everywhere. We have a seat at the boardroom table. Security practitioners are everywhere.”

Attendees can expect a full collection of smaller and new security businesses to more established players. Digital Guardian, which specializes in data loss prevention providers has been exhibiting at RSA since 2006.

“I remember during the recession of 2008 we debated whether to do the display because interest seemed to be dipping,” Digital Guardian CEO Ken Levine distributed to eWEEK. “Now it’s amazing how it’s grown. It is the one will need to do accumulating for security professionals.”

There is usually at least one or two concepts that get the most buzz at the annual conference whether it’s a highly-publicized security breach or Apple’s refusal to cooperate with FBI officials seeking to break the encryption in an iPhone used by a terrorist.

Levine seems internet of items security will be a hot region this year as the kind of starting to experiment with IoT deployments want to be sure the gear and the netreally works that feed into them are secure.

While big the kind of rarely transfer to new suppliers for big ticket items like an Enterprise Resource Planning system, security is different. By some estimates the typical company helps over 30 unique security products.

“Unlike other IT regions, there is less scary of groups of suppliers or trying new stuff when it comes to security,” said Levine. “You can have an accounting system that does the job, but security isn’t foolproof. Digital Guardian protects the data, but the kind of also want prevention and that’s elusive.”

Ransomware Uses Data as a Weapon
Glade says Ransomware will also be a big concept of discussion with specific classes to address it. “We had a lot of submissions across different broader concepts where ransomware came into play,” she said. A specific ransomware seminar on Monday will look at the issue from the 2 a specialized and policy perspective.

Ransomware was a big concept of discussion during a webcast by the RSA advisory board ahead of the conference. One of those members, Dimitri Alperovitch, cooriginator and CTO of Crowdstrike, has been warning of the dangers of ransomware for some time.

“I predicted ransomware, the idea of ‘data as a weapon’, would pick up last year at RSA, but I underestimated to what extent,” he said. “It’s become the new common where criminal groups can blackmail and maintain your data hostage or destroy your reputation.”

Another board member, Ed Skoudis, a SANs Institute Fellow, says ransomware started with the perpetrators going after individuals, but it’s become a much bigger problem. “We see it increasingly focused on company focuses on by getting into duplicate systems and network sharing that lets it spread to other systems,” he said.

Where possible, businesses victimized by a ransomware strike should avoid paying, but in some pictures it may be the only option to recover crucial data. “You may have a principle not to pay, but you may have to. Some practical assistance is to have a plan in region as to who is going to pay,” said Skoudis.

“Remember that you are in a negotiation. It’s best to appear small and poor. Don’t let them know they’ve encrypted an entire data center. As far as they know, you are a single individual that requirements to get the encryption key.”

Tanium, which offers endpoint security and management, established not to exhibit at RSA, but is hosting boat charters for customers at a nearby hotel. Still, Tanium’s chief security officer Ryan Kazanciyan, says the display is a bellwether for what’s coming next. “It’s impossible to stroll away from RSA without a really feel of where the security wind is blowing and trending,” he said.

He says company customers he speaks with are frustrated by the number of point providers they have to manage. “The realistic look is most businesses are trying to reduce the number of one-off providers to a smaller established of tools,” he said.

Whatever the item many company traders at RSA won’t have the budget to invest in all the providers of interest. Board member Wade Baker, originator of Cyentia Institute, suggests time your purchases can help. “I’ve noticed many pictures it really works better when you can combine an upgrade in era and include security. I’m always a fan of simplification.