To figure out where we're headed in the information security industry, let's take a look at the past. Some of the takeaways of note in RSAC 2017 include:
- Security isn't just a tech problem, but a business problem
- There's a complexity and too-many vendors problem - consolidation helps you simplify what you can control
- Many different products are bolted on and silo'd; there's a lack of automation that can be solved by using the cloud
- We have security tools we're not using to their full potential today
- The rise in weaponization of information (fake news), connected devices (botnets) and ransomware as the next threat vectors
- Basic recommendations to ensure cloud trust include two-factor authentication, policies, identity access management, encryption, etc.
- The introduction of the concept of protecting the corporate security perimeter - without firewalls
At RSAC 2018, some of the major themes included:
Keynote: Our Biggest Bet Yet; Mark van Zadelhoff, General Manager, IBM Security
- Security innovation - beyond tech - means putting security first, and making security the new ‘sustainability’ in the corporate world, as echoed in Microsoft and McAfee’s keynotes
- We've actually made progress on adopting the security basics - least privilege access, default encryption, multi-factor authentication, intelligence-driven security, etc.
- Industry maturity in understanding the dynamic, software-defined perimeter that requires a shift to contextual, real-time user and device-based controls to secure modern enterprises - while moving away from not-so-user-friendly virtual private networks (VPNs)
- Cloud is here and everywhere - now it's about automating cloud security, building cloud-native security programs, and strengthening internal application security practices
- Last year was a wake-up call - WannaCry & NotPetya showed the full global, geopolitical force of ransomware
What's next? According to the Associate Deputy Attorney General, Sujit Raman, the rise of encryption and cryptocurrency is making it harder to detect ransomware - in addition to the rise in cryptojacking, which is when attackers secretly use your (interconnected or Internet of Things) device to mine cryptocurrencies. He cited a statistic from Check Point that reported that cryptominers have impacted 55 percent of organizations globally.
The General Data Protection Regulation (GDPR) - it's May, and that means your business should be ready for the enforcement of the European Union's data regulations (goes into effect May 25, 2018 - we'll release more information next week about what Duo has done/is doing to welcome a hopeful new era of security and privacy with the GDPR).
Force multipliers - these are security and technical solutions or frameworks or designs that allow you to do the work of many more than you may have employed or dedicated to security. Force multipliers are important for scaling purposes; as businesses grow, is your security approach to preventing and detecting threats keeping up?
One example is Duo's own internal corporate security (CorpSec) strategy that includes the use of automated systems like a SecurityBot to communicate with employees and alert them when applications are blocked, when to update devices, etc. to eliminate some manual effort for the security team, as Senior Information Security Engineer Chris Czub presented in CorpSec: What Happened to Corpses A and B?
Another example is identifying employees/users that are force multipliers for your internal security, that is, allies that are engaged and interested in the security process, then arming them with additional resources, and directing peers to them as security leaders. Changing your security culture to view your users as allies rather than problems that need protection from themselves is a step in the right direction, as Duo’s Advocacy Manager Zoe Lindsey outlined in her talk, “The System...Is People!” Designing Effective Security UX.
The concept of doing more with less is particularly important going forward, in part due to the talent shortage in infosec - something that has prompted movements like Girls Who Code to go global. In her keynote, Girls Who Code Founder Reshma Saujani stated that the tech industry has the potential to solve the gender parity in infosec within the next 10 years.
See our complete coverage of RSAC 2018.