A recent gathering of global cybersecurity pros explored the latest attack scenarios hackers use to infiltrate corporate networks. But unlike the hopes of misguided potential victims, no silver bullet or software guarantee will fully protect them.
The RSA Conference (RSAC) presenters focused on the surge in demand for implementing a Zero-Trust philosophy. Presenters urged network managers to educate their employees to spot digital identity proofing. This involves securing the data points needed to feasibly proliferate digital ID proofing solutions.
Another leading cause of network breaches is organizations integrating their on-premises environments into their cloud environment. That makes the cloud prone to various on-premises originated attacks.
“RSA Conference plays a critical role in bringing the cybersecurity industry together. As cyberattacks grow in frequency and sophistication, it is imperative that practitioners and experts across the public and private sector convene to hear unique perspectives to help address today’s biggest challenges,” remarked Linda Gray Martin, vice president, RSA Conference.
The RSAC provides a year-round platform for the community to engage, learn, and access cybersecurity content. That process is available online and at in-person events.
Better cyber protections will only happen with a heightened focus on authentication, identity, and access management along with threat hunting activities, according to the RSAC.
Leading the Charge
Kevin Orr, president of RSA Federal, oversees the deployment of security, especially identity access management tools, to federal and commercial customers. His company has roots in the early days of cybersecurity defenses.
At this year’s RSA Conference and the corresponding Public Sector Day, he had the opportunity to speak with leaders in the government and enterprise cybersecurity space. He discussed his observations on the state of cybersecurity with TechNewsWorld.
RSA Federal is an identity and access management (IAM) solutions firm that began as a cybersecurity section within the Dell computer company. Today, it has contracts with some of the world’s most security-sensitive organizations.
The connection between the tech firm now known as RSA Federal LLC and the name of one of the leading encryption technology algorithms is significant. RSA Federal furnishes security services and solutions to customers throughout the public sector ecosystem.
RSA is public-key encryption technology developed by RSA Data Security, which was founded in 1982 to commercialize the technology. The acronym stands for Rivest, Shamir, and Adelman, three MIT cryptographers who developed RSA public key cryptography.
Long-Standing Conference Roots
A series of sales of the RSA company positioned it to capitalize on the growing need for cybersecurity specialists. Security Dynamics purchased the company in 1982. Dell later acquired RSA from EMC in 2006. A consortium of private equity investors led by Symphony Technology Group purchased RSA from Dell in 2020.
The sale reflected both RSA and Dell’s corporate strategies. It allowed RSA to focus on security-first organizations while Dell pursued its product strategy, according to Orr.
The yearly RSAC event is a key gathering for the computer security community. It is considered the world’s leading information security conference and exposition. Originally scheduled for February 7-10, world events led to its rescheduling for June 6-9 at The Moscone Center in San Francisco.
RSA Federal is not a conference sponsor. However, its representatives do take part in panels, showcases, and speeches throughout the event.
This year’s 31st annual conference was the first one held as a standalone, independent business following an investment from Crosspoint Capital Partners in March. The event attracted in excess of 26,000 attendees, including more than 600 speakers, 400 exhibitors, and over 400 members of the media.
The biggest takeaways for cybersecurity were laid out in the keynote addresses, according to Orr. One was the impact on security by the rapid digital transformation.
That change happened faster due to the pandemic. It forced the acceleration of involvement with people having to work remotely from home.
The transformation’s disruptions in the physical world are now causing digital ripples throughout the entire supply chain. Better supply chain security is needed to curb tampering within its technology.
“Another major theme was the role played by rampant disinformation. We are in a hyper-connected world. Disinformation blurs how people distinguish fact from fiction,” said Orr. That continues to impact the use of technology.
Perhaps one of the most damaging impacts is the worsening talent shortage. Simply not enough people are skilled to address the cybersecurity threats and what needs to be done within the cybersecurity domain, he added.
The attacks are increasing with so many different factors now. In the past world, we all sat behind the firewall in a corporation, Orr noted. Security teams could keep track of the good guys and bad guys, except maybe the insider.
“As soon as we went mobile from the pandemic, the firewalls disappeared. Your personal boundary of security disappeared. Some of that boundary needs to be built around identity,” he urged.
Securing the Identity Boundary
From Orr’s catbird seat in the cybersecurity world, he sees how stopping identity breach is now essential. Organizations must know who is connecting to their networks. Security teams need to know what the identities do, where they are in the networks, and what they should have access to see. In this global world, those derails really changed things.
“The attack vectors realigned as well. Attack vectors have really changed,” Orr said.
Network managers now must look at the threat sectors and figure out how and where to spend money. They also need to learn the available technologies and, more importantly, know that the attack surface is bigger.
“That means they need additional sets of people or different sets of skills to come in and address these open issues,” Orr noted.
ROI factors into those decisions, too. What is really driving the security question is that usually a corporate expenditure must have a return on the investment, he continued.
Ransomware Gone Rogue
The increase of ransomware attacks sucks money from businesses. The strategy early on was never to pay the ransom demand. From Orr’s perspective, the better strategy now depends on the circumstances.
Either way, ransom victims make the payoff and hope for the best. Or they refuse to pay and still hope for the best. In play must be a plan for the worst.
“I think it is an individual decision based on the situation. There is no longer one size fits all. You have to take a look at what the bad guys have and what they value. The bigger question is how to stop it from ever happening,” he added.
Lack of Software Options
The cybersecurity industry not only is experiencing a shortage of talent. There may be a scarcity of advanced tools.
“I think there are a lot of basic technologies. I would start with the first stuff. Really take a look. Cybersecurity products for some types of organizations are not really something you can buy. The first step is to learn not to click on the phishing attempt,” advised Orr.
The solution starts with education. Then it continues with putting some parameters in place. Determine what your most valuable data is. Next research how to protect it. How do you monitor it?
“Cybersecurity really is a layered approach,” cautioned Orr.
Never Trust, Always Challenge
That was a big theme of the security conference, he continued. Part of the big change is not being able to trust network visitors.
“That was kind of the thing that has really changed now, not to trust. Always verify is the required approach. Now you are looking at things differently,” he observed.
We’re making good progress. The difference is that now we are preparing for a cyberattack, he concluded.