The RSA Conference 2018: NOW MATTERS!
Almost a week ago, I attended the RSA conference 2018 together with my colleagues from Sweden, Germany, the Netherlands and Belgium. Before I give you my opinion and share the most interesting insights, I want to start off with the importance of this event.
7 Reasons Why (you should attend the RSA Conference 2018)
- More than 500 booths
- About 50.000 security professionals
- Much more than a sales conference
- Inspiring keynote sessions of the major sponsors and keynotes on technical matters e.g. cryptography, AI, new malware techniques…
- Incredible sessions about all security domains e.g. application security, governance or privacy, IoT, Cloud Security, GDPR, identity management, machine learning, human elements…
- Demos and startups regarding IoT, Industrial Control Systems (ICS), Car Hacking…
- Training from organizations such as the Cloud Security Alliance (CSA), SANS, (ISC)²…
The Silver Bullet in your Security Strategy
It matters, and it matters now! The good guys need to take action because they can really improve the security posture. On top of these great people, organizations will also need process and technology to get closer to their silver bullet solution.
2017 has been a year of major security breaches. Companies more than ever have to be ready to react appropriately when a breach occurs. They need a proper risk management strategy not only to define the priorities in the investments to be made, but also because of residual risk, as there are no solutions yet that guarantee a 100% success rate. So, it is very clear when it comes to breaches that there has to be a good prepare and respond process in every holistic security strategy.
RSA Conference 2018: lessons learned
I went to a very interesting session on Open Authorization (OAuth) 2.0 (https://oauth.net/2/) and the threat landscape that comes with it.
There are also new IAM solutions on the rise which use blockchain technology (interesting for proofing), or to extend the FIDO reach with the new FIDO2 standard and its passwordless stronger authentication.
FIDO2 is comprised of the W3C’s Web Authentication specification (WebAuthn) and FIDO’s corresponding Client-to-Authenticator Protocol (CTAP). This combination will enable users to leverage common devices in order to easily authenticate online services – in both mobile and desktop environments.
A lot is going on regarding Cloud Security. It is obvious that security measures should always be part of the automation process. Furthermore, processes and team work must be improved to adapt to the cloud way of working. This relates to development projects, but it also relates to business applications of course.
A lack of training or competence will produce a major risk. Cloud technologies require an architectural shift and a mentality shift because we are moving away from the good old on premises datacenter days. It is crucial to have visibility tools when working in a cloud environment to keep track of who creates what; to see whether it was done accordingly to security policies; whether it is normal behavior…
How to detect insider (or an external hacker masquerading) threats when the primary controls are already bypassed? Data governance is key to distinguish the right from the wrong. Technology (based on AI or not) will of course help you to manage the huge amount of data. But, once you found something, how to respond? Do you imply law enforcement? Which organizational departments should be involved? My advice is: learn to walk before you run. A very useful tool to guide you, is the Security Maturity Model. This will help you to determine your Security Maturity Level and it will tell you where you need to be in comparison with your peers and on which level you need to improve first for people, processes and technology.