3 Top Security Takeaways from RSA 2017 to Keep in Mind Throughout the Year
RSA Conference 2017 boasted 15 keynotes and more than 700 speakers, 500 sessions and 43,000 attendees. There was much to be learned by many, February 13-17, in sunny San Francisco with discussions on cyber in the news to innovation unimagined.
RSA is “where the world talks security” and this year was no exception. The event featured the latest in security technology and allowed major players (and up-and-comers) to interact, share best practices and offer insights for the future of cyber risk and security.
Event keynote speaker Michael Dell set the stage by stating, “Security is now the number one issue that plagues businesses and boards, concerned about the complexity of their security posture and how to manage risk.”
It is true that cyber security is more top-of-mind to both government and industry than ever before. So what were the key trends and topics buzzing around this year’s RSA when it comes to addressing this issue? Here are a few:
Hacking to Keep Data Safe
One of the latest trends in government cyber security is in hiring hackers to seek out existing vulnerabilities in agency infrastructure. At first, this may sound counterintuitive, but through the increasingly popular bug bounty approach to security, organizations are made aware of infrastructure weaknesses so they can troubleshoot before adversaries also find gaps. The Pentagon, U.S. Army and now the General Services Administration are all hopping on this bandwagon to better their cyber defenses.
This year at RSA, attendees were able to explore the vulnerability and exploitability of everyday objects in real-time in the Hacking Exposed LIVE session. The meeting not only demonstrated examples of actual hacks of these devices but was also able to show how simple countermeasures can slow and even prevent an attack.
Securing the Internet of Things
Recent events in the news had a major role in the event discussion, as was explored by network security company Tenable in its RSA recap. Specifically, recent distributed denial-of-service attacks targeting Internet performance management company Dyn shed a light on the risk that comes with an increasing number of connected devices.
Gartner recently predicted that 8.4 billion connected things will be in use this year – up 31 percent from 2016 – and forecasts the Internet of Things (IoT) market will grow to 20.4 billion devices by 2020. As IoT devices become more pervasive in federal IT, so do vulnerabilities. These vulnerabilities come from the often-outdated security installed on devices, creating easy entry points for assailants.
This year’s RSA innovators looked to address this issue, as securing the IoT will only grow as an issue alongside the number of connected devices.
Reexamining Potential for Human Error
This past year, NIST found that federal employees are experiencing “security fatigue” as a result of (what users consider to be) excessive security demands. In many cases, this fatigue is leading users to act in ways that sacrifice data security.
According to Cisco’s RSA insights, effective security must be simple to use, offer open architecture and automated workflows. The RSA Conference looked to not only find technology that can make information security professionals’ jobs less complicated but also brought about conversations on reexamining vulnerability management from a user action standpoint.
Human error is still an issue many organizations face, so not only must employees be educated on the proper cyber hygiene, but it’s time technology can help decrease or eliminate the human errors that may be inevitable in today’s fast-paced world of IT. Anti-phishing technology, for example, can protect users from clicking on false links that could lead to a breach.
While it’s impossible to cover this major event in its entirety – we recommend you attend and reap the benefits – we hope this recap can give you an idea of the cyber security landscape for the remainder of 2017. We’re looking forward to what RSA 2018 has in store!