The risky state of IoT, security ‘now mattering’ and a call to action by attendees all resonated with me at this year’s RSA Conference.
The RSA Conference was back again in 2018 at the Moscone Center in San Francisco this week. This year’s conference boasted 17 keynotes with more than 600 speakers and 50,000 attendees. With these inspiring keynotes and dozens of partner and customer meetings in the book, I left excited about both the progress we’ve made and the work ahead. Knowing that there’s definitely still much more innovation needed, collectively, we are making security a much higher priority, and that will only propel us forward on the cybersecurity battlefield.
The discussions at RSA ranged from the impact of recent cyberthreats to GDPR, and how now, more than ever, companies are focused on finding solutions to protect their data from cybercriminals. In today’s increasingly connected world where the average user owns multiple devices, there are now even more entry points for cybercriminals to attack. For the leaders at RSA, it is important to find solutions and remain proactive to help manage these diverse endpoints, and set security and compliance measures in place to counteract threats.
Here are a few of my top takeaways from the show.
Security ‘Now Matters’
That was the theme at this year’s RSA Conference, and it was certainly fitting. More so now than in recent years, there is clearly a palpable urgency around the growing need for security. Whether that urgency stems from securing our country on a political level, or securing IoT devices and deterring ransomware, there’s a sea change happening before our eyes.
One of the RSA panels included legal minds as well as counsel from the U.S. Department of Homeland Security (DHS), the National Security Agency (NSA), and the U.S. Department of Justice (DOJ). General counsel for the NSA, Glenn Gerstell, even drew parallels between today’s cybersecurity threats faced by the entire planet to the 1918 global influenza pandemic, wherein nearly the entire planet was exposed to infection.
Linda Gray Martin, director and general manager for RSA conferences, wrote in a post: “As we become more dependent on the latest and greatest gadgets, more and more of our personal lives are becoming digital—whether we like it or not. With that is the inevitable realizations that cyberthreats are looming larger than ever, with more opportunities for cybercriminals to strike.” With this in mind, RSA 2018 was filled with companies continuing the discussion of improving security strategies in the present and future, as well as unveiling new products to help us reach these lofty goals.
IoT Risk Hits All-Time High
IoT was once again another hot topic at RSA, where an emphasis was placed on industrial exploits. Gartner recently predicted that 8.4 billion connected things will be in use this year—up 31 percent from 2016—and forecasts the Internet of Things (IoT) market will grow to 20.4 billion devices by 2020. Cybercriminals have now realized that smart devices are more than just simple targets: they can be ‘drafted’ into huge botnet armies and used to launch DDoS attacks of unprecedented scale, and smart factories are seeing an increased level of these attacks. As smart factories are seeing increased automation, connectivity and complexity, combined with the growing sophistication of attacks from their adversaries, the risk is at an all-time high.
New risks can now also be found in home assistants such as Google Home and Amazon Echo. With recent news that companies are intending to enable person-to-person payments via the these voice-enabled home assistant platforms, the opportunity for voice commerce fraud is a trend that is just beginning. These trends, among others, were discussed frequently in the current state of IoT security, and while improvements have been made from a year ago, IoT security still isn’t at the advanced stages it needs to be.
Organizations of all shapes and sizes are deploying IoT solutions over cellular 4G LTE networks to enable new business opportunities, streamline operations and reduce costs. But there is still apprehension around adoption, due to the need for better IoT security before expanding deployments. Through real-world examples, sample code and demos, presenters at the show helped bring to light these threats and new methods for detecting aberrant behavior emanating to/from these devices.
Help is on the Way
Microsoft President Brad Smith called for an agreement to be made in the form of what he coined “the Digital Geneva Convention.” McAfee CEO Chris Young asked when “will the digital 9-11 happen to us?” as he likened the almost daily cyberattacks in the headlines to skyjacking in the early ’70s. And they weren’t the only ones calling for increased intervention. Numerous tech executives during my time at RSA echoed the call for the private and public sectors to work together to prevent attacks.
In a way, we as technology companies have to be the first responders for these issues. We live in a new world. Today’s world has seen a shift, and cybersecurity has become where the battles are fought. That gives to us, the companies and the individuals across the tech sector the first responsibility to keep people safe.