AI, IoT and a new round of cyberthreats were some of the issues that took center stage as RSA Conference 2018’s third full day came to a close. Here’s a quick recap of the topics attendees were talking about as they prepare their departures from the City by the Bay.
AI is today’s must-have skill
Remember the days when computer science and programming were the go-to courses for people looking to get into tech? Today, according to IBM Security co-CTO Koos Lodewijkx, the most popular course is Introduction to Machine Learning. In an interview with TechRepublic at RSAC, Lodewijkx said this shift will change approaches to security in the future.
“The students coming out of college right now have been taught a whole new way of attacking problems with IT,” he said. Basically, he said, security professionals need to use AI to combat the AI hackers are using to launch more powerful and versatile attacks.
Lodewijkx pinpointed three new ways attackers are flexing their muscles: Using AI to mount faster, more specific attacks against their targets; attacking enterprises’ AI implementations; and scheming to extract the intellectual property that’s captured in the AI models for their own purpose.
IoT security is still an open issue
IoT, meanwhile, is attracting a lot of interest in the security arena, but there are no clear resolutions about how to best protect against IoT-targeted threats.
“A lot of the manufacturing behind IoT devices today feels like the Gold Rush… everyone wants to get there in a hurry,” said John Cook, senior director of product management at Symantec, speaking at RSAC. “You effectively have people staking out a claim in the area without further thought to security.”
While IoT security has been criticized over the past few years, Threatpost reported that IoT device privacy is another pain point highlighted at RSAC, particularly with the rise of voice assistant devices such as Amazon Echo and Google Home.
“One issue we found with these [IoT] devices is that it might not be a vulnerability – it might be that we’re oversharing data,” Tony Anscombe, global security evangelist at ESET, said in an RSA session.
Three more things to worry about
Every year there seems to be a new round of cyberthreats that gets people’s attention at RSAC. This year, consultants from the SANS Institute identified their top three: data repository leaks, cryptomining and vulnerable industrial code.
As organizations stash more data in the cloud and in online repositories, they can expect more leaks. The problems crop up when private repositories aren’t configured correctly or organizations inadvertently expose data by marking a repository as public.
Having data in the wrong buckets makes it “even juicier for the bad guys,” said Ed Skoudis, an instructor at SANS.
Hackers are turning to cryptomining to avoid being traced, SANS’ Johannes Ullrich said. To lessen the likelihood of a cryptomining attack, companies need to monitor network traffic because hackers have to connect to mining pools that security teams can detect, he said.
Then there’s vulnerable industrial code. SANS researchers said there’s been an increase in activity on the dark web focusing on this code, like power grids and controllers. Expect more of it. The fact that these infrastructures lag behind in terms of modern operating systems and applications makes it harder to defend against malicious code.
Stretching across the globe
RSAC, of course, attracts attendees from way beyond the U.S. An IT World Canada piece noted that 27 countries sent exhibitors to capture some security mindshare at the show. This included 18 companies from Canada, 50 companies from Israel and 45 from Australia.
“Our goal is to meet as many network architects as possible, because when we speak to them directly it cuts through all the marketing hype,” Carolyn Rabb, a VP with Ottawa-based Corsa Technology said.