(Not so) Random Musings from RSA Conference 2017

Cesare Garlati, Chief Security Strategist, prpl Foundation

cesare-garlati-rsa-sf-2017The world’s great and good of the information security industry descended on San Francisco this week for RSA Conference 2017. On the surface, it looked like more of the same this year.  There weren’t a huge amount of new companies exhibiting this year and the traditional vendors all seemed to be consolidating and streamlining their product lines in attempt to demystify buyers.  It even saw the McAfee brand back this year after a noticeable absence in the previous “Intel Security” era.

What was extremely apparent, however, was a return to the future.  By this I mean the return of focus on securing  the endpoint.  From laptops, desktops and mobile phones, BYOD reared its head again under a different guise – Bring Your Own Anything.  The reason for this is likely the shift to the cloud and away from traditional on-premises offerings, where RSA vendors have typically focused in the past.  This trend has meant that as applications, services and virtual workloads move to the cloud and third parties, the corporate data centre is becoming less and less central to IT budgets.  As such, we are now seeing a trend where established vendors are following suit and looking once again the endpoint as a source of revenue, albeit from a slightly different perspective this time.

This difference comes in the form of Internet of Things (IoT) – which, based on the amount of presentations at RSA this year, is clearly of major significance within the industry.  Kaspersky jumped on the bandwagon and announced its platform for IoT and AT&T, IBM, Symantec and others announced an IoT Cybersecurity Alliance.

RSA Conference 2017
RSA Conference 2017

But is IoT just another buzzword? The scepticism comes from the fact that traditionally, RSA has been a datacenter/network security event.  Granted, network perimeters are changing significantly with the advent of things like the cloud and IoT, but I’m still unconvinced that people can define IoT successfully in this context.  It simply isn’t a problem that traditional network security is going to fix, as evidenced in prpl’s extensive research into how to secure the IoT. We know that security IoT has to start at the hardware level, and that traditional RSA conference vendors have little understanding of this space

It was encouraging to see a large presence by the not for profit Cloud Security Alliance that was poised to tackle the IoT issues and the crowd for the CSA seminar exceeded 1,400 – with queues out of the door for attendance.  Its approach, which advocates open standards, is one which prpl aligns itself with and it is heartening to see everyone coming together in an organised manner to undertake the problems associated with IoT security.

Finally, the last significant observation for me at RSA was the emerging role of identity  as it relates to securing corporate data.  There was a lot of innovation happening around the idea of making passwords obsolete and start-up UnifyID even took the RSA Innovation Sandbox contest with its implicit authentication platform that combines machine learning and the array of devices around us to match our bodies, and more specifically the way we move, to our identities.

It’s innovations like these and the group mentality of coming together to face security issues head on that mean RSA will be successful for years to come. It just needs scratching away at the surface to get to the real innovation: end to end security cloud to silicon.

Prpl takes part in IoTSF discussions on industry collaboration

Last Tuesday the prpl Foundation took part in the annual IoTSF conference in London. Art Swift, President on the prpl Foundation, took part in a panel Tuesday afternoon on “United We Stand; Addressing the Bigger Challenges of IoT Security with Collaboration”. The panel centered around the idea of the building an “Internet of Trust” and how security through collaboration can help. Along with Art, the panel featured John Hayne, chairman of the IoTSF, Paul Wilson of the Multos Consortium, Hugh Boyes of the IET, Idris Jahn from IoTUK and Aapo Markkanen, principle Analyst at Machina Research.iotsf

The panel began by asking each member how they see the IoT terrain changing over the next few years, and how can the current work being done by the IoTSF in promoting best practices in security could help this. The main theme throughout all answers was simple: trust. The IoT needs to invest in a supply chain of trust between manufacturers and consumers,with consumers being able to trust that the security of the products is up to standard, and that manufacturers will take the security of their products more seriously. Continue reading

Securing The Internet of (broken) Things: A Matter of Life and Death

If you’re like me you’ll probably be getting desensitized by now to the ever-lengthening list of data breach headlines which have saturated the news for the past 24 months or more. Targeted attacks, Advanced Persistent Threats and the like usually end up in the capture of sensitive IP, customer information or trade secrets. The result? Economic damage, board level sackings and a heap of bad publicity for the breached organization. But that’s usually where it ends.

Continue reading

Open source software under attack – is the worst still to come?

What we can learn from the recent cyber attacks to the popular website GitHub and why we should worry about what is likely to come next.

github-attackOver the last few days the popular website GitHub has been the target of a massive Distributed Denial Of Service attack – DDoS, apparently originated from China. As I write this note, the GitHub status webpage now indicates “Everything operating normally” and “All systems reporting at 100%”. However, I am afraid the story is far from over and the worst may still be to come.

Continue reading