By Eyal Benishti
The world’s largest cybersecurity event, RSA Conference, took place earlier this month in San Francisco, bringing together top security leaders and pioneers from all over the globe to discuss the latest technologies, risks and approaches to cybersecurity.
This year, the show’s theme was Power of Opportunity, with an emphasis on unity. For the third year in a row, the Internet of Things (IoT) was the hot topic, as was machine learning, artificial intelligence, government security and regulations.
To kick off the show, RSA CTO Dr. Zulfikar Ramzan discussed the potential implications of a politically-motivated attack, calling for businesses to “work together across the public and private sectors to ensure that our organizations, our infrastructure and our social institutions remain resilient.”
To further reinforce the ‘unity’ theme between business and security, Ramzan surprised attendees with a special guest, Michael Dell. According to Dell, and in concordance with Ramzan, security is the number one issue plaguing businesses today. Further, with the digital transformation starting to begin across a variety of industries, “IT is becoming BT – business technology,” with the opportunity to significantly change all sectors of society for the better.
While the opening keynotes at RSA called for collaboration and transformation, others were less optimistic. Rep. Michael McCaul, chairman of the U.S. House Committee on Homeland Security, for example, outlined the serious risks of state-sponsored hacking. “I’m going to be brutally honest: We’re in the fight of our digital lives, and we are not winning,” he said. McCaul went on to say that the Russian state-sponsored hacking of the Democratic National Party was the biggest wake-up call yet.
Israeli cryptographer Adi Shamir questioned the proper etiquette for attacking back. “If you talk about private sector attacks, I’m completely against hacking back in revenge,” said Shamir. “If you talk about governments, I would completely flip it … not to hack back, but my government should hack before, in order to learn about the tools and plans.”
To help mitigate the increasingly complex and frequent cyber threats, Mark McLaughlin, CEO at Palo Alto Networks, said, “The government needs to teach its citizens, parents need to teach their children, and employers need to teach their employees about hygiene in the digital age.” On the other hand, some RSA attendees recognize that humans are the weakest link when it comes to cybersecurity:
While awareness and training certainly play a role in mitigating cyber threats, like email phishing, relying solely on employees to protect the enterprise is simply not fair. Phishing is an epidemic, and we’re working to reduce the success-rate of this problem. In the meantime, phishing techniques will continue to evolve and attackers will become more sophisticated.
That’s why we’re taking a different approach. In today’s threat landscape, in order to prevent both the financial and reputational damages caused by email phishing, companies must implement cybersecurity with an automatic response, in addition to awareness and training, that can reduce the time frame from discovery to remediation from weeks to minutes.
(Eyal Benishti is CEO of IRONSCALES. This post was first published on the IRONSCALES blog).