Modernizing Authentication — What It Takes to Transform Secure Access
SAN FRANCISCO - The annual RSA Conference gets underway today in San Francisco, bringing together hundreds of vendors and tens of thousands of attendees in the common purpose of securing data. Among the big topics this year are cloud, identity assurance and the emerging world that is the Internet of Things (IoT).
Feb. 13 kicks off with the full-day Cloud Security Alliance (CSA) summit, where multiple speakers, including former NSA chief General Keith Alexander, will detail the latest cloud risks. One of the highlights is a session on a new phenomena that security firm Netskope is calling "cloud-first" ransomware. Among the interesting "cloud-first" ransomware attacks detailed by Ravi Balupari, Director of Netskope Threat Researcher Labs, and Krishna Narayanaswamy, Chief Scientist at Netskope, is an attack called CloudFanta. The Cloud Fanta attack abused the SugarSync cloud storage app to deliver malware. CloudSquirrel is another cloud-first ransomware attack that uses multiple cloud apps in an attempt to steal user data.
As the namesake vendor of the conference, RSA, now a division of Dell Technologies after EMC was acquired, will have its fair share of news during its opening keynote on Feb. 14. RSA recently underwent a management change, with former CEO Amit Yoran, who had delivered the opening keynote at the conference the last two years. RSA CTO Zulfikar Ramzan has titled his talk, "Planning for Chaos," on planning for the unknown and expecting attacks.
A highlight of the first day keynotes is always the annual Cryptographers Panel, which always includes the insightful views of Ron Rivest (the R in RSA) and Adi Shamir (the A in RSA). At the 2016 event, the panel discussion dug into the FBI's legal battle with Apple over unlocking the iPhone. With a new president in the White House in 2017, talk is certainly likely to revolve around the impact of the new administration and how cryptographers and security vendors will react.
As is often the case at RSA, there is a fair bit of U.S. government representation as well. For RSA 2017, Michael McCaul, Chairman of the House Homeland Security Committee, and Virginia Governor Terry McAuliffe are speaking about the modern threat landscape.
IoT gets its own 'Sandbox' this year, with multiple vendors and groups, including ISE (Independent Security Evaluators) demonstrating live exploits on popular devices such as medical devices and solar panels.
RSA isn't the only vendor with a keynote at the RSA conference. Cisco, Palo Alto, Symantec and Intel Security all have keynotes, and every vendor that is exhibiting will be singing the praises of their respective technology approaches to dealing with the modern threat deluge. Many vendors will be issuing reports about the state of security, likely noting that there is more bad than good and most organizations are failing to secure themselves in some way.
Closing out the RSA 2017 conference is Late Night host and comedian Seth Myers. Myers won't be the first late night host to speak at the RSA Conference. Back in 2014, Stephen Colbert hosted a memorable closing session. After a week of heavy and intense conversations about security, ending the conference on a light note provides some minor respite (and entertainment) from the reality that is security in 2017. Simply put, cyber security in 2017 is no joke.
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.