What’s hot at RSA 2017 – AI, devops, IoT and ransomware?
This week marks one of the hottest events in the security industry’s annual calendars - it’s RSA week. The now-seminal security event hits its 26th year in 2017, and it’s time to take stock of the state of security for the next 12 months.
The conference has certainly changed over the years, from a small group of cryptographers at the first RSA Security conference (RSAC) back in 1991, to an event hosting more than 40,000 people in the Moscone Center, San Francisco, which began on February 13 followed by keynotes and exhibits the rest of the week till February 17.
RSA Conference has become one of the core social events of the year, and features a string of famous names at the keynote lectern, as well as a veritable who’s-who patrolling the show itself. Keynotes include Dame Stella Rimington, formerly Director General of the Security Service (MI5), Terence Spies, HPE Distinguished Chief Technologist, Hewlett Packard Enterprise, Zulfikar Ramzan, Chief Technology Officer, RSA and Brad Smith, President and Chief Legal Officer, Microsoft.
An interesting moment will surely be Representative Michael T. McCaul from the House Homeland Security Committee who is set to talk about cyberwarfare, highlighting concerns over the new administration’s stance on cybersecurity, which is still an unknown quantity.
Elsewhere there’s plenty of interest for IT professionals looking at the devops sphere, with a day-long track specialising in rugged devops and devsecops. Also, a “security foundations” track aims to address some of the everyday challenges, such as virtual machine and container security along with identity and access management.
"This year we head into the conference at a time when security is being discussed more than ever before. Tens of thousands of attendees will come to San Francisco this week to share information and drive collective intelligence from both the private and public sectors," said Linda Gray Martin, Director & General Manager of RSA Conference. "The cybersecurity industry is stronger than it has ever been – of more vital importance than it has ever been – and RSA Conference remains the platform where the world talks security."
Key themes throughout the conference are likely to be IoT security, machine learning and artificial intelligence, privacy and ransomware. The latter was a key topic of discussion during a webcast by the RSA advisory board ahead of the conference, while machine learning and artificial intelligence has become a serious industry trend.
Whether you blame shortage of digital talent or restricted budgets, the combination of embattled business and the rocketing volume of attacks has created a perfect storm of conditions for machine learning to rise. From security start-ups such as Cylance, through to incumbents including Symantec and IBM, the ‘AI’ trend is undeniable. With the latter’s cognitive software ‘Watson’ stealing not only the Jeopardy! Crown, but also the headlines with cancer treatment calculations and now cybersecurity defence, it’s not only the IT security industry that has sat up and taken notice.
Ilia Kolochenko, CEO of High-Tech Bridge said: “We should keep in mind that we are still very far from a comprehensive AI. Modern technologies may represent a small part or a tiny component of AI, solving particular problems in a fast and efficient way without involving human. While AI should be able to solve any types of tasks, from mathematics to philosophy, just as well as an average human would. Moreover, also similar to a human, the AI should be trainable to solve any advanced problems, such as law or nuclear physics.
“Nonetheless, modern machine technologies, based on Artificial Neural Networks (ANN) for example, can significantly reduce human time and efforts to perform certain tasks, particularly in cybersecurity. However, such technologies are usually quite complicated to design, train and monitor to get relevant and continuously improving results. AI-based technologies can optimise many tasks and save resources, however they will hardly replace human intelligence in the next ten years.”
Other key highlights from the RSA programme include an interview with Alphabet’s Eric Schmidt, Most Dangerous New Attack Techniques with SANS Panelists Ed Skoudis, Michael Assante, Johannes Ullrich and moderator Alan Paller, NetWars in the Sandbox SANS DFIR NetWars Tournament SANS One-Hour CtF (Capture the Flag), and The Cryptographers’ Panel.
Although the capture the flag events should provide some more practical excitement, the real strength of RSA - as opposed to the more lurid Black Hat and DEFCON events - has always been the heartland of securing enterprise data and networks. It has become the place to learn about enterprise best practices, rather than add to the ever-increasing list of new threats to worry about.
That said, it’ll be almost impossible for attendees to walk away from RSA this week without a pretty clear picture of where the industry is headed over the coming months. We’ll be back later in the week with a rundown of our top moments from RSA 2017 so you get the same…