RSA: Battling Threat Actors and the Ongoing Cyber War
Criminals never sleep. Yesterday’s worst case scenario could easily become today’s reality.”
With that grim picture, acclaimed character actor John Lithgow kicked off the keynote session at RSA Conference 2017. Lithgow told the capacity crowd, comprising mostly security professionals, that they’re “outspent, outgunned, outnumbered” by threat actors.
“Imagine a hacked planet. Imagine what the earth would be like without security,” he said, adding that all trust and privacy would disappear. All digital actions would be exposed. Banking and commerce would crumble.
The Butterfly Effect
A hacked planet would be the result of a ripple effect in which a security incident starts small and grows into chaos, said RSA CTO Dr. Zulfikar Ramzan.
“Our problem isn’t limited to the initial cyber attacks we face. Our problem is the long tail of chaos they create,” he said, pointing to the attack on the Democratic National Committee. Whether or not the DNC hack impacted the election, it was a mainstream news event that initiated a ripple effect that “rocked the foundation of democracy.”
Ramzan noted, however, that this butterfly effect and the resulting chaos create opportunities along with challenges. It creates the opportunity for organizations to focus on business-driven security and eliminate the “gap of grief” that exists between security teams and the business.
“Security isn’t just a technology problem. It’s a business problem,” he said.
Ramzan suggested three ways organizations can get a handle on the chaos:
- Treat risk as a science, not a dark art.
- Simplify what you control.
- Plan for the chaos you cannot control.
“Chaos doesn’t just happen to us. It happens for us,” he said. Chaos provides opportunities to adapt, learn and grow. He added: “Chaos creates amazing moments of truth. And it forces progress that can be painful.”
Ramzan advised the audience that now is their moment of truth. The threat landscape is such that failure to adapt and control the chaos could be catastrophic.
Adding proof-points to the impact of the cyber security chaos, Microsoft President Brad Smith noted that on average 74 percent of organizations worry about being hacked, and the economic loss due to cyber crime is expected to reach $3 trillion by 2020.
“Cyberspace is the new battlefield,” he said. “When it comes to these attacks in cyberspace, we’re not only on the plain of battle, we are the first responders.”
To combat growing threats and the increasing scale of attacks, Smith said as a security community:
- We each need to do more
- We need to call on the government to do more
- We need to act collectively to do more
Smith suggested a sort of Geneva Convention for the internet as a step toward stronger protection from cyber threats.
Michael McCaul, Chairman of the House Homeland Security Committee, agreed. And during his keynote discussed ways the government can better protect the nation and citizens from security threats. He said improved communication and information sharing, building up a national mindset around security and holding threat actors accountable are a good start.
“We are in the fight of our digital lives, and we’re not winning,” he said.
A10 Networks is at RSA all week. Swing by our booth (South Hall 533) to learn more about our secure application services.