In a matter of weeks, the 26th annual U.S. RSA Conference will be held at the Moscone Center in San Francisco. From Feb. 13-17, IT professionals and cybersecurity experts will gather from all over the country to discuss the current state of information security and share ideas for how we can collectively address the cyberthreat landscape.
As one of the country's leading security conferences, RSA attendees can expect the full spectrum of cybersecurity issues to be discussed. That said, every conference has its hot topics. We predict RSA's will be the following:
Encryption malware was an absolute menace in 2016, pulling in about $1 billion dollars. According to Dark Reading, ransomware's proliferation was sparked in large part by a saturation of the dark web with personally identifiable information – which is hardly surprising considering the massive breaches of late. Yahoo intrusions that occurred in 2013 and 2014 were recently found to have affected more than 1 billion users. As stolen information becomes more widely available, pricing for it becomes more competitive, and ultimately less lucrative.
"Ransomware prevention and response will be key issues."
Enter ransomware. Rather than selling data in an already saturated market, ransomware cuts out the middle man. Of course, some hackers now offer ransomware-as-a-service, which is exactly what it sounds like. But as long as organizations continue to fall prey to encryption malware, there will be an impetus for its ongoing proliferation. To that end, you can bet that ransomware prevention and response will be key issues.
2. Insider awareness
Creating better a security culture is the single most effective way to curb cybercrime. After all, the order of operations in modern business is people, process and technology. This is especially true for dealing with insider threats, conniving social engineering schemes such as email phishing, lost mobile devices and other activities that hamper information security efforts.
As such, improving employee awareness will undoubtedly be top of mind for presenters and guests alike. Specifically, every person in an organization needs to know protocol (as it pertains to them) in the event of an intrusion, or an attempted intrusion. Granted, this doesn't happen overnight. A strong IR plan is at once methodical and swift, which is not an easy feat. It's precisely for this reason that we expect incident response and, more broadly, insider awareness to be a key point of discussion at RSA.
3. Threat intelligence
The ever-evolving nature of network traffic and endpoint behavior is complicating log data analysis to the extent that managing a SIEM in-house is all but impossible for the mid market. Nevertheless, threat intelligence is the driving force behind threat detection. As a result, greater focus is being placed on advanced analytics and machine learning as threat detection assets. Nowadays, no business should be without a security operation center capable of analyzing all network data, identifying suspicious activity and weeding out the false alarms – all in real time, no less.
At RSA 2017, Arctic Wolf Networks will discuss the importance of threat intelligence and how modest-sized organizations can leverage available resources to the best of their abilities. The panel will be held Tuesday, Feb. 14, from 8:00 a.m. to 10:00 a.m. PST. Click here to register for free.
In the meantime, you can learn more about threat detection and response's role in information security by clicking on the banner below.