We’re back from RSA Conference 2018 and want to share with you our impressions on what’s important for the industry. Of course, we couldn’t attend every talk and session or explore every corner of the conference, but we heard enough to capture major trends and understand what’s troubling our cybersecurity colleagues the most. In this post, we’ll talk about such hot topics as supply chain attacks, geopolitical influences on cybersecurity, new legislature covering personal data in Europe (GDPR), cloud migration, and machine learning.
Supply chain attacks
As our experts predicted in Kaspersky Security Bulletin, one of this year’s hot topics is supply chain attacks. Nowadays, almost every company uses subcontractors who provide services, instruments, or software modules for their software development. The software industry in particular has become dependent on third-party technologies, and sometimes even on open-source code. That is understandable: It is better to implement a time-tested solution than to reinvent the wheel. But threat actors began to use this situation to their advantage, going after small subcontractors or providers rather than trying to break into their target directly.
Several talks at the conference were dedicated to this problem. The most notorious example of such an attack is NotPetya, which has already been covered extensively. Although there’s no silver bullet for the problem, cybersecurity experts are calling for more attention on the supply chain as a start: Check your suppliers’ reputations, assess external instruments and modules, and use serious caution with any third-party software you cannot eliminate.
Geopolitical tensions also got a lot of attention at the conference. Several talks focused solely on this subject, and many mentioned the problem indirectly. Some offered balanced opinions and voiced the need for international cooperation in cybersecurity, others were built upon groundless allegations and political fearmongering. Unfortunately, the latter has the potential to bring about further instability and lead to the balkanization of the Internet.
As an international company, we find this trend dangerous for the whole cybersecurity community, because balkanization will cause more problems than it solves.
Less than a month from now, General Data Protection Regulation, a regulation in EU law on data protection and privacy, will take effect. Therefore, it got plenty of buzz at RSA. Some experts declare the regulation revolutionary, saying it’s a huge advancement in the protection of personal data. Others (not many) predict it will severely complicate life for businesses. All of them agree that not all companies (even those that operate in the EU) are ready. Presumably, this regulation will give an additional boost to the rise of the cyberinsurance industry.
Everyone is talking about the adoption of cloud technology and migration into the cloud. Some put forth rather dangerous concepts like abandoning firewalls because they can no longer protect the perimeter, or not bothering with cybersecurity solutions on virtual machines because VMs can be turned off and restored from the image at any time. However, most serious market players presented solutions that are capable of protecting cloud-based (or partly cloud-based) IT infrastructure.
We were no exception. Our colleagues presented our new Kaspersky Hybrid Cloud Protection solution, which helps administrators protect infrastructure that is situated partly in your own cloud and partly in public cloud services (such as AWS or Azure) and provides a single-console interface for monitoring and administration. More information here.
Hype around ML technologies in cybersecurity continues, though its intensity has severely decreased. On the expo floor, most companies talked about how machine learning or even “artificial intelligence” helped them with protection. Experts speaking in sessions were less enthusiastic.
The main reason for that diminishing enthusiasm is that the phrase “machine learning” has devolved into a marketing buzzword. Some companies that add it to their marketing materials can’t even explain what it does and how it works. Others use it to describe unrelated technologies. The attitude change toward this trend was amusingly represented by a troupe in Old West character costumes hawking bottled extract of AI.
Closing keynotes were devoted solely to this topic. Speakers agreed that security solutions can definitely benefit from machine learning, but only if it is implemented correctly — as one detection factor, not as a silver bullet — and only if experts control the learning process. And that is exactly what we have been saying for the past couple of years.