Can you tell us a bit about your keynote address? The title is definitely alarming.
My keynote is about the current state of cyber security; it is also a call to action. As an industry we must change our approach to fighting cybercrime. Successful attacks occur daily and we ought to be outraged.
The threat landscape is changing and the term advanced persistent threat (APT) is misleading. It is most often the attacker that is advanced, not the threat. We need to more aggressively defend against these advanced attackers.
During my keynote I’ll suggest a collaborative approach to fight cybercrime and to incite change.
What do you anticipate most as far as RSA Conference sessions/talks go this year?
I anticipate there will be much discussion stemming from the Snowden leaks. I would also expect the vulnerabilities exposed at large retailers over the holidays (and how to prevent them) to be a continued topic of discussion.
What are some of the biggest threats that you feel will be discussed?
Broadly, I welcome a wider discussion about the privacy of our information. This topic has the potential to be the next “civil rights” movement around the world.
Regarding specific threats, I believe there will be a lot of discussion about the growing sophistication of distributed denial-of-service (DDoS) attacks, which seem to still be taking down many major websites and applications. DDoS attacks have evolved from relatively simple volumetric attacks that attempt to bring down web servers, to highly sophisticated application-level attacks designed to zero in on strategic business resources. These targeted DDoS attacks are much harder to detect and stop as they often involve a relatively small number of requests that don’t immediately appear malicious.
Are there any buzzwords you feel will be constantly mentioned?
Advanced persistent threats and nation-state attackers will certainly continue to be en vogue this year as in years past. In addition, the dialogue about passive versus active defense against attacks is garnering more attention. I also imagine that privacy will be a key topic both in the panel discussions and in the hallways.
Do you think there will be a centralized topic at this year’s event, compared to past events (e.g. BYOD, cloud computing)?
I actually think this year’s RSA will cover a much wider variety of topics due to the prolific news and technology developments we’ve seen over the last year. I imagine that, like last year, we will see some focus on applying big data techniques to solve security problems. I think we will also see a focus on BYOD, cloud computing and the limitations of signature-based approaches to stopping advanced malware.
Outside of RSA, are you attending any of the other events this week (B-Sides or TrustyCon)? Why are you or why aren’t you attending?
I personally am not planning to attend B-Sides, but many of my colleagues will be there. In fact, one of our security researchers is doing a talk on advanced malware defeating sandboxing, which I think is quite interesting. B-Sides is a great community organized event and certainly has a distinctively fun feel to it.
Do you think the RSA/NSA news will impact the show this year?
The Snowden revelations certainly have implications for the security industry, particularly with respect to our privacy. There are several sessions at the event that will touch on privacy and I think they will provide good context for the security professionals who are increasingly getting questions about these issues.