Over a year into the Covid-19 pandemic, and on the heels of national catastrophes like SolarWinds, Microsoft Exchange, and most recently, the Colonial Pipeline cyberattack, the first (and hopefully last) fully virtual RSA Conference 2021 kicked off with no shortage of novel cybersecurity concerns to address.
RSAC CEO Rohit Ghai started off the event with a frank conversation about the challenges that have plagued the cybersecurity community since we last saw one another in person over a year ago. From the Twitter hack in July 2020 and the first hacking-related death in September 2020, to the SolarWinds attack in December and the Facebook breach in early April 2021, we’ve been forced to deal with all of these issues remotely and disparately. And that’s a lot to take on.
If there’s anything we know about cybersecurity, it’s that resiliency is built through hardship. Hence this year’s conference theme of ‘resilience’.
Not only did these frank conversations remind us of the lessons learned from our cybersecurity shortcomings (showcased in the past year), but also highlighted how we’re addressing these concerns moving forward. The end goal is not perfect detection or 100% prevented/mitigated attacks, but to bolster our cyber resilience and better withstand future attacks.
Below are the five keynotes (in no particular order) that we found to be the most timely and impactful.
- The Coming AI Hackers – The first day of RSA was filled with talks covering everything from misinformation and election security to emerging threats, but this talk from Bruce Schneier, Security Technologist, Researcher, and Lecturer, Harvard Kennedy School was one of the day’s most enthralling – and equally terrifying. Can you imagine a world where AIs can be hackers? Where hacks of our social, economic, and political systems are discovered and exploited at computer scale. That world is now – it’s happening all around us. And to keep up with AI-backed and generated threats, our approach to ‘human speed patching’ must change.
- Cybersecurity as a National Imperative – On Tuesday, Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, explored the Biden Administration’s approach to cybersecurity, particularly on the heels of major cyber incidents like SolarWinds and Exchange. “Cybersecurity is a national security imperative,” Neuberger explained. She noted that the primary takeaways from these attacks were 1) adversaries will look for any opening to attack, 2) partnerships between the public and private sector are increasingly vital for bolstering national defense, and 3) the government urgently needs to modernize its cybersecurity defenses (the last point comes in light of the Biden Administration’s recent Executive Order aimed at ‘Improving the Nation’s Cybersecurity’). In making this last point, Neuberger emphasized, “We have to shift our mindset from incident response to prevention, and prioritize our investments to get ahead of threats.”
- SolarWinds: What Really Happened? – If there’s one conversation that you definitely don’t want to miss from the week, it’s this one. On Wednesday, Forrester’s Laura Koetzle sat down with Sudhakar Ramakrishna, President and Chief Executive Officer at SolarWinds to unpack the entirety of the SolarWinds fiasco – from when FireEye announced it was the victim of a nation state attack to when then new SolarWinds CEO Ramakrishna got a call (on his birthday, no less) notifying him of the breach. Think of it as a SparkNotes-style overview of one of the most catastrophic cyberattacks of the 21st.
- The Five Most Dangerous New Attack Techniques – Each year at RSAC, the SANS Institute provides the authoritative briefing on the top dangerous attack techniques that are new and in use today. On Thursday this year, Johannes Ullrich, Heather Mahalik, Katie Nickels, and Ed Skoudis debriefed the five methods, what’s coming next, and what organizations can do to prepare to prevent the next catastrophic cyber incident. In the session, these new attack techniques are outlined as 1) Undermining software integrity, 2) Improper session handling, 3) Crypto can be broken, 4) Using machine learning and AI against us by manipulating training data, 5) exfiltration and extortion (the future of ransomware).
- The Hugh Thompson Show with Steve Wozniak – In the final session of the event, Hugh Thompson, the Program Committee Chair, discussed the novelty of the selected theme of “resilience” — which was designated pre-pandemic. In this short session, Hugh chats with Apple cofounder Steve Wozniak about this year’s theme and personal experiences with remote work, business resilience, and developing resilient products.
Overall, this year’s keynotes focused on the need for resilience – both in life and in cybersecurity. From nation-state attacks and large-scale breaches, to emerging attack vectors and threat actors, this past year gave us no shortage of new cybersecurity content to assess and analyze. While the large-scale shift to remote work overnight may have exacerbated some security shortcomings in the past year, it also enabled us to better understand, empathize, and celebrate with those in our community – our shared struggles, how we overcame unprecedented, unfathomable challenges, and ultimately, how as an industry we’ve set our sights on reaching new goals in 2021 and beyond. In that sense and many others, RSA’s theme of “resilience” couldn’t have been more timely.
Thanks for following along with us – let us know on Twitter (@HighwirePR) which other keynotes and sessions were your favorite this year! Hope to see you all (in person) at RSAC 2022.