RSA Conference Day 1: Cisco, VMware, New Products, DE&I
The conference follows the recent ransomware attack on Colonial Pipeline that made big news.
Already have an account?
RSA CONFERENCE — This week’s virtual RSA Conference began with a call for diversity, inclusion and cooperation in cybersecurity to successfully battle cyber threats.
This is the 30th RSA conference. The theme of the event is resilience.
The conference follows the recent ransomware attack on Colonial Pipeline, which pushed gas prices higher and disrupted supply in the eastern United States. According to the Wall Street Journal, the Darkside group, linked to the attack, has told its hacking associates that it’s shutting down operations.
Securing Chaos
Rohit Ghai, RSA‘s CEO, gave the RSA opening keynote. He said the world has not yet faced a global cyber pandemic, but the industry needs to be prepared for this inevitability.
RSA’s Rohit Ghai
“We have not been fully tested yet and must remain vigilant,” he said. “There will certainly be challenges, stumbles and failures.”
Ghai said amid the randomness of malicious actors trying to “disrupt, steal, subvert and instill fear,” the big question is how you secure chaos.
“You can’t, he said. “You focus on resilience by embracing chaos. How? One, expect the unexpected. Two, trust no one. And three, compartmentalize failure zones. In cybersecurity, to practice chaos and reliability engineering, teams should constantly assess and test their responses. Attack your own network and see if you recorded that attack, because if you don’t have visibility, then you don’t know what to defend.”
Once you have visibility, use threat intelligence to understand your verticals’ likeliest antagonists, including their methods, Ghai said.
“Zero trust was always important,” he said. “But in the post COVID-19, work-from-anywhere always world, it is imperative. It is a mindset, not just an architecture. Microsegmentation, providing layer 7 threat prevention and risk-based, continuous multifactor authentication (MFA) are critical components.”
But what is most important is limiting trust to what is absolutely required and never elevate trust based on unreliable factors, Ghai said.
By some estimates, 127 new devices are connecting to the internet every second, he said. And it’s not just the connected devices. It’s connected organizations and the private data flowing through this value chain.
Prioritize Intelligently
Everyone is working with limited resources, “so we have to prioritize intelligently,” Ghai said.
“We have to protect areas that will present the greatest risks, not where we see the most holes,” he said. “By prioritizing based on risk and protecting what matters most, we will ensure that when we fall, we will withstand.”
Those who belong to a community rise up stronger because they rise up together, Ghai said.
“We must be inclusive to nurture and grow our community,” he said. “We need to bring not just the security professionals, but IT and business as well into our community.”
Attracting diverse talent is also important, Ghai said.
“For 30 years, the RSA conference has helped us do just that,” he said. “Today, we have broader participation, deeper sharing and wider representation than ever before.”
Scroll through our gallery above for more highlights from RSA.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author
You May Also Like