Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Cybersecurity News

2015 RSA Conference: Challenge Security Thinking

Dan Dunkel
July 1, 2015

The theme for RSA 2015 was the title of this article and sound advice in an era fast evolving into a global IoT (Internet of Things) environment. Two (of many) trends discussed at the show highlighted that digital crime has accelerated globally, and the attack surface (read criminal opportunity) of the IoT vastly compounds this growth rate.

The issue is if our security professionals can keep pace with the emerging risks to business operations that the IoT enables. To say that the cyber industry is growing to address these risks is an understatement. At the 2015 RSA Conference of the 409 exhibitors, 115 were new entrants at the show! The sessions included all topics cyber, as well as physical security, government policy issues and international law enforcement collaboration. 

To that point, Trend Micro hosted an insightful session, “The FBI and Trend Micro – Combating Cybercrime within your Organization,” providing a global threat overview and suggestions for collaboration with security vendors, the FBI and international police organizations. Tom Kellermann is the Chief Cybersecurity Officer at Trend Micro, Inc., and the poster boy for the national television media (Bloomberg, CNN, Fox News) to explain the latest tends in cyber breaches, actor motivations and the overall societal impact. Kellermann summed up the state of the industry nicely while citing InterPol statistics that traditional (physical) crime is down 10 percent globally, year over year. However, he posits that this is not because criminals are attending church services, but rather migrating their full time and attention to cybercrime. In fact, he states, “Organized crime worldwide is now fully engaged in cybercrime as a growth industry.” Add to this scenario the fact that geopolitics has entered the cyber realm using specific tools and tactics as levers to advance strategic political agendas, and you get the real sense that both global risk and security are taking on entirely new definitions. 

The reality is that a core group of talented hackers (approximately 200-300 worldwide) are deploying malware “kits,” complete with customer support services, to the public. As Kellermann notes, “Advance Persistent Threats (APT) has become commoditized. The arms bazaar of Eastern Europe allows for non-state actors to deploy asymmetrical capabilities to be leveraged worldwide.” 

Unfortunately, this is the new normal and it is occurring at a time when converged systems, sensors, and mobile devices are exploding. We can hope that end user cyber education will catch up with the criminal exploits, but the sad fact is that our websites are targets for watering hole attacks, and secondary infections are the norm. Cyber hygiene is important, but when a sophisticated cyber criminal or state actor is involved, security must blend personal device protections with a much broader risk management strategy. Our emerging IoT environment compounds the risk concerns for every company, global supply chain, critical infrastructure and individual. Today’s security professional also has to be ready for CHANGE, and challenge “yesterday’s” security thinking.

Cyber criminals are breaching IP connections to move laterally into enterprise networks to hack everything from POS (Point of Sale) systems and databases, to video surveillance cameras and access control devices. Everything connected is at risk…and everything is connected. In this scenario enterprise security professionals need to be one step ahead of the latest threats and rapidly communicate that information. The intent of the adversary today is not to smash, grab and go, but to copy, eavesdrop and maximize dwell time. Enterprise security professionals today expect the breach. With our IoT deployments continuously expanding the threat landscape, device convergence has become a risk management discussion.

For the latest trends impacting converged security, I suggest following the experts at Trend Micro (http://cloudsecurity.
trendmicro.com/us/technology-innovation/experts/). Kellermann encouraged companies and the public at large, to collaborate with the FBI via local Infragard chapters (www.infragard.org).

In fact, FBI Director James Comey’s cyber strategy was discussed at length:

  1. Empower Local Officials (Law enforcement, local government)
  2. Put Hands on People (Make arrests)
  3. Shrink the Globe (Collaboration)
  4. Partner with Private Industry (InfraGard)

Regarding cyber countermeasure strategy, Kellermann’s advice is to remember that “Offense Informs Defense” when considering risk and putting security threat information into context. As for a specific deployment tactic, he offers focusing international policing resources on “curtailing digital money laundering,” a new-age spin on an age-old crime. Perhaps following the money is the best strategy to attack the attackers; after all it worked on Al Capone at a time when he appeared to be as invincible as today’s cybercrime adversaries. 

Dmitri Alperovich, co-founder and CTO at cyber firm CrowdStrike, hosted an interesting panel titled “Cyber Battlefield: The Future of Conflict,” that included Jason Healey, Director Cyber Statecraft at The Atlantic Council; Martin Libicki, Senior Scientist at RAND; and Adam Segal, Senior Fellow, China expert and cyber guru at The Council of Foreign Relations.

The discussion was wide ranging, and I was surprised to hear Alperovich comment that, “The vast majority of cyber-attacks, over 90 percent, are espionage related.” To that point, Adam Segal stated, “Chinese cyber and industrial policy are both targeting U.S. companies, and a broader struggle is emerging.” (This includes intellectual property theft/source code requirements for Chinese business/trade issues). However, he suggests the dichotomy is that major U.S. firms like IBM and GE complain of Chinese cyber theft of IP, but turn around and announce long-term business relationships in the country. Which is it?

Healey believes that the White House is making progress playing “small ball” and that a broader and better-coordinated cyber policy is taking shape. “We are scoring runs, but the next couple of innings look bad because there are heavy hitters on the opposing side.” His position is that the attackers have always had the advantage since the first days of the Internet, and the goal is to actually “Get the Defense better then the Offense” – so we can recognize breaches earlier and respond faster. One recommendation he suggested: convince Warren Buffett (and institutional investment firms) that in order to get investment dollars, these firms need to take cyber defense more seriously.

Libicki stressed a few excellent points when he advised, “Avoid the metaphors of CYBERWAR. Offense is not a policy action. You are not in the war business… you are in the risk management business.” He also summarized that if you want to fix the cyber problem, “spent the money on securing software.”

The panel session, “The Evolution of the Cybersecurity Executive Trifecta: The CSO/CIO /CISO,” had Rick Howard, CSO at Palo Alto Networks, discuss the current state of cyber management, offer suggestions and provide a link to a reading list of cyber books. He described the current CISO role as the “Rodney Dangerfield of the security profession,” with an average tenure of only 18 months. He blames the problem on security professionals (CSO/CISO) who do not understand the businesses they are protecting. As such, the communication skills required to put the security discussion into a business context is lacking, or many times, absent. This causes a fundamental miscommunication regarding the cyber threat to business operations, and negatively impacts the needed senior level support and funding to combat it effectively. To underscore his point, Howard states that, “The security convergence topic is a risk management discussion,” and outlined the top three areas for improvement:

  1. The CSO/CISO should run the organization like a business.
  2. The Security executive needs Board-level representation.
  3. Today’s CSO/CISO lacks business communications skills.

The business discussion involves the following key areas with an understanding of how they converge into an overall risk management framework: cyber risk, business continuity, fraud investigations, compliance, brand protection and employee safety.

Howard suggests that the security professional (CSO/CISO) should not be reporting to the CIO but rather the optimal environment is a healthy tension between the CIO and the CSO/CISO as peers in the organization, reporting to the same senior level executive, a CFO, COO or CEO.

Howard suggests visiting the Palo Alto Networks Cybersecurity Cannon website for a required reading lists: (https://
paloaltonetworks.com/threat-research/cybercanon.html) Cyber education, like the threats, never ends.

KEYWORDS: cyber security network security RSA Conference

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • RSA 2015

    RSA 2015 Preview: Cybersecurity Solutions

    See More
  • cyber 2 responsive default

    Security Scholar Program to Debut at RSA® Conference 2016

    See More
  • cyber 3 responsive default

    RSA Conference Preview: Using Actionable Intelligence to Keep Up

    See More

Events

View AllSubmit An Event
  • October 22, 2012

    Industrial Control Systems Cyber-Security Conference

    ICS Cyber-Security is the conference where industrial control systems users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing