2021 BlackBerry Security Summit roundup

This year, on October 13th, the BlackBerry Security Summit 2021 took place — fully virtual. Keynote speakers included a range of BlackBerry organizational leaders across specialties, from Cybersecurity and Threat Detection to Product Management and Engineering. Additionally, the annual conference included other industry thought leaders from many companies, including Google, Deloitte, Electra and Car IQ. Whether you’re a cybersecurity executive, security/IT professional or Internet of Things (IoT) industry leader, this year’s conference had something for everyone.

While it would escape the scope of this brief column to provide a full, comprehensive recap of the 2021 Security Summit, I’ll share two key topics that were explored during sessions. These sessions are critical for the cybersecurity world of today and, perhaps more importantly, tomorrow.

Session: The Cybersecurity Executive Order: What You Don’t Know About Securing Your Software Supply Chain

Speakers: Jake Kouns, CEO & CISO Risk Based Security; Robert Martin Sr., Principal Engineer, MITRE Corporation; Russ Eling, Founder & CEO, OSS Engineering Consultants; and Christine Gadsby, VP, Product Security, BlackBerry

In this great session, a follow-up to last year’s discussion, the panel of experts discussed the Executive Order on Improving the Nation’s Cybersecurity and the ongoing work to standardize the Software Bill of Materials and what it will mean to an enterprise’s operations.

Session: Why a Prevention-First Security Strategy is Critical With a Rise in Ransomware Attacks

Speaker: Mona Thaker, Sr. Product Marketing Manager, BlackBerry

Emerging technologies and tactics have outgunned the capabilities of detection-based tools. In response, we’re beginning to see a resurgence of prevention. That means prediction, not reaction. The most substantial advancement is the advent of deep learning, specifically — a form of artificial intelligence (AI) that is being successfully deployed to identify never-before-seen ransomware and other zero-day attacks.

“Threat actors are taking advantage of remote workers, the increased attack surface, VPN and software vulnerabilities. And a business is predicted to be impacted every 11 seconds. What makes this worse is 77% of all ransomware attacks are double extortion.”

The cybersecurity community has no other option: we must embrace a proactive approach to defend against our ever-evolving threat. Modern ransomware attacks often circumvent the established pillars of traditional cyber protection, and it’s crucial that organizations deploy a “moving target defense” on top of classic techniques. This means defending against ransomware attacks by hiding memory resources of a network’s endpoints, servers and cloud workloads from malicious events and bad actors.

It’s time that we view applications as evasive, dynamic and protected shells. A moving target defense deprives hackers of the opportunity to take advantage of vulnerable, static targets. The reality is that by not accounting for these specific types of vulnerabilities, traditional cybersecurity methods will fail to deliver adequate security and protection.

That prospect shouldn’t surprise anyone involved in the cybersecurity world. We’re all aware that we’ve entered the age of ransomware (and have been in it for some time now, as the first recorded ransomware attack took place in 1989). Over the past decade, it has become an increasingly popular method of attack for bad actors: in 2020 alone, there were an estimated 184 million ransomware attacks. Not only is the number increasing, but such attacks are becoming more sophisticated, more difficult to defend against and more harmful to the victims. In looking at the more recent attacks using ransomware, they’ve targeted entire organizations with a physical target as the end goal (this is the relatively new trend we’re seeing in these types of attacks). In the Colonial Pipeline attack, for example, hackers used compromised passwords to take down the largest fuel pipeline in the United States, leading to shortages across the East Coast — all from a single, compromised password.

In the case of machine learning (ML), stack trace analysis is the bedrock of the learning and prediction processes. This approach refines AI’s knowledge of good versus bad code, increasing accuracy, boosting software performance and defending against identified threats. Simply put, traditional anti-virus software is not sufficient against zero-day threats, and organizations of all sizes must do their best to deploy the services of AI and ML.

If you missed the live event and would like to see it for yourself, you can access all the sessions on-demand here.

John McClurg serves as Sr. Vice President, CISO and Ambassador-At-Large in BlackBerry's/Cylance’s Office of Security & Trust. McClurg previously was CSO at Dell; Vice President of Global Security at Honeywell International, Lucent Technologies/Bell Laboratories; and in the U.S. Intelligence Community, as a twice-decorated member of the Federal Bureau of Investigation.