View from the Airport: RSA Conference 2017

Brace yourselves for the cyberpocalypse... or not

Hackers are real and they're going to kill you - apparently.

How are they going to kill you? Well, the possibilities are endless they could take down your entire country's critical infrastructure with malware. They could take control of connected cars and turn them into missiles. If you're in hospital, they could maybe turn of your dialysis machine or life support. Maybe they could explode entire city blocks (in some ill-defined way).

Advertisement - Article continues below

That we should all be very afraid was very much the message delivered in the first 20 minutes of the opening session of RSA Conference 2017. If you weren't familiar with the sales tactics of the information security industry, you may well have fled the auditorium to dig a bunker.

Underneath the hyperbole, though, there were some solid themes and grounded, realistic arguments.

As expected, IoT security and ransomware were flagship topics of conversation. Unsecured IoT devices were recruited into a massive botnet last year Mirai and it would have been remiss not to talk about that.

Similarly, ransomware is on the rise, thanks to its low-risk, high-reward nature and it was refreshing to hear people openly discussing the fact that, actually, sometimes it's easier and even cheaper for businesses to pay the ransom than not, even if they have other options. Negotiation is as valid an option (for businesses at least) as any other.

Advertisement - Article continues below
Advertisement - Article continues below

I was also pleasantly surprised to see the issue of nation state hacking tackled head-on. While this has been discussed before in more nebulous terms, normally in relation to alleged IP theft by China or ad-hoc attacks by North Korea, to hear Russia repeatedly called out for undermining the US democratic process was new.

Of course, the scenario is new in the US at least but with domestic political tensions as heightened as they are I suspected that speakers would be more circumspect in their allegations. Not so even chairman of the House Homeland Security Committee in the US spoke openly about it.

Aside from the keynotes and big ideas, I also managed to catch a bit of time on the show floor and fringes chatting to vendors and others in the community about the lay of the land within the industry right now.

What I heard, as I heard last year, was a lot of disgruntlement. In 2016 I was told of a coming "shakedown" to counter companies effectively just taking the Virus Total database and selling it on to customers. Apparently this has happened, but a number of vendors are still not happy.

Advertisement - Article continues below

The object of their ire now is something that was bubbling under last year too: decades-old tech being positioned as cutting edge. A true problem or jealousy amid vendors? Maybe a bit of both, but the impartial observers I spoke to seemed to lean towards this indeed being a problem of some significance.

So what can IT professionals and businesses take away from all of this? Well, despite the cataclysmic tone the security industry adopts for every new hack, there's actually a lot of hope.

Organisations mustn't be defeatist about their security operations preparing for the eventuality of a breach doesn't mean accepting it's inevitable - and businesses must still erect strong cyber security defences. But they must also be realistic: any cyber incident plan must incorporate both line of business and IT departments (or, at least, managers), with buy-in among all. And if there's a ransomware incident, make sure you know who will make the decision to pay or not. Trying to work that out on the day is not a good plan.

Advertisement - Article continues below

Finally, quantum computing and (more immediately) blockchain look like they will be able to offer new and more rigorous forms of secure data transfer and storage than the binary-based cryptographic systems we use now.

Security is a fast-moving sector and there's a lot to be excited about. But let's all calm down about the cyberpocalypse, for now at least.

Image credit: IT Pro/Jane McCallion

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now



University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020

How to find RAM speed, size and type

24 Jun 2020
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020