RSA Conference ’22: What’s hot (and surprising) in cybersecurity right now

by Mike O’Malley, SVP of Strategy

I’ve spent a good portion of my career in wireless, cloud and cybersecurity. So, I was excited to attend the recent RSA Conference ’22 to learn more about what SenecaGlobal’s clients need to know as they work with us to build innovative solutions.

Between meetings, I attended keynotes and roamed the show floor. As expected, the need for cybersecurity continues to grow, but as an industry, we’re finding new ways to deal with a variety of complex issues.

Here are my key takeaways from the show (and if you have kids who are thinking about what career to pursue, reread #7 a few times):

1. Cybersecurity needs are growing: Existing issues aren’t going away, and new problems are emerging. Bad actors are a creative bunch and will use whatever tools are at their disposal to find ways to access networks. As technology capabilities advance, hackers will find ways to exploit the growing number of access points in the public cloud, applications, mobile and IoT devices.
   
   New attack types seen in the wild:
   • Living off the cloud
   • MFA bypass
   • Attacks through backups
   • Stalkerware (think Pegasus from NSO Group)
2. Expanding privacy legislation: As innovators continue to develop new apps and improve existing tech, they seek a balancing act between data privacy and the ability to analyze data to identify bad actors quicker and improve security outcomes. More than 150 countries have data privacy laws on the books, with more on the near horizon. Many speakers voiced concerns about how legislated privacy regulations might limit their ability to act quickly during attacks. Another worry is the liability for mistakes made while acting as a good Samaritan to quickly protect customers during an attack.
3. Nation-state actors: China, Russia, North Korea and Iran continue to deploy government-sponsored hacks and hacking-for-hire. One speaker noted that North Korea is the most innovative in targeting crypto. In some cases, North Koreans posed as US-based engineers when applying for remote jobs but failed the interviews when they couldn’t name the Bay area cities where they supposedly reside. Ransomware attacks from nation-state actors have become so prevalent that companies are putting investor relations teams and ransomware negotiators on retainer. One vendor was very clear about what it sees as the source of nation-state attacks. Its booth featured a 20-foot Transformer-type robot dressed as a Chinese soldier.

A few surprises

While I’m up-to-speed on the technology developments that are driving cybersecurity solutions, I was surprised to see how quickly the industry is moving forward from concept to prototype to product in data management and the incorporation of security analysis in the development stage. It was also the first time I’d heard the implications of the intersection of cybersecurity legal and technical requirements explained so clearly in terms of staffing issues.

4. Innovations in data management: In response to expanding regulations, expect to see the industry try to innovate its way through with solutions that:
   • Utilize more encryption
   • Enable analysis of big data sets with AI
   • Simultaneously make privacy breaches more difficult
   We’ll also see solutions that anonymize and further segment data to make it difficult to reassemble the bits in a way that connects them to a specific people and their online activities.

5. Push data storage to the edge: Additionally, as compute power increases in IoT and mobile devices, the industry is looking at ways to do more data analysis in edge devices or a cluster of devices, so no central “big brain” server has all the data. This approach should make server breaches less fruitful. The new risk is an increase in smaller edge breaches but with lesser effect.
6. Incorporating security during development: I saw many examples of companies looking at ways to enhance security further back in the development stream, even while applications are being architected and coded. New solutions offer secure development platforms that evaluate the security of subroutines (written or open source) and provide results in a dashboard.
7. Tech talent shortage continues: Cybersecurity will have a negative unemployment rate (more jobs than applicants) in the long term. The combination of more complex attacks, the growing number of access points to secure and evolving privacy regulations are causing CSOs to lean on staff to be ever more vigilant. There’s also an emerging trend to build teams of hard-to-find experts who understand cybersecurity’s technical and legal aspects. How many lawyers do you know with a tech background? That’s the true unicorn of the tech world. Only very large companies will be able to assemble – and retain – teams of privacy engineers, security engineers and developers that are also up to speed on current and proposed data privacy laws.

Advancements in cybersecurity tools are great, but they are only as good as the smart people who are using them. Ultimately, it always comes back to what people do with the tools that make them effective. There is no substitute for good engineers making good choices to maximize the value of security applications while enforcing privacy best practices. It will always come down to people.