Resilience: RSA Conference 2021 | SecurityWeek.Com
For many of us, RSA Conference 2020 in San Francisco was the last time we came together as a community, met with colleagues, and saw new technology offerings. It was one of the last global events held in person before the lockdown, and since that time, we’ve had to switch to digital methods for interaction and communication.
RSA 2021 planned to run in person, and the event was delayed from February until May for this reason – but ultimately, many of us are still unable to travel. So, the decision was made to shift to virtual.
This year the whole world moved to a digital format and one where we’ve seen threats rise incrementally with growth in ransomware, credential theft, financial scams and phishing. All attack vectors could take advantage of remote working or dealing with high-stress situations such as frontline health response.
The result of this change is that we’ve gained a new attitude in how we balance our work tasks and developed new levels of resilience in response to challenges created by the COVID-19 pandemic. Whether bolstering or enhancing corporate security posture, creating awareness for formerly office-based employees now working from home or responding to the damage caused by an unfortunate breach or attack, we have learned the importance of resilience and the need to learn from success or failure. The result is that we become more robust in response to ongoing changes.
This was a key message from RSA 2021, delivered with a solid positive story, with excellent supporting takeaways from many keynotes.
Look to new opportunities in hiring a digital workforce
The pandemic produced new challenges for security teams in addition to their existing workload. They not only found themselves working remotely – but with a workforce doing the same, threats that could be spotted on the corporate network were now starting to hide on a home WiFi. We saw the fastest threat surface expansion in memory.
However, this move to remote work does present the opportunity to create a more diverse workforce. At the end of 2020, a report from (ISC)2 estimated around 2.8 million employed cyber professionals in a market with approximately 4 million roles available.
Why not broaden the hiring horizon to help address this challenge?
In the past, it was a requirement for the security team to be located in the operations centre, close to the systems supported. The pandemic has proved that this is not always necessary. There are still roles that need local support, but for many engineers working at home, it could be argued that investment to improve remote working makes their job more accessible – and can open the door to hiring remote security specialists in the future.
The benefits of this include the opportunity to hire a more diverse workforce, in terms of people and cultural differences created by their home location, the chance to have a security team located more closely to regional offices and cost reductions by not having to create desk space for every engineer in the corporate SOC.
Keep monitoring for vulnerabilities, and use the results
In the last year, we’ve settled into remote working. We are used to changes in our daily routine that include more VIP and video conference calls, electronic collaboration and the additional security needs established to keep our information safe as we work from home.
The opportunity to return to the office is on our horizon. However, as much as the hubbub of the office will be welcome, the stress and cost of a commute combined with long hours away from home are not so welcome. Creating a hybrid of office and remote work will become essential for employee welfare and happiness but will need to be continuously secured.
Organisations must test their environment frequently to keep ahead of threats targeting office and remote working. The insights from security tests feed threat intelligence solutions, keep threats outside the network and inspect encrypted traffic, which can contain unpleasant hidden payloads.
Zero-trust was a big topic at RSA 2021, and Rohit Ghai discussed this in his presentation, proposing that we consider this a “mindset, not just an architecture”.
We must work to the assumption that any connection is high-risk until proven otherwise. According to a report from McKinsey, growth in internet connections is running at around 127 devices per second. Securing and protecting related data for each instance is not possible – but using threat assessment data to create an accurate risk profile, then requiring any connection to be compliant before connecting is the best way to keep threats at bay.
Keeping up the experience
This year was the 30th birthday of the RSA conference, and we had to attend the party over videoconference. However, the experience was positive, and this is one of the most important things that I would take away from the event – it’s all about the experience.
In a world where it’s so easy to change providers, move apps and change how we work at scale, it’s the experience that is key to generating sticky solutions. Security is imperative as data protection is a business imperative and a legal requirement, but cumbersome security can spoil the user experience.
As we move from remote work and back into offices, we’ve learned a lot about being effective at home, and the security teams have fought off attacks successfully. Ensure that the learnings of 2020/21 are applied at scale for a positive experience where enhanced security is a partner on this journey and not an inhibitor.