The Mako Group @RSA Day 3
Wednesday was my last full day at RSA, but also my most packed schedule. Some of that schedule was meetings with clients and prospective clients, but I won’t bore with you those details.
Pen Testing Keynote:
I sat through a pen testing demo keynote so I could get a good seat for Bruce Schneier. This failed miserably because they kicked everyone out and we had to get back in line for Bruce. A few good reminders came out of the demo that are still worth sharing:
- Be wary of hotel Wi-Fi login sites. Fake/malicious pages are created all the time.
- Never use things such as free Starbucks Wi-Fi.
- It’s easy to insert malicious code in macros in Office docs.
After seeing Bruce speak many times on webcasts, BlackHat replays, and other methods, seeing him speak in person was a priority for me at the conference. Bruce covered many topics, and he really stood out during the 10 min Q&A session he did at the end (which most of the sessions I attended unfortunately didn’t offer).
Some of the items Bruce discussed:
- Debated what was more important, privacy or security. For example, the battle between the FBI and Apple in regard to an encrypted iPhone in a terrorist investigation.
- Talked about going dark - a marketing term for an FBI narrative that encryption makes it impossible for the FBI to solve crimes.
- Security wasn’t built into the internet at first because people weren’t using it for “anything important ever”.
Now the internet is no longer its own thing. It’s part of everything - leisure, politics, education, policy, etc.
Ways to fix some of the public problems we face today:
Policy makers need to understand technology. (i.e. lack of knowledge at Facebook hearings on how Facebook even works).
Technologists need to get involved in policy.
- Supply chain security. We have to trust everybody, but can’t trust anyone.
- Defining question of 21st century. How much of our lives should be governed by technology? Policy makers have to get ahead of this, because there is tech that will kill you. Cars, medical devices, etc.
- Bruce felt connected cars are doing better than doorbells, thermostats, etc.
Good source of info here:
Another priority was the FireEye keynote in Moscone west. It was relatively short, but certainly impactful.
- Lots of interesting info on North Korea with nation sponsored hacking groups.
- APT 37 and 38 hacking groups did some very bad things, and they are worth reading more about.
- Iran: APT 39, targeted individuals of interest to them.
- Iran is getting much more active in the malicious actor space.
- China: never stops stealing IP.
- What’s next: people are going to get hurt (same message as Bruce above).
Donna Brazile and Mary Matalin Keynote:
Donna and Mary promised at the beginning of their keynote they were not going to talk about politics. They then went on to speak 97% about politics and 3% about cyber, oh well!
Overall, I would rate my RSA experience as a B. The vendor floor is full of solutions promising the same silver bullets over and over. I feel as if 95% of companies need to think about basic security maturity before they are even ready to select a tool from the RSA floor. If you love buzzwords, RSA is the place for you. I can’t tell you how many times the words zero-trust, endpoint protection, secure cloud, and many others are plastered over the booths in the expo. It gets a bit overwhelming and tired.
That being said, I met a TON of great people, and had many great interactions. Just talking through other people’s issues and challenges is the best part of conferences like this, and a lot of that goes on at RSA. For anyone considering attending, I would make sure you have a focused agenda and goals. The choices are overwhelming, and having a plan for the conference is key.