RSAC 2015 Keynotes: InfoSec Big Data, Cloud Transparency & Control

By   muhammad malik
Chief Editor , Information Security Buzz | Apr 27, 2015 05:07 pm PST

Last week, I attended keynotes and sessions at the RSA conference hosted at the Moscone Center in San Francisco, taking notes as furiously as possible and sprinting back and forth between rooms – leaving little energy and time left to live-blog coherently after. As a result, I’ll be blogging about some of the more interesting talks this week as a retrospective.

True, many of the keynotes are available as videos online, but here’s my summary and top takeaways from some of the speeches from the Microsoft and Intel leaders:

Enhancing Cloud Trust

Scott Charney, Corporate VP of Microsoft’s Trustworthy Computing, gave a keynote on Tuesday, April 21 following RSA President Amit Yoran’s speech on security’s age of enlightenment.

Cloud Transparency & Control RSAC 2015

His talk centered on the need for transparency and control as we move into the cloud. Despite improving security innovations, threat models have gotten worse. In order to build a more preventative infrastructure, we need to deal with the identity problem. Credentials are often harvested by attackers in order to look like a legitimate user, logging into our cloud infrastructure.

The threat model is changing – attacks have become more destructive. Charney questions how we can protect the fabric of VMs (virtual machines) from attackers, since it’s not only users that are signing up for cloud subscriptions – attackers are also signing up and leveraging the same technology to launch malicious attacks.

Charney also mentioned that in a “post-Snowden world, we’re concerned about each other.” This was not the first and only mention of the insider threat, which seemed to be a new theme this year at the RSAC conference among speakers. Threats are changing and taking on new threat actors, including not just external actors, but also potentially your own employees.

He made a good point that customers are happier when they feel like they’re in control – while its not necessarily safer to drive than fly, people still feel like they have more control when they’re behind the wheel.

Cloud providers need to think differently when it comes to control and transparency. Not everything is in the cloud – some things are still on-premises. And we’re still dealing with identity management problems.

There are two major areas cloud providers and organizations that use cloud services should focus on:

  1. How you authenticate to your device
  2. Personal computing – when a machine recognizes you based on your behavior, devices and location

For more control, cloud services should also allow people to manage their encryption better, by giving them the functionality to deny cloud providers access to their environment and cloud if needed, for any reason.

When you’re on-premises, you get to decide which logs and what to deploy, but when you move technology to the cloud, you lose some of that control.

Charney made the point that “sophisticated” attackers harvest credentials and move laterally across networks – making domain authentication a major problem. He suggests updating regularly and better management of domain list authentication. People also need to know what’s happening to their data on the network, and they need to see a list of who has access to their data.

With the recent high-profile destructive attacks in the media, the world has finally woken up. That means the markets have woken up – and when the markets create demand, people that build technology must rise up and meet the demand.

Security on Offense

Christopher Young, Senior VP and GM of Intel Security Group, gave a keynote with a sports metaphor twist. While in pro sports, defense is said to win championships, without offense it’s hard to score the points needed to triumph. Young claims the same holds true for information security.

Intel Keynote RSAC 2015

He made the point that we need to use big data to inform and prioritize our actions, based on analyzed insights, as well as to map threats and alerts into a threat campaign. Ok, I admit I wrote “something something moneyball sportsball metaphor” in my notes, but he did use the great example of Moneyball – a baseball movie that featured the use of big data to monitor an athlete and team’s actual performance.

Intel Keynote RSAC 2015 - Billy Beane

He even brought Oakland Athletic’s general manager, Billy Beane, who was played by Brad Pitt in Moneyball, onstage to share a few words, which appeared to be a crowd-pleaser. Beane was a major proponent and leader of the use of big data in changing the game of baseball.

Please read the rest of this article on Duo Security’s blog here.

By Thu Pham, Information Security Journalist, Duo Security | @Thu_Duo

thu_phamThu Pham covers current events in the tech industry with a focus on information security. Prior to joining Duo, Thu covered security and compliance for the infrastructure as a service (IaaS) industry at Online Tech. Based in Ann Arbor, Michigan, she earned her BS in Journalism from Central Michigan University.


About Duo Security

Duo-SecurityDuo Security is on a mission to provide advanced security solutions for organizations of all sizes. Duo’s innovative technology protects users, data and applications from credential theft and breaches with a focus on streamlined usability. The company was co-founded by CEO Dug Song, a major contributor to the security community, and CTO Jon Oberheide, expert cloud, mobile, and malware security researcher.


Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x