IT Security Refresh: More Practical Tips for a Good Foundation (Part 2)
The 2017 RSA Conference was filled with interesting, inspiring, and informative topics. My limited experience in security allowed me to come in with an open mind; I was willing to dive right into the deep end.
Knowing the fragmented and compartmentalized nature of this industry, my approach to the conference was simple: Take it all in. Determine the security strategies that resonated with me the most. I didn’t have one specific areas of focus; I truly sought knowledge about every aspect of security.
Here’s a recap of my experience at the conference.
Monday Feb. 13, 2017:
On day one of the RSA Conference, I attended the Cloud Security Alliance Summit, which featured speakers from a variety of companies including Microsoft, Cryptzone, and Centrify, to name a few. There were a ton of great talking points around the cloud, DevSecOps and cyber security. One phrase in particular captivated me and captured the overall mood of the event: “Take advantage of the attention to do it right,” said Jason Garbis, vice president of products, Cryptzone.
I immediately understood the requirement: In an industry that is completely fragmented, we need to come together to make security empowering. Thomas Kemp from Centrify stated that we have seen a 2.1 trillion-dollar cost associated with breaches. And that makes sense; we have seen some historic attacks in recent years:
Looking at it from an outside perspective, we need to massively rethink security. This seemed to be the tone throughout the entire conference. Keeping with the theme of security, one cloud security product in particular caught my attention: The Software Defined Perimeter by Cryptzone. This new network security model focuses on:
Tuesday, Feb. 14, 2017:
Day two of the RSA Conference started with keynote speakers. The first speaker, from McAfee, started with a discussion around cloud, but quickly shifted to IoT (Internet of Things) as a new attack service.
“Who takes the home into consideration when designing cybersecurity?” the speaker asked. He said we must understand that freedom does create more susceptibilities, and we need to make sure that IoT does not become the “Internet of Terrorism.” His last point really caught my attention: “The target has now become the weapon.” In other words, our own data is now being weaponized to be used against us.
The second part of the keynote was a cryptographers panel. The takeaway that stayed with me was the phrase, “In order to solve the internet, we must kill it” — meaning that we have lost control of our personal data and must be prepared to expand on the regulation of the internet.
At the expo, there was one company in particular that stood out: Bitglass, a complete CASB solution. Bitglass prides itself on total data protection:
I received a live demo of the product, and found the user interface to be intuitive and robust.
Wednesday, Feb. 15, 2017:
Day three of the conference begin with a security workshop on virtualization and software-defined architecture, hosted by Dave Shackleford from the SANS Institute. Dave began with an overview on technologies such as NFV, SDN, and DevSecOps, then jumped into the new “security stack,” which includes:
Next, I attended a peer-to-peer session that brought organizations together to talk about cloud migration strategies, which focused on hybrid and multi-cloud architectures. Most of the conversation centered on:
I then attended a mini session on DDoS attacks presented by Neuster, which explored denial of service attacks of the future (IoT botnets and soda machines impacting universities were just a few examples). Neuster’s approach to preparing for the future is through scale. They are currently working on a 10-Terabit scrubber network as their short-term solution. Long-term, they believe we need to strategize using software. They would like the industry to think of software as art and play close attention the IoT boom.
Thursday, Feb. 16, 2017:
My last day at the conference opened with DevSecOps. The session explored developer security adoption, and I noticed that there seems to be a disconnect between developers and their security teams. A few key points from the session:
After attending morning keynotes, I had a two-part session on transforming security. Part one focused on cloud and virtualization. Currently, the application is the network, and we must find better security practices to mitigate risk. The presenter, Tom Corn from VMWare, advised us to think of our critical applications as our baby — a memorable analogy.
During our session, we focused on moving away from traditional perimeter security such as multiple firewalls, which only add complexity and do not contain lateral movement. Tom focused on shrinking the grey area of security; we need to understand more black and white. We discussed a couple of ways to accomplish this:
Part two of the session focused on users and their devices, including the following key items:
The session ended with a quote from MIT Professor Jerome Saltzer: “Every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job.”
Overall, I was impressed by the RSA Conference. Even as a new kid on the block, I found myself immersed in discussions with different IT security professionals. However, there does seem to be a sense of compartmentalization among those in this industry. Despite talks about coming together to accomplish a common mission, I did not see that messaging amongst vendors at this event. At least there is one vendor that has the right message:
We will see how they build on this strategy.
IT Security Refresh: More Practical Tips for a Good Foundation (Part 2)
New Nexus 9K Items
Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.
Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.
John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services. Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.
He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.