RSA 2014 : Special Edition Coverage

See our full coverage of RSA Conference 2014

In the lead up to the Biggest (security) Show on Earth, we chatted with some security experts to get their views on some of the big issues.

Hoping to trump last year's attendance of over 15000 delegates, this RSA Conference 2014 a the Moscone Center in San Francisco promises to deliver plenty of valuable insight and guidance. But what's happening in the security space at the moment? We spoke with Sanjay Mehta, the Managing Director of Trend Micro, Alexandru Novac, the Head of Cloud Architecture for BitDefender and Michael McKinnon, Security Advisor with AVG Technologies AU about some the big issues and changes they've seen over the last year or so.

Mehta told us that "On the commercial side, all the classic stuff is still in place but it's not that relevant in an overall, strategic direction. When you sit with someone in the C-suite – cloud is extremely topical with everyone in enterprise and government and targeted attacks. Everyone is realising that the classic defences are dropping in efficacy. They're still needed but not as effective as they used to be".

That's coupled with Novac and McKinnon's observations that ransomware, typified by the prolific rise of Cryptolocker, are increasingly a problem.

"What was particular important over the last year was ransomware. There were a couple of implementations before. There are two families of ransomware have raised things to a different level. First, there was the Police Trojan which would lock your screen and show a police notification that your computer has been seized because of accessing illegal content. This is very popular in Europe," said Novac.

As the revenue from this dried up, as victims discovered they could use removal tools to unlock their data the perpetrators escalated their efforts with new tools that could overcome removal tools and even the reinstallation of the operating system.

"This is a big development. Cybercriminals are still building on this idea. Hackers are working on do-it-yourself kits that allow anyone without programming knowledge to build their own ransomware tool and distribute it.  Because of this, we expect a lot of ransomware to show up this year," Novac added.

Mckinnon described the rise of Cryptolocker as a big step up and saw a connection between this exploit and the rise of Bitcoin. "Here is a widespread emailed malicious attack that used social engineering to trick people into executing a file that encrypted all their data. It used a cunning DNS trick to use a server for the key exchange and then demand the ransom in Bitcoin. I wonder if the emergence of Cryptolocker had anything to do with the sudden spike in Bitcoin towards the end of last year". McKinnon also pointed to DDoS attacks as still being significant although he says they could be eradicated or mitigated if network providers took some responsibility.

"So much damage is being done, for example, through spoof traffic. If most major network providers were responsible enough to stop traffic from leaving their networks that they knew were coming from IP addresses they weren't responsible for then we would have spoof traffic on the Internet and cut down networks responsible for this kind of damage," he said.

Mobility and privacy were also highlighted a significant issues. According to Trend Micro, there are about three million pieces of Android malware in the wild with about 10% of those available through official app stores.

There's a lot more personal data available online via social media so it's far easier to find and target individuals where the criminals expect a return for their effort. And many mobile apps, even if they are not specifically malicious, can access data that they don’t really need resulting in the accidental proliferation of personal information.

So, what can aspiring CSOs does about this?

McKinnon says "Keep it real. Don’t get wrapped up in theoretical exploits. In the security industry there are two halves. One half focuses on academic research and what is possible. The other half focuses on response to active, real threats. There's a lot of marketing done around potential threats which is fine but you have to acknowledge, as a CSO, that if you're trying to control the budget that you can’t focus on technology for things that might happen. You need to spend more time on things that are proven to be real".

Mehta recommends taking a holistic approach.

"A lot of it still comes down to have a well-founded, overall security program. If you just try to take a technology approach it's not going to work. If you try to use just process  - it's not going to work. Just people – it's not going to work. You have to do the entire thing."

"The other thing I'd ask CSOs to pay attention to is not only what you're going to do to get your shields up and people educated but pay a lot of attention to what you're going to do when something bad goes wrong. Far too many people are not paying attention to response  - whether that's legal response, thinking about cyber-insurances, forensic response, public relations response, shareholder response. If you think about it after the event – you're toast".

Join the CSO newsletter!

Error: Please check your email address.

Tags TrendmicroMichael McKinnonAVG Technologiesrsa2014rsa 2014Sanjay MehtaAlexandru Novacbitdefender

More about AVG (AU/NZ)AVG Technologies AUAVG Technologies AUBitDefenderCSORSATrend Micro Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place