GDPR, Cryptocurrency Take Center Stage At RSA



Dan Gunderman
04/11/2018

As the need for enterprise security becomes more apparent, cyber-criminals are slipping their way into IT systems to wreak havoc on businesses of all sizes. The motivation for such clandestine activity is exceedingly hard to pin down – be it hacktivism or financial gain.

Yet, there are plenty of routes for the cyber security practitioner to take to shore up his or her network. The upcoming RSA Conference is a great resource for said professionals, who are looking to cast aside misinformation and glean valued insight to better defend their organization.

The conference, held from Monday, April 16 to Friday, April 20, is an informative, weeklong affair poised to assist enterprises and those who work in consumer-facing security positions.

The event boasts everything from keynotes to seminars, to tutorials, expos and forums – each of which tackle a pressing cyber topic.

A majority of the Monday, April 16 sessions will hone in on cyber topics that have long been grabbing headlines and leaving CISOs and other security team members perplexed. These are: General Data Protection Regulation (GDPR) compliance, Bitcoin, ransomware and the talent pool.

These topics – arguably of elevated importance – will likely set the tone for what’s sure to be a useful and dynamic week. Let’s take a moment, however, to unzip these Monday seminars, many of which are microcosms of the current state of cyber security.

GDPR Compliance

In a daylong seminar called “GDPR Essentials,” cyber pros will discuss the data privacy regulation out of the European Union – which certainly has “teeth” and will be a force to be reckoned with for multinational organizations. The agenda describes the seminar in the following way: “Fundamentally, every medium- and large-sized company is impacted (by GDPR). With May 25, 2018, as the go-live date, many are struggling to be ready and wondering what the consequences really will be—and how fast the penalties will be imparted.”

See Related: 'Verify Everything': Cyber Pro Outlines 'Zero Trust' Model

The seminar aims to review the regulation at length, including what’s allowed with customer profiling and how to handle the 72-hour window for breach notification. RSA also says the seminar will “provide tangible guidance on pitfalls to avoid.” In closing, it reads, “(The seminar) also ponders if this is just the beginning of what looks to be a groundswell of international privacy and security regulation.” The importance of this measure cannot be understated, and there’s no wonder why this weighty topic will comprise a day’s worth of guidance and discourse.

Bitcoin

Bitcoin and Ransomware

As enterprises tighten their perimeters and improve their threat detection and remedial controls, the frequency of ransomware attacks has also climbed. The malware-heavy, ransom-demanding attack method is an effective way for cyber-criminals to get a hold of sensitive data and encrypt files so that they can demand payment to free them. Recently, attacks have zeroed in on municipal governments, critical infrastructure and large enterprises around the world.

The related RSA seminar, entitled “Foundations of Bitcoin, Blockchain and Smart Contracts,” is a way for security experts to share insight on the crypto ecosystem. On the matter, RSA writes, “leading experts will guide attendees through the core elements of bitcoin, distributed systems and smart contracts. Technology and legal practitioners—the front line—look for pockets of crypto opportunity, design for scale and craft for regulatory approval.” It emphasizes that the darker side of today’s cyber-attacks have singlehandedly changed the way enterprises approach their security posture.

See Related: Preparation & Response: CISO Talks Enterprise Readiness

In a seminar called “Ransomware and Destructive Attacks,” attendees will gain a full day of insight on the attack method that has been leveraged so frequently. RSA writes, “Full of firsthand case studies and lessons learned…sessions will discuss the changing threat landscape, innovative research, response and recovery and how to combat ransomware.”

Both ransomware and the cryptocurrency its manipulators typically demand remain of paramount importance to today’s CISO. It’s no wonder RSA plans to break it down bit by bit, pun intended.

The Talent Pool

It’s no secret that cyber security has been confronting a talent crisis – with countless unfilled positions around the globe. In an effort to boost the security ranks and make the workforce more diverse, many enterprises are spearheading initiatives. This comes as cyber security is arguably one of the most crucial aspects of a business’ operation.

In an RSA seminar entitled “Securing Diversity,” organizers will be discussing ways for enterprises to value diversity when it comes to the security workload. According to RSA, “Diversity is core to making good organizations great. It is what makes us as individuals succeed. This seminar is an opportunity to think differently in recognizing and valuing diversity. You will hear from a wide range of speakers designed to expose you to a variety of thoughts, backgrounds and perspectives—diversity in practice.”

So, while the talent war will continue, it’s apparent that security practitioners are doing just about everything in their capacity to help alleviate the pressure.

While this is but a small sample of the wider RSA conference, these seminars speak to the lifeblood of security – and will surely set the tone. These timely sessions are sure to offer thought-leading content in a space that is leveraging all the ingenuity it can.

Further, be sure to keep track of these recurring “themes” in ongoing Cyber Security Hub coverage.

Be Sure To Check Out: IoT, DevSecOps & Your Perimeter: The 2018 Cyber Security Digital Summit