RSA conference was held last week in Singapore, and Fortinet was a Gold sponsor. This was our first year having an official booth and we ecstatic to have the opportunity to meet other security professionals over the short conference.
A security conference is always a good place to learn about new technologies, get updates on what’s happening in the industry and what other vendors are doing. RSAC is an event held annually to gather and share the latest knowledge and advancements in security.
Here are some interesting topics discussed at the conference:
The Game Has Changed
The opening Keynote was performed by Amit Yoran, President of RSA. He highlighted the complexity and advancement of new attacks and how they make obvious the pitfalls of the current security landscape. Even the largest enterprises have not been able to stop the baddies from reaching sensative information. The example he used was the recent breach at Ashley Maddison and conglomerates. You read our take on the happenings here.
In most security breaches, the primary attack vector has been the web, at 95%, where the slurping of sensative credentials got an attacker into a network. These stolen credentials open the gates to a network and the ability to abuse user/identity credentials becomes the first stepping stone for hackers to impose their will on a network, facilitating lateral movement to other systems.
Yoran went on to explained that these attacks are not caused by a technical problem. The technology, the threat intelligence, already exist and they are widely available. The challenges we face as an industry are in mindset. We rely on technology but most breaches happen because of the human factor in security and the only way forward is to change our security mindset. The world has changed so we must change.
Illuminating the Deep Dark Web with drugs, exploits, and Zero days
Jack Chan, Security Strategist at Fortinet, shows how hacker/attacker/normal internet users could be able to search the dark net, prequisite for which is the use TOR.
One of the main reasons why this private space becomes so popular among criminals is because it is free of surveillance, however it is not impossible to backtrack if someone has accessed to this private space to trade illegal perephanlia such as drugs, stolen credit card number, etc, a very good example is the seizure of Silk Road, a TOR site siezed by FBI in 2013. The deep web has also become a hotbed for cybercriminals to sell their botnets, hacking tools and even zero-days. (Here is the link for the presentation DeepDarkWeb)
Breaking the Kill Chain
This was the theme of Fortinet’s booth. Breaking the kill chain is a methodology for stopping an advance attack at all layers of a network wether it be spam, malicious links, exploits, malware or bot command and control requests (here is a paper describing the concept). These threats can be blocked through the use of next-generation firewalls, secure email gateways, endpoint security, and other similar products leveraging highly accurate security technologies. With the advancement of security solutions we can expect that attacks too will evolve so we too must evolve to break the kill chain.
To keep it interesting and interactive to customers and visitors, we had 2 Xbox Ones for grabs and all they have to do is win in the Cyber Threat Challenge, an interactive game. The setting is, as the Chief Security Officer of a large enterprise with a given budget, what security solutions would you deploy. The goal is to have the highest budget left and lowest damage. (Try the challenge here and see how you can protect your network from attacks here)
Most of the talks mentioned the breaches from last year giving last year the name "2014: A Year of Mega Breaches", and how this could be prevented and stopped for future years. Vendors also demonstrated their products and explained how they can help a business protect their greatest assets. In the end, being able to listen and talk to other security professionals definitely was a great learning experience.
Other interesting links from RSA Conference Asia Pacific & Japan 2015
Agenda of the conference with ppt presentation provided: http://www.rsaconference.com/events/ap15/agenda
-= FortiGuard Lion Team =-