From May 17th to 20th, the RSA Conference 2021 took place, an event that we attended in person last year in San Francisco with Inprosec. The experience was so positive that this year we have repeated, this time presenting the InprOTech project to the world.
In this edition, due to the pandemic, it has been done virtually, so we have turned to the design of our virtual stand, a catalog of services and a video presentation of InprOTech. And of course the new InprOTech website.
In this summary we will explain the most interesting talks and discussions, in our opinion, of the entire RSA Conference.
On the first day of the event, we had the opportunity to enjoy and listen to expert cryptographers in the opening Keynote. During this session we had the pleasure of enjoying the presence of Carmela Troncoso, a Galician who has made a name for herself in the international cryptography scene.
The protagonists of this session were Ross Anderson, Ronald Rivest, Adi Shamir, and of course, Carmela Troncoso.
During the session they discussed privacy challenges, such as the trade-off between privacy and robustness or privacy and efficiency. And of course, reference was also made to Covid-19 and the traceability of contagions, which is a very sensitive issue in the current situation.
During the 2nd day of the event, we were surprised by two really interesting sessions.
First: “How you can ask the right questions to succeed with your security projects“. This talk focused on the importance of asking the right questions in environments and situations where we do not have 100% of the necessary information. To this end, 3 actions related to cybersecurity were proposed:
- Discover: one must know the audience before whom we are working, ask follow-up questions relevant to the context and thus be responsive, adopt checklists for stressful situations and thus minimize wrong answers.
- Plan: use inclusive language with a client, broaden the question frame to elicit creative solutions, but combine them with specific questions for adequate coverage.
- Persuade: formulate questions in a way that the other person is empathetic and thinks from your perspective, link cybersecurity objectives to business objectives.
Secondly: “From existential to reality: 3 experts on the evolution of ICS threats“. The experts shared their experience in managing emerging risks due to the growth and sophistication of Ransomware attacks targeting OT environments. During the conference, it was emphasized that most ransomware attacks enter through IT, but due to incorrect IT/OT network segmentation, they spread to critical environments where the impact is even greater.
The keynote speakers made 3 key recommendations for approaching cybersecurity management:
- Increase OT network visibility.
- Identify and prioritize OT assets and who is responsible
- Increase incident response capabilities.
On the third day of the event we would like to highlight two sessions.
Firstly, the session “Smart IoT: IoT Botnet Attacks on Power Grids Exploiting Their Weak Points“, in which Tohid Sheraki, explained how a cybercriminal can take advantage of data privacy issues in smart grids to exploit them through botnets and cause system-wide outages. In turn, he explained a series of proposals to be implemented by governments, IoT providers and public companies to reduce these risks as much as possible.
Second, “Building Trust and Resilience: Privacy Risk Management for SMBs” in which Dylan Gilbert and Naomi Lefkovitz discussed the relationship between cybersecurity and privacy risk, as well as the structure of the privacy framework and its core. Moreover, through interactive exercises, the “Ready, set,go” model for privacy implementation was applied with a hypothetical case, in order to internalize how it works.
The last day came with a large number of interesting sessions for our InprOTech team. We will highlight three.
First, “Eliminating IT/OT silos and implementing zero trust for IoT/OT devices“. Traditionally OT and IT have operated in separate scenarios, but digital transformation has eliminated the gaps between them, which led to a growth in risk and malpractice.
During the session, Phil Neray, outlined different IT/OT related strategies:
- The environmental and human impact of OT is huge, so it is necessary to implement IT services to prevent damage and economic losses.
- Need for good communication with your team to avoid cyber-attacks.
- Patch when possible, implement MFA, train employees and eliminate unnecessary remote access.
- Continuous monitoring, detecting unauthorized devices.
Second, “Linking industrial cyber risk to business risk and executives“. During the session, the importance of cybersecurity in industrial environments was emphasized. One of the critical factors is the human side, since there is a lack of awareness of the risks on the part of managers and workers, so this awareness is one of the main tasks to be taken into account.
As this was a dynamic workshop, after reviewing the classic definition of risk and seeking an updated definition by adding resilience, a series of questions were raised for discussion:
- How has cyber risk been defined for ICSs?
- What governance structure have they used, and does it work?
- What artifacts have they found useful for boards and executives?
Finally, “What CISOSs and CDOSs should know about designing data ethics strategies: a lawyer’s perspective” featuring Jeewon Kim Serrato, Mark Aldrich, Brett Cook and Dave Cohen, established the importance of data ethics, compliance vs. data lifecycle and privacy fundamentals.
One of the most important aspects of the talk was to maintain a constructive process of fostering transparency, assigning accountability and following through on remediation strategies.
After the conclusion of an event of this caliber, one always gets to reflect deeply after hearing different perspectives on our industry
What is clear, is that the event has served the whole team to confirm the growing need to implement industrial cybersecurity programs, due to the evolution towards digitized industries, continuously exposed to the dangers of the Internet.
One of the most repeated issues during the event is the importance of a correct segregation and segmentation of networks, as well as the importance of visibility to be able to anticipate any type of incident affecting availability, confidentiality or integrity.
Finally, as we said last year, the networking that is generated in this type of events is an opportunity that cannot be wasted. This year has helped us to raise awareness and expand the InprOTech brand throughout the world.
See you next year!