What keeps information security leaders awake at night
by Mirko Zorz - Tuesday, 28 August 2012.
Despite a variety of anti-malware technologies, targeted custom malware attacks are causing a lot of financial damage on a global level. What type of shift do we need to counter such a unique and fast-changing threat?

Signature-based analysis of malware is necessary but not sufficient. We need to get earlier in the malware life-cycle. We need to study malware delivery networks, how they are run, and anticipate where the malware might be coming from. We also need to harden the workforce.

Most targeted attacks are successful not because of the technical brilliance of the attacker. Typically attackers get a foothold into the enterprise because an employee made a bad choice. Maybe they installed an executable, or browser plug-in. Maybe they were deceived into emailing out some sensitive information. We need to fundamentally rethink our approach to security and factor in the vulnerabilities created by well-meaning insiders that make bad choices.

What events and technological advances in the field of information security have shaped this year's program for RSA Conference Europe?

After reviewing all the session submissions this year to RSA Conference Europe, a few key themes emerged. The first is mobile security. There is significant operational concern about how to implement an effective mobile security strategy in the enterprise. At this year's conference you will see sessions on mobile security that range from mobile malware to BYOD management to creating a long-term mobile security strategy.

A second big topic was analytics. How do we get smarter about analyzing the massive volume of logs that we have internally? Can we anticipate an attack by mining threat information externally? You'll see quite a few sessions at this year's conference focused on this area. Outside of these topics, we have sessions this year that really span the breadth of our field: privacy, securing the human, APTs, forensics, GRC, authentication and more.

What speakers and topics would you highlight?

We are at a pivotal time in information security. Over the past 24 months we've seen a surge in targeted attacks, the popularization of hacktivism, and the rapid, almost universal, adoption of mobile devices in the enterprise. We've got a lot to talk about this year, and you can see these themes reflected in our keynotes. Bruce Schneier is going to talk about the nature of trust.

Misha Glenny and others are focused on the underpinning of freedom online. Several others are focused on threat intelligence and analytics. And we're very excited to have Jimmy Wales close the conference. There are a lot of practical, implementation-focused sessions in the class tracks this year that explore issues ranging from detecting an APT to dealing with the demands of new privacy legislation. I think it's our best agenda yet.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th