The State of Security at Geekfest: It’s Worse Than You Think
Like Aaron mentioned, was thrilled to see more amazing speakers at our inaugural Geekfest SXSW event. I think just about all who listened to the discussion about cybersecurity came away with the same takeaway: it’s a bigger problem than you think.
TK Keanini (CTO – Lancope) kicked things off with Cybersecurity: a Game of Innovation. In his presentation, he made the case that cybersecurity is an ongoing game of innovation, where both sides work to out-innovate the other. He started with the evolution of Cyber Conflict from manual attacks/ defenses paved the way for mechanized attacks/ defenses to talented human/ mechanized attackers and the equivalvant on the defensive side. Finally, 2011 brings things to where we are now: do-it-yourself human threats/ mechanized attackers. By DIY, TK meant hackers these days don’t need to code. They can buy tools that automate much of the process. Citing stats from Hackmageddon.com, the US was the #1 security target overall by a pretty wide margin, followed by the UK. Because it is lucrative, Cyber crime was the motivation behind almost 75 percent of the attacks in February this year.
TK also turned attention to the Internet of Things (IoT), providing a glimpse of the security problems it causes. For example, SHODAN, an Internet-connected device search engine created and run by John Matherly (@achillean on Twitter), easily shows the vulnerabilities of internet devices many of us use every day. One example: a crematorium that was unsecured (as in anyone could control it from the Internet). Eye-opening and scary to say the least.
TK also referenced Verizon’s 2014 Data Breach Report as another example of how the good guys are being out-innovated in terms of cybersecurity. What can we do about it? Change how the game is played: instead of focusing on patching hundreds of security holes, focus efforts on detecting hackers in the midst of a series of operations we know they need to perform.
He reminded those in attendance that security is everyone’s problem, and offered the following recommendations: be social about security (look out for each other 0nline); operate online with a healthy degree of paranoia; use 2-factor authentication whenever possible (check https://twofactorauth.org/ for more); on the enterprise side, pay for security features and demand more from vendors); remember that only (mostly) secure data is encrypted data.
Here are TK Keanini’s slides and more background on him:
Bio: TK Keanini brings nearly 25 years of network and security experience to the CTO role. He is responsible for leading Lancope’s evolution toward integrating security solutions with private and public cloud-based computing platforms. TK is also responsible for developing the blueprint and solution that will help Lancope’s customers securely benefit from the promise of software-defined networking (SDN). Prior to joining Lancope, Keanini served as CTO for nCircle, driving product innovation that defined the vulnerability management and configuration compliance market. Before joining nCircle, he served as Vice President of Network Services for Morgan Stanley Online, where he built and secured a highly available online trading system. Previously, Keanini was a systems engineer at Cisco, advising top financial institutions on the design and architecture of their data networking infrastructure. Keanini is a Certified Information Systems Security Professional (CISSP).
Michael Crosno (Executive – Click Security) continued the reasons to be concerned theme when he took the stage to discuss The Changing Landscape of Enterprise Security. Michael shared tons of scary stats and a couple anecdotes to illustrate just how difficult things have become. Michael painted the picture that hackers outgun the good guys in a number of different ways. How so? Globally, companies spend $70 billion per year on cybersecurity; hackers make over $300 billion over that same time frame. Regarding the cost: Drug-trafficking costs us about $600 million a year; security breaches costs us over $1 trillion a year. Continuing down that path, Michael confirmed 400,000 registered hackers in China; they are unionized, can get health insurance; black market tools available everywhere. Hackers don’t need to code at all today.
Michael also discussed the Anthem hack, estimated to have affected tens of millions of customers, in a coordinated effort that happened over the course of an estimated 10 months. What are hackers doing with that information? Selling the entire details of a person’s health information from medical history to insurance ID. Say you have medical problems with your knees that will require surgery. Hackers will sell you insurance ID and appropriate details to someone overseas that will allow them to fly into the United States (in a different state than you reside) and to have those knee surgeries using your health insurance to pay the bill. Scary stuff.
So, what does all this mean to IT security? Michael sees a shift in focus from threat prevention or detection (keeping hackers out) to threat investigation (finding hackers once they are in your network). He cited research from Microsoft that analyzed 20 years of security breaches that found nearly 500 actions were common requirements for large-scale security attacks. Research from Google and Symantec came up with slightly lower numbers, but all agree that there are a set of steps hackers have to go through. Per Michael, companies need to focus on recognizing hacker behaviors during these processes to build out predictive patterns so they can catch them in the act. That’s why he says the next big wave of security tools will focus on investigation rather than prevention.Ultimately, he sees security maturing in the same way Business Intelligence has. Years ago, companies had small teams of BI analysts. These days, lots of people in different BUs use BI software for insights. Regardless, companies will need a lot more people involved on the security front.
Bio: Michael Crosno is currently the President and CEO of Click Security. Prior to Click Security, he was the Founder and CEO of MyEdu Corporation in Austin, Texas, which he sold to Blackboard Corporation in 2014. Crosno joined MyEdu from Global 360, a leading BPM company, where he was President and CEO and sold it to private equity firms, TA Associates, Technology Crossover Ventures and JMI Equity. Before joining Global 360, Mr. Crosno served as CEO of the leading enterprise portal company, Epicentric, Inc. He sold the company to Vignette and served as EVP Worldwide Operations. Previously, he was EVP at Gemplus, SVP of Worldwide Operations at ViewStar and VP of Sales and Marketing at Computer Associates.
Michael Coté (Director, Technical Marketing – Pivotal) closed things out on the cloud front discussing how companies can implement a fail fast model while still being focused on the right things in a presentation he called “Failing fast for the up-tight.”
In a talk that featured outfitting urinals with sensors to the Death Star, he made the point that failing fast worked for implementing cloud infrastructure tools and in other areas as well. Regarding failing fast, Coté acknowledged the tech concept of failing fast doesn’t seem to make sense for some companies at first blush, but it’s a positive thing because it gets at trying to solve specific problems. To him, failing fast means rapidly try out new things; getting new code in customers hands on a daily or weekly basis, Observing how customers use it, gathering feedback and iterating based on that feedback, In other words, failing fast really means learning fast.
So where do urnials come into the picture? Coté compared outfitting old urinals with sensors to how many companies have approached their private cloud implementations over the last several years. Modernizing old, legacy urinals with sensors that only work part of the time ends up frustrating the users. Not focusing on the bowl means not addressing the fundamental problem of using too much water; inefficiency. It’s a halfhearted attempt to implement technology. Similar to what Pivotal sees with many clients in regard to their private cloud implementations. In their reseacrhc, Pivot found that up to 95% weren’t happy with results of their private cloud efforts. I n many cases, they were doing half the work, or installing an infrastructure and expecting that to make a difference; 3 – 5 years later, many companies are getting to what he called the “state of the blinking cursor.” Companies invested in changing infrastructure, rolled out new cloud technology, but nothing much is happening as a result. In Coté believes companies need to focus less on installing chunks of infrastructure and spend more time using the failing fast model to test what functionality needs to be rolled out to help end users.
Here’s Michael’s presentation and a bit more detail about him:
Bio: Michael Coté works at Pivotal as part of the technical marketing group. He’s been an industry analyst at 451 Research and RedMonk, worked in corporate strategy and M&A at Dell in software and cloud, and was a programmer for a decade before all that. He blogs and podcasts at Cote.io and is @cote in Twitter.
For more information on our SXW2O events, please visit our website: http://w2oevents.com