Mar 05 2019

RSA 2019: Building Trust Is the Key to Saving the World

The trust landscape is in decline, and cybersecurity pros must focus on restoring it, says RSA President Rohit Ghai.

The human race may well be facing an existential crisis. And the only thing that will save us is trust. That’s why the more than 40,000 technology pros in attendance at RSA Conference 2019 in San Francisco on March 5 should “start obsessing” about the “trust landscape” even more than the threat landscape.

So argued Rohit Ghai, RSA president, and Niloofar Razi Howe, RSA’s former chief strategy officer, appearing together to the open the nation’s largest cybersecurity conference. Howe noted that even as humans’ trust in one another is growing, thanks to peer-to-peer technologies like AirBnB and Venmo, their trust in institutions is collapsing, thanks to siloed media, political polarization and the growth of fake news on social media — some of it powered by advanced artificial intelligence.

JOIN-THE-CONVERSATION: Follow @BizTechMagazine on Twitter for continued RSA conference coverage.

Trust is to the economy what water is to life,” she said. “As the line between fact and opinion blurs, fact-based rational discourse is disappearing from the digital domain, causing people to wonder whether democratic institutions are capable anymore of solving human problems.”

Ghai and Howe envisioned two distinct futures for the human race, each unfurling over the next three decades. In one, trust has all but vanished, governments are taking draconian actions to limit freedom and build “digital walls” on the internet and support for democracy is in decline.

The world where trust is restored is very different. “That’s a world where we unshackle innovation,” Howe said. “By managing risk, we embrace new tech and make our businesses more efficient, our workers more productive and our transactions more secure. It’s an amazing world. But to build it we have to learn how to do things differently.”

MORE-FROM-BIZTECH: Learn how organizations are moving away from traditional passwords as they move to zero-trust environments.

How AI Is Being Weaponized by Threat Actors

Perhaps no technology innovation in recent decades underscores the stark path ahead more clearly than AI. Cybersecurity professionals recognize the power of AI models to predict, discover and respond to threats and are deploying it more aggressively than ever. But hackers also recognize the potential of AI to find organizations’ weak spots, avoid detection and create greater havoc.

AI is being weaponized by threat actors, said Steve Grobman, CTO for McAfee. For example, McAfee was able to build a model predicting a criminal’s likelihood of success in committing crimes with impunity. The model uses publicly available data such as such as type of crime and location to produce a map that criminals could, in theory, use to increase their success rate.

“The model doesn’t know if it’s building a way to fight cancer or start a crime spree,” explained Celeste Fralick, McAfee’s chief data scientist. “It’s just math.”

Indeed, the very same approach is being applied to nobler pursuits such as medical research, she noted.

Yet AI is also proving invaluable to those creating a new kind of fake news. So-called “deep fakes” are videos in which people are made to seem as if they’re saying or doing things that they didn’t actually say or do. As threat actors become more adept at the technique, they’ll no doubt start creating such fraudulent videos in order to generate political chaos, blackmail public individuals and more.

MORE FROM BIZTECH: Discover three best practices to boost endpoint security.

Humans and Machines Must Work Together to Foil Hackers

Taking note of this state of affairs, Grobman said it reminded him of what Orville Wright, co-inventor of their airplane, said when asked in 1943, after his invention had been used to kill millions in two world wars, if he regretted inventing it. He said he thought of the airplane the same way he thought of fire: Though capable of great destruction, humans are better off for having learned how to start fires, and they’re better off for having learned to fly.

“Like fire and flight, AI doesn’t have a moral compass,” Grobman said. “It’s about how we manage it.”

CDW Cybersecurity Insight Report

Effective risk management, rather than the elimination of every potential threat, is the key to building trust. Humans and machines will have to learn to work together to build trust, with the understanding that hackers will do the same in their effort to destroy it, Ghai and Howe said.

“Machines are great at finding answers, but humans are far better at knowing what questions to ask,” Ghai said. “We’re good at dreaming and imagining — the creative stuff. We have to stop waiting for humans and machines to each get better at things we’re terrible at.”

Keep this page bookmarked for articles and videos from the event, and follow us on Twitter @BizTechMagazine and the official conference Twitter feed, @RSAC.

Bob Keaveney

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.