Artificial Intelligence, Zero Trust, Among the Topics at RSA 2021
This year, RSA will feature more than 200 educational sessions across 24 informational tracks and will include 19 keynote addresses. Resilience is a concept that will be threaded through many of the sessions, as speakers describe how they and others endured the massive security challenges of sudden remote work while their organizations weathered the concurrent business disruptions. “We’re seeing that topic woven in everywhere,” Thompson said.
Scheduled sessions include “The Coming AI Hackers,” in which the Harvard Kennedy School’s Bruce Schneier will describe a world where “the tax code, financial markets and any system of laws” can be hacked by AI-powered bots, disrupting social, economic and political systems. This week’s ransomware attack on the Colonial Pipeline, disrupting gasoline delivery for days and sparking panic buying in some parts of the country, is an example of the type of social disruption that cyberattacks can cause.
In addition, Microsoft CISO Bret Arsenault will discuss his company’s deployment of zero-trust security for its own employees and the lessons it has learned since the start of the pandemic. Mark Weatherford of the National Cybersecurity Center will lead a panel discussion on how businesses should set security priorities under ever-worsening circumstances. Anne Mortimer, managing partner of the law firm Hunton Andrews Kurth, will draw from her experience to describe “bungled breach responses.”
Luminaries delivering keynote address at this year’s event include Chuck Robbins, CEO of Cisco; Steve Grobman, CTO at McAfee; Angela Weinman, Vmware’s head of global governance, risk and compliance; Vasu Jakkal, vice president of security, compliance and identity for Microsoft; Dow Chemical CISO Mauricio Guerra; and Johnson & Johnson CISO Marene Allison.
SolarWinds CEO Will Speak at RSA 2021
One of the most interesting sessions will feature Sudhakar Ramakrishna, CEO of SolarWinds, who will discuss the major supply chain attack that hit the company last year. “For the first time, SolarWinds shares its unique view of the attack’s ‘what, how, and who,’ including key learnings about the novel tradecraft that can help the industry better prevent and protect in the future,” notes RSA on its website.
A key trend in cybersecurity in recent years is information manipulation, which can include anything from “fake news” designed to influence an election to sophisticated phishing attacks. Concerning the latter, Thompson noted that threat actors have dramatically improved their tactics and the technology they use to target employees since the days of dubious emails from Nigerian princes.
“Think about what used to be a standard email compromise,” Thompson said. “You’d get an email coming in to finance and it would have a great story about why you should wire a sum of money somewhere immediately. Today, some of those attacks involve deepfakes and you might get a call from, apparently, the CEO, when it’s actually not.”