5 things we learned from RSA Europe 2013

We're back from three days of flat-out security in Amsterdam for RSA Europe 2013. So what did we learn? Read on, and click through to the full reports for more.

1. Security chiefs don’t care much for privacy

Well, Art Coviello, RSA’s executive chairman doesn’t so much. A year ago, Coviello kicked of RSA Europe 2012 with an attack on privacy advocates and their “cries of big brother” that he said were stalling the security industry’s implementation of important surveillance technology. And once again, Coviello this week said the NSA spying saga should not deter companies from developing the best security measures possible for their network.

“Some of our customers are caught in an agonising and paralysing Catch 22; literally afraid to deploy technology that would protect theirs and their customers’ privacy for fear of violating workers’ privacy,” he said.

“Of course, that conundrum ignores the fact that the exact same technology can and would protect those workers’ privacy. This demonstrates the consequence of pitting security against privacy. We can’t let that happen."

2. China’s cyber fear-factor remains

The aforementioned NSA saga may have seen the United States’ online integrity plummet to new depths, but it seems that China is still holding onto its dubious crown as fearful web overlord. Suspicions remain high in the West that the People’s Republic is funding specialist cyber-attack units who target critical infrastructure in Europe and the US, and steal intellectual property from the region’s businesses.

And during a panel discussion in Amsterdam this week, Kaspersky Lab’s Costin Raiu said these concerns were still founded. “I would say if we’re talking about [cyber-criminal] groups operating from China, we’re talking maybe between 100 and 200 different groups. I would say that’s the largest operating base of threat actors in the world.”

3. The government’s CISP programme is flawed

When Whitehall’s Cyber-security Intelligence Sharing Programme (CISP) cropped up in a roundtable session on day two of RSA Europe, the small band of press in attendance was fortunate to have an advisor of the project itself in their midst.

FireEye CTO Greg Day is a member of the steering board for CISP, and admitted that the sharing policy that underpins the entire project doesn’t sit comfortably with most of the security industry. “When the UK government set up CISP, which was about industry members sharing with each other, the first discussion they all got to was about trust,” said Day.

“Everyone [in the industry] thought this is brilliant, we should do this, and then they turned around and asked who would be willing to share this data, and I’ve never seen so many hands go down so quickly. So they always wanted it (the intelligence) but no-one wanted to share it.”

4. Ransomware scams are about to hit smartphones

Ransomware certainly represents one of the more sinister strands of malware attacks with its ability to completely lock users out of their device, demanding payment for the release of files, and indeed the device itself. Worryingly, Webroot’s security intelligence director Grayson Milbourne says the traditionally PC-based attack vector could now be heading for our smartphones and tablets.

With the ploy representing such value for money for attackers, Milbourne says its proliferation on mobile devices is inevitable, despite there being relatively few incidences of mobile ransomware so far. “It’s a dirty tactic and it’s very effective because people care deeply about the files that have just been encrypted [by the attackers],”he said.

“The focus of the cybercrime industry is really sharpening on mobile devices because attackers are very aware that there’s great profitability there," Milbourne warned. "There’s low security, low authentication, and a vast quantity of data – especially in a BYOD environment today. You haven’t just got your personal data but you’re also going to have some good corporate data there as well,” Milbourne warned, somewhat ominously.

5. Big data intelligence will drive the future of security

Big data intelligence can become the most important weapon in fighting cyber-attackers, Symantec’s security strategist Sian John told us on the third and final day of this year’s event. Data and analytics permeated much of the discussion in Amsterdam throughout the week, and John said that careful use of new intelligence sources could ultimately help organisations second-guess their cyber-adversaries.

“I think that’s the key, whether you’re small or large [as an organisation], don’t just implement the technology, but look at what comes out the back-end of it. If you’re seeing events, can you pull these events together? Can you see a pattern? There’s lots of great security technology out there, but the key is not to look at what it produces in isolation, but look at the context of everything else that’s going on.”