Keys to Winning the Cybersecurity War

Published by Lodestone Logic on

A cryptographer, a cyber security guru, and an NSA agent walk into a bar. Who buys the first round of drinks?
This is not farfetched, 43k people descended on San Francisco in February for this year’s RSA to discuss the future needs to secure our data and the technology that we use. Hot relevant topics to healthcare and pharma included – privacy, cyber threats, artificial intelligence, blockchain, and of course… hacking.

The Keys to Winning the War on Cyber Crime: Think Small & Collaborate: Chris Young of Intel security raised concern about the integrity of small data and called for collaboration in the industry as the only way to effectively secure our future. He expressed concern about the ways in which small data can be manipulated to disrupt our decision making and more.  For example, false information can be fed into automated cars to disrupt traffic systems. He focused in on the homes and the smart devices being recruited into the Mirai botnet army. He highlighted three collaborations: GitHub/OpenDXL,, and the Cyber Threat Alliance.

The call to cooperate and collaborate was echoed by Virginia Governor Terry McAuliffe who pointed out that states manage massive amounts of constituent data, and would benefit from a ‘unified national cybersecurity framework’. Coincidentally, during the conference, a security company, Recorded Future released a list of more than 60 organizations that had been hacked. The list included universities, city and state government, and federal agencies.

Geneva Convention for Cyber Crime: Microsoft president, Brad Smith called on governments of the world to unite in the fight against cybercrime.  He proposed a group of global tech experts, academics, civil society, and public and private sectors to examine attacks to determine whether it was made by a specific nation-state. While there are currently some information sharing efforts, privacy concerns remain an obstacle.

Nutrition-Like Security Labels: In his keynote at the RSA Security Conference, Hugh Thompson, CTO at Symantec talked about consumer labeling for devices that can be used to spy on us or recruited for another purpose. A possible solution, he said is to require manufacturers divulge the potential faults of their devices and called for a set of ‘security certifications’

Regulating the Internet of Things: Saying the risks of doing nothing are too great, Bruce Schneier, CTO at IBM Resilient called for creating a new government agency focused on IoT regulation to address threats like the Mirai botnet.  The market, he warned is not going to fix the problem of vulnerable devices because neither the buyer nor the seller cares.  “The market tends not to fix safety or security problems without government intervention” he said.

Can Artificial Intelligence Fill the Cyber Security Skills Gap?: As the need for cyber security grows, so too does the global talent shortage. That shortage was evident this month when 17 tech companies took their first public stand against a government policy when they filed a friend of the court brief in the lawsuits on the immigration executive order. They said that tech companies were already competing against each other for limited tech talent.  Can AI fill the skills gap? The consensus is that it cannot single-handedly detect and automatically respond to every possible attack. However, while AI cannot do it alone, several tools using some form of AI were showcased at the conference. Potentially ‘disruptive’ uses of AI are using it to sort the ‘good guys’ from the bad guys.  Those leveraging AI to better understand human behavior focused on identifying insider threats and suspect behavior.

Learn about 94 Brands, like Pfizer, Mayo Clinic, and IBM and their

activities across 1,300 conferences and trade shows –

Download Now!