The upcoming, annual San Francisco RSAOpens a new window cybersecurity conference is one of the world’s foremost gatherings of security experts and this year’s event promises to tackle the biggest threats to enterprise cybersecurity, among them deep-fakes, attacks on industrial production and risks of connecting appliances to the internet.
Organizers of the RSA Conference 2020 from February 24-28 have fielded 2,400 submissions from security experts who want to speak at the conference. Of those proposals, the organisers have identified these overarching cybersecurity themes:
- The importance of designing, developing and maintaining secure connected appliances ranks as a key theme. Objects in people’s daily use are increasingly connected to the internet as they communicate with other devices and apps. Connected cars and TV, smart homes, washing machines and fridges can all become doorways for hackers to enter secure networks. Product designers and cybersecurity staff people must work closely to build security into these objects.
- The convergence of Information Technology (IT) and Operational technology (OT) worries manufacturers. Most cybersecurity is tailored to IT, which deals with the communication of data inside a company. But the safety of OT, which refers to systems that control heavy machinery and production lines, is raising new concern. OT is increasingly connected to the internet. Hackers are getting more skilled at entering a company’s network through IT and spreading malware to the manufacturing process. OT attacks are increasinglyOpens a new window prevalent.
- RSA has made “the human elementOpens a new window †a key theme this year. This issue refers to ways in which attackers target the behavior of computer users and in which organizations respond to attacks. As the conference organisers say in this report:Opens a new window  “An overwhelming number of submissions started with a focus on the human impact as a means of offering insight on how to better leverage common frameworks, inform decision makers in risk management, mitigate new and emerging threats and build a productive and security-centric culture.
- The rise of deep fake technology looms ever larger. Faked video and audio recordings that sound just like the real things can quickly deceive. Software for those fakes is easy to get and the technology is advancing quickly. Before long consumers might find it impossible to distinguish between fake and real. A fake recording could be made, for example, of a company boss asking for money to be transferred into a criminal’s bank account. One might hear audio of an official giving false information that affects a company’s share price. The security community must create software that automatically identifies deep fake recordings.
- Supply chain attacks such as those mounted by the hacking group collective MagecartOpens a new window are on the rise. These attackers find ways of compromisingOpens a new window the suppliers to third-party websites. Attackers manipulate suppliers to bypass the website’s security controls. Magecart has been blamed for attacks on the British Airways and Ticketmaster websites in 2018, among others. Cybersecurity experts took those cases as a challenge to remove rogue codes in the supply chain.
Other significant issues this year include the growing use of AI and machine learning. Attackers, defenders and surveillance software are all paying attention. This year’s RSA participants will are sure to take a lead in handling whatever cyber-attackers throw at them in 2020.