Content, content, content. That’s what made the recently concluded RSA Conference 2019 APJ special and successful. Thumbs up for the content checked all the right boxes: informative, thought provoking, useful and handy.
Tech conferences I have attended frequently focussed on new products and their technical specs. The big difference with RSA Conference is that I learnt more on a variety of issues: privacy and security and cyber risk leadership; what security managers were rolling out global threat detection systems and security forensics; and what went into and countering cyber threats in industrial systems.
Cybersecurity professionals passionately shared their experiences. They have lived through the threats and attacks, put up the defences and survived. So their tips and recommendations were sought after. So were their insights on the latest security technologies.
Seven speciality tracks ensured there were always topics of interest to any of the participants gathered at the Marina Bay Sands Convention Centre last week. The tracks included eFraud, threats and law enforcement; strategy, architecture and data security; and cloud, mobile and IoT security. If the Conference had any fault, it was that there just wasn’t enough time to attend all the compelling 100 sessions and several keynotes.
There were a few key themes in the Conference. Innovation was one. Cybersecurity is such a fast expanding industry, that the Conference for the first time introduced an innovation challenge. A timely move as never-seen-before threats and attacks are emerging. Innovation is one way to meet these challenges. Nineteen startups from across the region showcased their new ideas and business models from blockchain in security and risk management to vulnerability detection and security training.
Another theme is the rising use of artificial intelligence and its adjacent technologies of machine learning and deep learning in cybersecurity. They are being embedded in the layers of protection, defence and prediction security. The bad news is that hackers are also using AI to steal money and information including intellectual property. Scarier is the threat that utilities and national transportation can be crippled by the bad guys. How would security practitioners thwart these bad guys?
This leads to another theme: working together. Several speakers suggested that governments, security agencies, researchers and academia should collaborate more closely in cybersecurity. The collective experience of the worldwide security hive could help the good guys to prevail. For collaboration to take place, nations must agree to keep away from conducting cyber warfare on each other. Rules and guidelines outlining appropriate behaviour of states in cyberspace - which are essential for international stability - have already been drawn up in 2015 under United Nations’ auspices. Due to disagreements by the US, China, Japan and Russia and other countries over what constitutes cyberspace, the process has somewhat stalled. It is time to resurrect the discussion. I’m glad that diplomats and cybersecurity professionals from Indonesia, Australia and Singapore are campaigning for this issue to be discussed.
In Asean (Association of Southeast Nation Asians) Singapore is taking the lead to frame the cybersecurity discussion. The region has the opportunity to shape cyber norms that fit the needs of Asean. On reflection, this effort for cyber peace could be the most meaningful theme to come out from the Conference.
Let’s not forget, too, the awesome energy of youth. Kyla Guru, a 17-year-old American girl passionately contend that schoolkids could play a greater role in cybersecurity. Schoolkids are digital natives, spending most if not all their time online. They know a thing or two about protecting themselves in cyberspace. But their views haven’t been included nor sought after. Guru wants to see the schoolkids and youths get a seat at the table to discuss cybersecurity solutions.
Ending three-days of profound discussions on cybersecurity with a topic on deepfake was an awesome, well-timed move. Deepfake refers to digital impersonations by superimposing source images, videos and voice with that of another individual. It uses AI techniques to do this. It is a hot topic with tremendous impact on security in terms of authenticity and integrity of information.
As a communications professional, it scares me that any news item or event can be a deepfake. It is a worrying issue, offering a timely reminder that threats and attacks can emerge from any field.
Thumbs up to Dr Hugh Thompson, programme chairman of RSA Conference and CTO of Symantec, who curated the compelling agenda and to conference organisers who ensured that all sessions ran on time and that no one was hungry or thirsty.