We continue to bring you a variety of resources from RSA Conference to help you not only navigate new security challenges that have come to light in our COVID-19-impacted world but also to inform you on how to sustain a robust and prolonged security strategy. Here are this week’s Top 5 RSA Conference 2020 resources with additional insight into what the speakers would do differently if they presented their sessions today.
Joseph Jerome, Multistate Policy Director at Common Sense Media, said, “Public health emergencies warrant extraordinary responses, but privacy considerations should be top of mind as we race to collect more sensitive health, location and biometric data, and shift so many essential services online. Already, privacy and security considerations have had substantial impacts in the use of contact-tracing apps and video conferencing services, and companies have been expected to have a plan in place.” Craig Spiezle, Founder of AgeLight Digital Trust Advisory Group, added, “Essential tasks—medical care, work and schooling—have moved online, raising data collection and privacy implications. There are significant risks that only 90 days ago were never imagined. We may need to recalibrate privacy principles and redefine humane technology. The challenge is how to reconcile what at times are conflicting priorities of security and privacy for the greater good.”
“I would spend more time diving into the topic of personal transformation,” said Elliott Franklin, Director of IT Governance & Security for Loews Hotels. “It is key that security leaders reach out to their team members and their friends via video calls and have meaningful conversations. Laugh, have a drink and be honest with each other. Focus on something positive. We must make sure we are getting exercise while being at home. I have found a free personal trainer on YouTube that has 30-minute daily HIIT workouts. Even while most of us want to binge watch shows, this too can cause us to slip into depression. We still need to balance our screen time. Read the news from allsides.com so that it is balanced. If you watch the news all day about this virus, you will be very depressed and feel that there is no hope.”
“Many brick and mortar retail stores have been forced to close their doors and are instead focusing almost exclusively on online sales. As a result, many online businesses are trying to squeeze as much revenue as possible during these tough times and some may be willing to increase their usage of targeted advertising as a result,” said Daniel Ayoub, Director Product Management at ThreatMetrix. “Many governmental agencies are offering online services for applying and delivering stimulus payments or small business loans. This has created an opportunity for bad actors to commit fraud against a vulnerable segment of our populace. As a result, governmental agencies have legitimate usage for fingerprinting technologies and may begin using the technology more broadly to mitigate these risks.”
“I would emphasize that now more than ever the concepts I shared are critical,” said Malcolm Harkins, Chief Security and Trust Officer at Cymatic. “With not only the economic shockwave and likely security budget cuts occurring but also the humanitarian impacts we are seeing, I think the best way to not only “survive but thrive” is by having a leader who has created a culture that has these core tenets of I Believe, I Belong, I Matter. If you’re not in an organization that practices these, imagine the extra effort, the support, the cohesion you would have as a team. Imagine the strength they could find in themselves and in each other while they struggle.”
5. How Generational Psychology Impacts Your Security Strategy
“Seeing how much companies are relying on technology to empower remote workforces right now, I would put even more emphasis on a key point from my session: different generations consume and leverage technology differently,” said Ben Smith, Field CTO (US) at RSA. “This truism should absolutely inform and influence how you think about securing these remote workers today. As an example, educating your workforce about the benefits (and risks!) of VPN split tunneling is timely and especially important. Never forget that what might be an ‘obvious’ risk to a member of one generation may be completely foreign (or invisible) to another.”