SecureWorld Boston 2019: Day Two

SecureWorld Boston 2019

Hynes Convention Center, Boston, MA

Day Two: March 28, 2019

If you enjoyed reading about Day One of SecureWorld Boston 2019, hopefully you’ll dig this Day Two coverage. A shorter day, ending a little earlier, Day Two again featured two interesting keynotes and several more presentations and panels. I patrolled the expo floor once again, conversing with some of the exhibitors I had run out of time to chat with on Day One. The second day again kicked off with a full house attending its morning keynote.

Opening Keynote: Mark Stanford, SE Manager, Cloud Security at Cisco: “The Birth of Crypto Has Changed the Threat Landscape”

Cisco’s Mark Stanford delivered an interesting presentation covering cryptomining, cryptojacking, and cryptophishing. The topic was interesting, as he touched on some important points and made a few interesting comments, such as that criminals don’t want a cost of greater than 30%.

To keep costs down, cryptominers use your machines (and computing power and energy); and that’s just one corporate cybersecurity issue around crypto.

Cryptojackers, Stanford noted, don’t need to focus on bitcoin and can profit from targeting alternate currencies and exchanges. Stanford provided examples of pump and dump schemes in alternate currencies, including showing a graph of one that didn’t work out so well for the perpetrators.

Another major point made was that we’re witnessing a restructuring, that cryptocurrency is at the center of criminal economy. It’s ideal for money laundering. And it’s worth noting that law enforcement’s focus on bitcoin, the current currency of choice, is likely to just shift the criminal focus to alternate currencies.

The presentation closed with a few to-dos; a couple made it into my notes. First, watch for increases in CPU usage. And also watch your DNS logs.

In all, this presentation was interesting enough for a tech generalist like myself to take away some high-level themes and understand some of the details, while it was specific enough for the front-liners in the audience.

Lunch Keynote: Daniel Smith, Head of Security Research at Radware: “Game of Threats”

The lunchtime keynote from Radware’s Daniel Smith was a runthrough of 52 security threats accompanied by a deck of cards-themed slide deck. 13 types of threats (from Ace down to 2) by 4 examples of each type (clubs, spades, hearts, and diamonds). My notes for this presentation are sparse, but the presentation itself was entertaining, with examples of threats ranging from ransomware to botnets to DDoS to insider threats – the stories/examples were interesting and detailed, enough for a few articles by themselves. Smith did a great job of presenting interesting facts and stories, and he held the audience’s attention to the very end.

The Rest of Day Two

Beyond the keynotes, both days featured several breakout presentations and panel discussions. I spent a bit of time as part of an overflow crowd in the “Access Control – The End of the Password?” presentation where all forms of passwords and access difficulties and roads ahead were discussed. Other panel and presentation topics during Day Two included Zero Trust, GDPR, Recruiting and Retention, Endpoint Security, and more. Across both days, the security topics covered were comprehensive.

Prizes were handed out as the expo closed, before the final round of presentations and panels began. My personal takeaways were a broad overview of the security vendor landscape, a wealth of terms and acronyms that will allow me to converse more readily within the security landscape, and a desire to build on this knowledge at next year’s SecureWorld, if not sooner. Indeed, with the knowledge and contacts gained this year, in my role as an independent industry analyst, I’m considering working a cybersecurity market segment into my off-the-shelf analysis rotation plan later this year and perhaps pursuing a single-client project or two now that I’ve gained a sense of the industry sub-segments.

Note that SecureWorld has a full slate of events across North America this year, with three events in April alone – SecureWorld Philadelphia on April 10th and 11th, and events in Houston and Toronto later this month.

SecureWorld Boston 2019: Day One

SecureWorld Boston 2019

Hynes Convention Center, Boston, MA

Day One: March 27, 2019

Last week, on March 27th and 28th, I attended SecureWorld’s 2019 Boston conference and expo, the 15th Annual SecureWorld Boston (#SWBOS19), as did more than 1,800 other tech and security industry professionals. It was a terrific opportunity to learn about the latest in cybersecurity and meet a lot of the industry’s top companies in one location. As a tech industry analyst (and blogger) with a generalist background, I hadn’t dug very deeply into security products, so this was a crash course for me. Certainly, most of the vendors’ names were familiar to me from my years covering the tech industry in general, aggregating some of my colleagues’ vendor analysis of these vendors, and assisting colleagues whose work was focused more consistently in the space, but I spent the better part of these two days getting brief introductions to each of the expo attendees’ products. My tired legs and hoarse voice at the end of the event would attest to the miles I logged while visiting at least 80% of the vendors’ booths.

With my background, my coverage of last week’s event will be from a generalist’s perspective. In addition, since I spent a lot of time visiting booths, I didn’t get to most of the presentations. (I expect that to change next year, as I’ve now acquainted myself, if just slightly, with a bulk of the security industry’s key players; I’ll plan a lot more coverage of the presentations in 2020.) I don’t intend to touch upon my booth conversations, but I will share my notes on the presentations I attended.

Though I missed the morning’s keynote while getting settled to Hynes and getting settled in, I heard impressive things about Intel’s Steve Brown’s “Going Digital: Building Your Strategic Roadmap for the Next Wave of Digital Transformation.” presentation, a speech I’m told touched upon a broad swath of digital transformation technologies.

Lunch Keynote: Bruce Schneier, Security and Cryptography Expert and Author of Click Here to Kill Everybody: “Securing a World of Physically Capable Computers”

Wednesday’s lunch keynote was an eye-opening, entertaining glimpse into security in a world in which essentially everything is a computer. I jotted down seven key points during this presentation, upon which I’ll elaborate based both on what Schneier presented and what I’ve observed elsewhere:

  1. The Internet is not built for security. Security would have defeated/overwhelmed the original purpose of the Internet. To oversimplify so it will fit into an already-too-long single sentence, it originated as a way for researchers and academics to exchange information. Though funny cat pictures certainly followed soon enough (my observation, not Scheier’s), security was not a big initial concern.
  2. Retrofitting security is hard. Once the cat’s out of the bag, so to speak… and that’s all I have to say about cats tonight.
  3. Because objects now have software, everything is insecure. This is a frequent topic at IoT events I attend. And since some legacy devices cannot have their software upgraded remotely, well, this is what keeps IoT/embedded systems people up at night. (Side note: These days, that’s pretty much all of us.)
  4. Complexity: It’s easier to attack than it is to defend/secure. Relatively self-explanatory and obvious but definitely important to remember, and it has an impact on how we deploy resources.
  5. New vulnerability in the interconnection. I really wish I had taken more notes here, but you get the gist. Interconnection provides an opportunity for a security breach.
  6. Attacks are getting faster and better. Schneier referenced the democratization of attacks. Attacks developed by some can be used by others. I did a bit of online searching to find a better way to explain this, and perhaps the best words are Schneier’s own, from this March 2015 blog post on his website.
  7. Computers fail differently. When mechanical equipment fails, parts wear out. A maintenance schedule can be set up. Or, at the very least, mechanical failure can be predictable and repairs can be made to individual components or machines as they fail. When cybersecurity fails, everything breaks and needs to be fixed immediately. Vulnerabilities discovered for one network can be exploited everywhere. At the moment they’re discovered. And so the vulnerabilities must be repaired everywhere.

The only possible outcome of increasing security breaches, as Schneier sees it, is government involvement. Regulation is coming in the future. Maybe soon. The question is whether or not it will be smart government involvement or stupid government involvement. We’re seeing it in Europe already. In the U.S., it’s happening at the state level, but Congress will do something at some point. And it behooves the security community to get involved and to court “smart” government involvement before “stupid” involvement is thrust upon the industry. To this end, Schneier directs the audience to Public Interest Tech: https://public-interest-tech.com/.

An interesting, thoughtful speech, this keynote was a must-attend.

The Rest of Day One

The rest of my Day One was spent visiting vendors’ booths, learning about cybersecurity through the vendors’ products. Next year, with SecureWorld Boston 2019 under my belt, I plan to attend more of the interesting presentations that ran concurrently with the exhibits.

And, in the evening, many attendees, myself included, ambled over to the networking reception before calling it a night and preparing for Day Two.

(Stay tuned: A summary of Day Two is in process.)