SBN

RSAC AdBoard: Checking In with Todd Inskeep on 2018 Predictions and Beyond

It’s hard to believe but we have reached the midway point of 2018 already. Where does the time go? Part of the fun that we have closing out each year is looking ahead to what the year ahead and beyond brings in terms of trends, topics and industry movement. We did this with the RSA Conference Advisory Board back in December 2017 looking at what is to come in this blog post.

We want to revisit some of those predictions and insights this summer and so we caught up with Todd Inskeep, Director at Booz Allen Hamilton, and member of the RSAC Advisory Board to get his thoughts.

Todd Inskeep

For 2018, we tried to look more strategically at our predictions, what’s happening over a 10-year period. At the midpoint of 2018, I think we see signs our predictions were right:

  • On the impact of attribution, and awareness increasing in the public, we now have a mainstream novel (The President is Missing by James Patterson and Bill Clinton) talking about Fancy Bear as a threat actor. The movie adaptation of “Ready Player One” highlighted a variety of poor security practices by the antagonist company that are prevalent today – and apparently still relevant in 2044 (scary!)
  • GDPR has become effective, and while it’s too early for lawsuits, we’ve all seen the increase in privacy policy changes and clicks on websites in the US and abroad. Regulation continues to shape our digital lives in interesting ways. 
  • There’s no better illustration of the IoT security concerns we’ve been talking about than the FBI asking all of us to reboot our routers – and then update and change their passwords…  Wait, my parents say, I have software in my router I can upgrade? 
  • As cyber-related M&A and startup activity continues, I think we all see continued opportunity for efficiency, consolidation and new services.
  • While there were no attacks on Ukraine power systems in December and January, there have been an increasing number of reports that ‘someone’ is getting into US power and infrastructure systems, leaving ‘implants’ for future exploitation. On a related note, dwell times (the time adversaries have access to systems before detection and removal) continues to be multiple months.
  • While wholesale change away from Knowledge Based Authentication (KBA) hasn’t really taken hold yet, the first steps are being taken. The movement of people, acquisitions and other changes in the identity and access management space are indicative of people and organizations rethinking their approaches. 
  • Fraud in banking and financial services remains alive and well, with plenty of organizations finding that they are farther behind than they knew as fraudsters continue to move past traditional banks to other financial-related services and companies to exploit. 
  • The Cyber Threat Alliance and other collaboration models are showing the value of collaboration against adversaries who continue to innovate and share (sell) new playbooks and the software to execute those playbooks. 

Stay up to date on the very latest RSA Conference Newsletters! Sign up here: Link

*** This is a Security Bloggers Network syndicated blog from RSAConference Blogs RSS Feed authored by RSAC Editorial Team. Read the original post at: http://www.rsaconference.com/blogs/rsac-adboard-checking-in-with-todd-inskeep-on-2018-predictions-and-beyond