Apple versus FBI takes centre stage at RSA Conference

Just as Apple versus FBI is on the boil, along comes the world's largest information security event with over 40,000 practitioners from businesses, government, military, academia and every company that plays in the information security space.

Just as Apple versus FBI is on the boil, along comes the world's largest information security event with over 40,000 practitioners from businesses, government, military, academia and every company that plays in the information security space. The RSA Conference is in its 25th year and bigger than ever, and while most of the topics being discussed mainly revolve around business technology concerns, the Apple versus FBI tussle is overshadowing the event as people the world over take a deeper interest in how privacy and security give rise to standoffs like this one. The outcome will have a bearing on society for a long time to come.

The Apple vs FBI debate isn't even being directly referred to by many of the speakers, but the subtext is clear. RSA President Amit Yoran in his keynote had some tough love for the US government, saying, "Their (the US government's) perspective and agenda differs greatly from those trying to defend networks. Some policy proposals, like weakening encryption, are so misguided they simply boggle the mind." If that message wasn't clear enough, he added that we live in a golden age of surveillance, more so than at any other point in history. Yoran also went on to poke fun at the US-China agreement not to hack each other. "Just when we thought we had seen all of the humour our industry could offer, in September, the U.S. and China agreed not to hack each other for commercial advantage. Obviously, perspectives vary on the actual impact of the agreement. Rest assured, we’re not cancelling the RSA Conference just yet."

In another keynote, Brad Smith, Microsoft's president and chief legal officer made Microsoft's support for encryption and customer privacy clear. "The path to hell starts at the backdoor," Smith explained, voicing Microsoft's support for Apple against the FBI. He added that there was no such thing as national security today without cybersecurity. Yoran's predecessor, the much-respected Art Coviello, former President of RSA, who received a lifetime achievement award, stated that any suggestion of breaking encryption was a bad idea. Coviello, playing the role of an elder statesman in information security, urged both sides to put aside partisan bickering because it only "helps enemies". "This doesn't mean compromise though," Coviello elaborated.

The US government seems to be smoking the peace pipe too. Yoran mentioned in his keynote that the U.S. Secretary of Defence, the director of the NSA, a number of national cyber czars, members of Congress and Governors, besides the Director of the FBI and the Attorney General of the United States would be at RSA Conference. According to a report in The New York Times, US Attorney General Loretta E. Lynch's key message at the conference was that US national security depends on the industry’s cooperation, and emphasised the need to find middle ground. The report added that NSA Director Admiral Michael S. Rogers also tried to be conciliatory, not referring to the Apple case or even mentioning encryption, choosing to dwell on the need for partnership and dialogue to battle threats. US Defence Secretary Ashton B. Carter too did not address the Apple case in another session.

Despite the Apple versus FBI case looming over the event, it was business as usual.

Last year, Yoran, in his first keynote as President of RSA, said that the security industry was broken. This year he said that the general purpose computing paradigm we operate under cannot be secured. With the emergence of IoT, the problem is only going to get exponentially worse. "Prevention is a failed strategy," Yoran emphasised. He explained that visibility into identities only takes us so far and called for visibility of full packet analysis of networks combined with an understanding of telemetry from our endpoints to see exactly what is going on. "Logs are simply not enough. Comprehensive visibility is the base building block for obtaining truly insightful analytics and scoping out complex incidents correctly."

This is where behavioural analytics comes in. Yoran said that behavioural analytics, AI, and machine learning would be key themes this year and that the RSA itself is announcing the availability of their own behavioural analytics platform. He described it as being akin to " analytics magic, capable of detecting and highlighting incredibly sophisticated attacks never seen before." He was equally quick to point out that they aren’t really magic. "All forms of analysis in a stovepipe, be they malware in a sandbox, end user behaviour, or threat intelligence, can be readily bypassed, which is why pervasive visibility is foundational. No matter what any vendor claims, there is no actual magic that can save us," Yoran explained.

He referred to Google's AlphaGo deep learning system, which in 2015 definitively beat the reigning three-time European champion of China’s ancient game of Go, a game unparalleled complexity. Despite AlphaGo's impressive achievement, Yoran said he didn't think that AlphaGo was a model of AI for security challenges, which he described as infinitely more complex. Games like Go have well-defined boundaries and players, both human and machine, and a fixed set of rules. The game of cybersecurity doesn't have opponents playing the same game or following the same rules. "In fact, our opponents don’t really have rules; our problem is not a technology problem. Our adversaries aren’t beating us because they have better technology. They’re beating us because they are being more creative and patient and persistent. They are single-minded. They have a target – no prescribed path to get there, no overarching rules, just a target – and a virtually limitless number of pathways to explore," he added.

What is Yoran's solution to this challenge of keeping up, knowing that even state of the art analytics will be insufficient in the face of creative adversaries? "Leverage our own smart creatives – our own curious, problem-solving analysts and set them loose to track down and hunt for our opponents; if you don’t have hunters, grow them, or at least don’t stand in their way. Allow, train, and equip your people to be hunters. Focus on empowering them with the tools that can fuel their curiosity and enable them to find the answers they seek."

To those practitioners who would complain about the scarcity of information security talent, Yoran had two words of advice: Stop whining. He added that companies also need to focus their investments on technologies that enhance rather than replace human creativity and problem solving. "Technologies that automates routine and mundane tasks help. Black boxes that just throw off alerts without supporting data or explanations only provide the illusion of security. We need to know why something is being flagged. We need tools that give us the comprehensive visibility we discussed earlier; the perspective to see the whole playing field and when rules are being violated. That’s why as we transform RSA, our focus is on delivering solutions with unparalleled visibility," he elaborated.

Find our entire collection of stories, in-depth analysis, live updates, videos & more on Chandrayaan 2 Moon Mission on our dedicated #Chandrayaan2TheMoon domain.