WeLiveSecurity: Are you looking forward to RSA this year?
Tony: This is my 20th year attending RSA. It’s one of my favorite conferences as it’s a gathering of the entire global security community in one of the world’s most innovative technology locations!
WLS: What will you be up to this year at the show? Anything people can join in on?
Tony: I am going to be busy. On Tuesday (4/17) at 11:30 a.m., I’ll be appearing on RSAC TV talking about “Hype or Myth: Smart Home Security,” talking about the security and privacy challenges of IoT devices in smart homes. On Friday (4/20) at 11:30 a.m., I am giving a talk called “Is Malware the New Weapon of Mass Destruction?” which looks at malware and nation-state attacks…and a little bit about attribution. I examine whether we’re doing enough to stop these attacks and how this changes our view of security.
I’ll also be speaking with press and analysts onsite about ESET’s commitment to security and privacy, especially for the enterprise, and some announcements we have coming at the show…which you will have to stay tuned for.
WLS: There’s a lot going on right now in security and privacy. Of all the topics you could present on at the show, why are you passionate about nation-state attacks?
Tony: Over the last year there has been a number of major incidents and issues, from "WannaCry" [ESET detects this as Win32/Filecoder.WannaCryptor.C, or less formally as "WannaCryptor.C" — Ed.] all the way through the more recent Meltdown and Spectre vulnerabilities. When infrastructure such as health services are taken offline and nation-states start blaming each other, it’s important to examine the facts to see if this is a war of words or if malware really is being turned into a weapon.
WLS: And on the IoT topic and the “smart home,” what do you see as the security or privacy challenges there? What can people learn about at your talk? (without giving too much away of course…)
Tony: We started a project at the end of 2017 to see if a regular person could venture into the world of having a very basic smart home without worrying about the risk to security or privacy. Taking 12 IoT devices, we looked to see if there were weaknesses or vulnerabilities and what the privacy implications may be, both individually and when you look at them holistically.
WLS: Looking at the general landscape of cybersecurity and privacy, what in your view has changed since last year’s RSA?
2018 must be the year of privacy. With the European Union’s General Data Protection Regulation (GDPR) coming into effect in May, we are sure to see some major changes in the way our data is handled, especially in Europe. There has been a lot of preparation by companies, both in Europe and around the globe, to prepare for the changes. In contrast, the US has backed away from limiting ISP data collection and taken a different path. It will be interesting to see how these two views can coexist.
I have also been watching the cryptocurrency rush, the speculators and fund managers driving prices up and down. What does this have to do with security? Actually a lot; digital currency is the de facto payment method for cybercriminals who want to remain anonymous. We are starting to see some governments and regulators talking about bringing crypto currency in from the cold and making it accountable in the same way other financial markets are. This could change the way cybercriminals are funded, potentially ceasing some of the potential methods they currently use to make money.
WLS: Outside of ESET’s activities at RSA, are you looking forward to any topics or speakers in particular?
Tony: As always there is a great lineup of keynote speakers, from Microsoft’s Brad Smith all the way to Monica Lewinsky. I am particularly interested to hear Ms. Lewinsky speak on the experiences of online harassment and how we need to create a safer social media environment, especially for the next generation.
WLS: Thanks, Tony.
For more information about ESET’s activities at RSA 2018, please visit our page here. Our booth is in South Hall #1401.