A few weeks ago, I had the opportunity to meet hundreds of security professionals at our IBM Security Community Day. I think the main reason most people wandered over to see me was the free IBM Security-branded baseball hats on my table, but many stayed to chat. Over the course of the day, I learned three things about this group of professionals: They are superheroes within their organizations, they are passionate about our common sense of purpose and they are optimistic about the industry’s collective ability to reduce the impact of cybercrime.
Our team at IBM Security is also optimistic about the future, and we believe that small teams can do impossibly big things. How? Through what we refer to as force multipliers — factors that increase the effectiveness of the group. For security, we believe those factors are augmented intelligence (AI), orchestration and collaboration. We’ll be talking about these and other topics at the next big gathering of security professionals at the RSA Conference 2018 in San Francisco.
Gain Cybersecurity Superpowers With Force Multipliers
IBM Security General Manager Marc van Zadelhoff will explain how to supercharge your powers to quickly triage cyberthreats, work as a team during high-stress times in the security operations center (SOC) and get the most value out of your security platform through integrations in his keynote address, “Our Biggest Bet Yet” which will be available for viewing live and on-demand (Thursday 4/19, 4 p.m. PT)
Machine learning can be our best weapon against spiraling cyberthreats, and the power to turn machine analytics into a trusted ally can transform the powers of the security analyst. IBM Security Vice Presidents Koos Lodewijkx and Sridhar Muppidi will explain more about the advances in AI for both defenders and attackers in their session, “AI and Cybersecurity — Applications of Artificial Intelligence in Security. Understanding and Defending Against Adversarial AI.”
Tap the Power of a Well-Orchestrated Team
Analytics is at the center of the IBM Security immune system. “Security orchestration represents the union of people, process and technology,” wrote Bruce Schneier, chief technology officer (CTO) for IBM Resilient. “It’s computer automation where it works, and human coordination where that’s necessary. It’s networked systems giving people understanding and capabilities for execution. It’s making those on the front lines of incident response the most effective they can be, instead of trying to replace them. It’s the best approach we have for cyberdefense.”
You can hear more from Bruce in his session on the topic, “Security Orchestration and Incident Response.” Bruce will also be hosting a special event in the IBM Security booth on Tuesday 4/17 at 3:30 p.m.
Master the Fundamentals
Our industry is diligently implementing General Data Protection Regulation (GDPR) programs and identifying readiness priorities. “The truth is there’s no best way to design your approach to GDPR readiness. But there are some best practices you should be thinking about,” wrote Cindy Compert, CTO of data privacy and security for IBM Security. At RSAC, Cindy will offer practical techniques and working examples of GDPR programs during her session, “Get Cookin’ With GDPR — Practical Techniques and Recipes for Success.”
As the number of connected devices explodes, securing them can be kryptonite for security professionals. A recent Gartner report noted that while spending on Internet of Things (IoT) security may reach $1.5 billion in 2018, failure to adopt best practices could have a negative impact on the success of those investments. In a Learning Lab titled “Eleventh Hour IoT Security,” IBM X-Force Red experts Steve Ocepek and Krissy Safi will discuss the latest real-world threats and offer a road map to help you address IoT security.
Even superheroes need help from their friends, and one of the most innovative additions to the open source threat sharing standards body is STIX 2.0. Powerful new capabilities are being added as the language evolves toward the ultimate vision of an open interchange format for vendor-agnostic sharing of advanced analytics, such as security information and event management (SIEM) correlation rules, across organizations and platforms. Jason Keirstead, software architect at IBM Security, will explain this during his session, “STIX Patterning: Viva la Revolución!“
And let’s be honest — it wouldn’t be a security conference without at least one session designed to scare everyone about the “what if.” Joe Gray will demonstrate how social engineering compromised a Fortune 500 company as part of a recent hacking competition. He’ll explain how data was collected using open source intelligence (OSINT) and lead a discussion on how to defend against this attack type in “Compromising a Fortune 500 Business Without Hacking a Thing!“
Visit IBM Security at RSAC 2018
Visit IBM Security at RSAC 2018 in the Moscone North Hall, booth #3829. Instead of baseball hats, this time we’ll have SOCks (get it?) and some other high-tech giveaways. Let us know how you are using your superpowers to fight cybercrime by tagging @IBMSecurity in your tweets.