“Brush up on the supply chain attacks, file-less malware and “living off the land” tools and techniques” with Rene Kolga at #InfosecNA18

“Brush up on the supply chain attacks, file-less malware and “living off the land” tools and techniques” with Rene Kolga at #InfosecNA18

Ever wanted to learn how advanced attackers gain foothold within an organization’s network? Well, with Infosecurity North America only 5 weeks away, Rene Kolga from Nyotron offers his insight into the industry.

  1. What can delegates expect to learn and hear about during your session in the Tech Talks theater?

During this fast-paced talk, we will walk through the cyber kill chain of a recent suspected nation-state attack. You will be able to brush up on the supply chain attacks, file-less malware and “living off the land” tools and techniques. Can Google Drive be used as a command and control (C2) server? Can a completely legitimate Word document leak your credentials?

Leave this session armed with details of how sophisticated attackers operate along with knowledge on how to make their lives harder.

  1. The key theme for this year’s Infosecurity North America is Strengthening Cyber Defenses Against Tomorrow’s Threats. What advice do you have for practitioners building a strategy to defend against the threats of today and tomorrow?

Focus on “tomorrow’s threats” is the key. How many times have you seen the financial/investment disclaimer that past performance is no guarantee of future results? Still, practically every security vendor is talking about basically the same blacklisting approach, powered by a machine learning (ML) models, that are trained on yesterday’s data.

Don’t get me wrong, I do believe in increased efficiency of ML-based signatures and ML’s application in the areas of automation and anomaly detection. However, if we truly want to defend against threats of tomorrow, we cannot rely on the past. Ideally, both negative (blacklisting) and positive (whitelisting) approaches need to be applied in unison to achieve true defense in depth.

Infosecurity North America will take place on 14 – 15 November at Javits Convention Center, New York. Register today!

  1. In your opinion what are the hot trends/topics right now? And what will be the biggest trends in 2019?

With more and more infrastructure moving to the cloud, adoption of microservices and DevOps practices, cloud security is clearly a hot trend. Compliance and regulations like GDPR are top-of-mind across the industry as well. Finally, search for radically new approaches to securing our environments (be that endpoints and servers or IOT and critical infrastructure), like OS-Centric Positive Security and others, is ongoing. Those trends will continue into 2019, and beyond.

  1. What is the biggest information security threat to your industry?

Our industry’s inability to move past the same approach we’ve been using for more than 25 years is the biggest security threat. Back in 2005, Marcus Ranum wrote in his infamous “The Six Dumbest Ideas in Computer Security” article that, “sometime around 1992 the amount of Badness in the Internet began to vastly outweigh the amount of Goodness”. So why are we still focused on chasing “badness”? This approach might have been sufficient in the 1990s and arming ourselves with just an antivirus and a firewall gave us a sense of security, but this is definitely no longer the case. Every organization breached in the past few years had both of those solutions in place and were still vulnerable.

  1. What are your thoughts on whether the USA should implement a general data protection regulation at a federal level (similar to the EU GDPR)?

In fact, California and Vermont have adopted similar legislation. I believe we should learn from our EU colleagues by watching what works and what doesn’t with GDPR after the first 12-18 months and adopt the best parts of the law. There are clear benefits to consumers as well as homogenous framework across over two dozen countries that businesses can appreciate (instead of having to comply with different regulation per country).

  1. Do you feel that by being compliant your company is therefore secure? Does compliance equal security?

I think we all know the answer and it is “no”. However, compliance certainly forces some level of discipline and gets an organization to pay at least some attention to security. In most cases this has positive effects on the security posture.

  1. What are we, as an industry, doing right?

In the last few years the industry broadened the conversation to include audience from the outside of the industry. Security became a dinner time discussion across wide ranges of society and that had a positive impact on general security awareness. We need to do more of that and push further for cybersecurity to become part of the core educational curriculum.

  1. What one piece of advice would you give to someone who is entering the information security profession?

Develop your professional network by being part of the information security community. Participate in conferences, meetups, volunteer and contribute to the conversation by voicing your opinion on topics you are passionate about.

  1. Final word…

I’m looking forward to meeting with peers, having insightful conversations, learning from experts and making new friends at Infosecurity North America. See you there in November!

Do you want to hear more from Rene? He will be speaking at Infosecurity North America. Register today!

Leave a Comment

Your e-mail address will not be published. Required fields are marked *