InfoSec Takeaways from the 2016 RSA Conference
The RSA Conference is one of the largest information security events in the world. 2016 marked the 25th annual RSA conference at the Moscone Center in San Francisco. More than 40,000 InfoSec industry leaders and professionals attended to discuss topics like artificial intelligence and machine learning, privacy, encryption, the Internet of Things, industrial control systems, crowdsourcing, authentication and other industry hot topics. A wealth of information was shared about the future of encryption and privacy along with the current security landscape. Some of the hot topics at this year’s event included:
This year’s conference really solidified that Multi-factor Authentication (MFA) is now the industry expectation and not simply an optional add-on. Push notification with mobile fingerprint biometrics is now seen as the price performance leader offering affordable, scalable strong security. MFA is also getting more attention with One-Time Password (OTP) solutions being questioned more because of phishing and interception attacks, which have become more prevalent.
Apple vs. FBI
2016 is turning out to be the year of Apple vs. the FBI. I attended several sessions that focused on just how significant this case is and why careful consideration needs to be made about the implications of the outcome. I thought it was surprising that the Cryptographer’s Panel had a difference in opinion and a later keynote of both government and privacy organizations were more on the same side of the discussion. Some of the discussions referenced Monroe and Adams with regards to the role that the Bill of Rights had in the early history of the U.S. Constitution, and the early-years United States government were contrasted against the decision that is front of us.
UPDATE: DOJ Drops Apple Court Case - Click for the article from PYMNTS.com
While privacy has always been a key topic at RSA, it received much more attention this year due to the Apple vs. FBI case. Additionally, the Safe Harbor program was invalidiated by the European Court of Justice and will be replaced by the EU-US Privacy Shield was another key theme among the privacy debate. It will be interesting to see how this will impact American technology companies like Facebook, Google, Apple, Microsoft and others.
Validation for Early Warning
Early Warning’s Real-time Mobile Network Authentication is now integrated into our Authentify Platform. The power to be able to determine if someone has ported their phone number to a new phone or changed their SIM card, particularly in the last hour, is a very important and valuable indicator when evaluating risk. Used in conjunction with your mobile APP or our Out-of-Band Authentication services can provide additional risk information to allow customers to have more confidence that fraud is not occurring.
RSA 2016 was a very exciting conference this year, not only in the encryption and privacy fireworks that will shape our industry in the next year, but also in the accomplishments of the Early Warning team and the new capabilities now available to our customers.
For more information on authentication and identity solutions, contact an Early Warning Account Manager at firstname.lastname@example.org or call 855-589-7541.
About the Author: Alan Dundas is Early Warning’s vice president of product, authentication. Dundas has more than 20 years of experience developing successful networking and security products. Prior to joining Early Warning, he was chief technology officer and technical director for Symantec’s Managed PKI Service, which was later acquired from VeriSign. While there, he was responsible for the overall architecture, product roadmap, and development planning. Dundas also served as the chief architect for Hewlett-Packard’s Workforce PKI, where he supported more than 300 thousand software and hardware credentials for its employees and business partners and held key technical positions in Hewlett Packard’s networking and operating systems development groups. He is a Certified Information Systems Security Professional (CISSP) and earned his bachelor’s degree in Computer Information Systems, with a minor in Mathematics, from the State University of New York in Potsdam.