“While the security industry looks for silver bullets, criminals are investing more, sharing more and working harder," he notes in show materials.
That theme – criminals working in concert – is relatively new and troubling, according to RSA Conference Program Committee Chairman Hugh Thompson. In a video released before the show (below), Thompson listed it along with four other themes likely to take center stage in San Francisco.
According to Thompson, the five big trends he’s following are:
Privacy: Spying. Hacking. Personally Identifiable Information (PII). These and other topics are front and center today thanks to the recent attacks sustained by retailers Target, Michaels and others. Add in the ongoing data collection by the National Security Agency (NSA), its Prism program, and you can understand why the security community has been upset of late, Thompson says. Watch for plenty of discussions around a new buzz-word, “data sovereignty" and a wave of privacy-related legislation to follow as a result, both in the U.S. and abroad.
Security and Convenience: These two forces have never been more in conflict than the present, security specialists agree. But Thompson believes one maxim above all others when it comes to this issue: Individuals will always optimize for convenience. “Security that inhibits convenience is giving way to security that makes something easier to do," he says. Driving this are innovations including the iPhone 5s, which shipped with a thumbprint reader, and Dropbox, which has challenged IT professionals to balance security and convenience like few other innovations.
Organized Cybercrime: As disturbing as it sounds, cybercriminals are working together more than ever before. In fact, they have developed a basic, “channel-like" model, Thompson says, that resembles those deployed by vendors to sell commercial products and services. The channel for cybercrime pools resources to maximize reach by offering rewards and incentives for cybercriminals who work together. This includes bot herders who coordinate botnets through informal arrangements and others. This relatively new and disturbing phenomenon is a sign of industry maturity, not to mention bad news, says Thompson.