Woz, Ransomware, and Cybersecurity…Oh, My! – Five Takeaways from Cybereason’s DEEP 2017
Located in the main ballroom of the Liberty Hotel, Cybereason’s DEEP conference is a collection of discussions and panels relating to all facets of cybersecurity.
Instead of focusing on their products, Cybereason Co-Founder and CEO, Lior Div wanted guests to experience a different side of this tech sector.
“We didn’t want to be another cybersecurity conference,” Div said. “'The world is operating differently,' I thought. 'Let’s not talk about us [Cybereason] and take a non-linear approach to the event.'”
“Most importantly, I want people to leave the conference saying, ‘Now I’m thinking differently about it the cybersecurity industry,'” he added.
The event featured speakers from the Boston tech scene, news outlets, and the United States government. The most prominent guest at the event was none other than Apple Co-Founder and Silicon Valley icon, Steve Wozniak.
“We are walking a fine line between product and depth,” said Cybereason Chief Security Officer, Sam Curry. “The number of guests we have lined up is remarkable.”
Every topic was not only relevant but actually dove, well, deep into the world of cybersecurity. Here are five takeaways we found to be the most prevalent and interesting.
The Five Takeaways from DEEP
1. Creativity is Key in Cybersecurity
One aspect of the conference the company wanted to promote was the idea of having creative solutions to cyber attacks. This was featured prominently in the first panel of the day.
Assaf Dahan, Cybereason Japan’s Director of Advanced Security Services, told a story about an infamous security breach. Dahan told the crowd the hackers keep coming up with different solutions, and his team had to think quickly and improvise a counter attack.
“At the end of the day,” Dahan addressed the crowd at the end of his presentation. “It’s people, not the product, that will save your company.”
2. IT vs InfoSec
Lauren Louthan, who works as a cybersecurity consultant, spoke about the importance of teamwork. A typical discussion for a conference, but Louthan spent time discussing how IT teams can sometimes come in conflict with one another.
“To IT teams, the InfoSec team can seem like low-rent mall cops,” Louthan joked to the crowd. For many attendees who aren’t familiar with cybersecurity, this sounds like news. She gave her own perspective on the situation detailing her time spent on both an IT team and an InfoSec team.
She proceeded to ask who in the crowd works in IT and InfoSec and discussed how to work better as a team.
3. “Patching is Important!”
Cybereason’s Principal Security Researcher Amit Serper told the story behind the WannaCry and NotPetya ransomware outbreaks. Serper came to the conclusion that, sometimes, it can be just one factor that leads to a problem like this one.
“If your database is running on legacy software, that can be your downfall,” Serper said. “All it takes is one leg to be running on that particular software for there to be an issue.”
Throughout his time on stage, Serper urged any current cybersecurity employees, as well as any computer user, to continuously patch their OS. He also mentioned how patching an enterprise software platform could do wonders for a business.
4. Lessons Learned from Government Officials
As mentioned above, several guests on stage have worked in government. Robert Bigman, who previously worked as the CISO for the CIA, spoke about how identifying types of data is more important than most companies realize.
“Out of the forty companies I have worked for, only a handful could identify their data,” Bigman said.
Assistant Undersecretary for Homeland Security Hans Olson discussed the importance of strengthening infrastructure with author Kim Zetter. Zetter asked questions involving Stuxnet-related attacks and how hardware can create physical attacks in the real world.
Eric Rosenbach, the former Chief of Staff to the Secretary of Defense, made an effort to get the crowd involved. Rosenbach detailed the infamous Sony Pictures hack during the winter of 2014 and asked members of the crowd to see what they would do in response to a cyber attack of this magnitude.
“I chose this case because it shows how a hack can escalate into something that becomes a national threat,” Rosenbach said. “These kinds of attacks will only continue to become more pronounced.”
5. Steve Wozniak and His Personal History with Technology
Steve Wozniak is a tech figure who needs no introduction, and the folks attending DEEP welcomed him to the stage. Ran Levi led the discussion that ranged from Woz’s in-depth interest of mathematics to the first time he learned about internal issues with computers.
“Back in the 70s, no one had even heard of computer viruses,” Apple’s Co-Founder said. “In the beginning, it was a non-issue and was difficult to understand.”
One topic of interest was Woz’s opinion on AI and robotics. “In theory, a computer can learn how to make a cup of coffee for someone. It’ll happen if someone makes it their goal in life. [Isaac] Asimov had his law of robotics where ‘No robot shall harm a human being,’” he said. “Woz’s Law of Robotics is ‘No human shall harm a thinking robot.’"
Throughout the discussion, Woz told a few anecdotes, including how he fooled the Secret Service with a fake ID and how he used to program in his spare time; which in turn, resulted in his extensive knowledge of computers and technology. He finished the panel with some inspiring words.
“If you’ve noticed, I like to have fun,” Woz said. “Happiness is how I’m going to judge my life, not by accomplishments.”