STP’s Tech Team Attends InfoSecurity North America Event
Members of the STP Technology Team recently had the opportunity to attend the Infosecurity North America conference at the Javits Convention Center in New York City. This two-day event provided insights from security experts employed by a range of organizations in both the private and public sector.
Dave Hogue, Technical Director of the NSA’s Cybersecurity Threat Operations Center (NCTOC), discussed their efforts towards innovative cyber defense. The number one attack vector cited was email, where an older yet familiar technology is weaponized by spear phishing specific recipients with sophisticated forged content and malicious links or attachments. One important statistic cited: 93% of incidents are preventable with best practices. Patching was mentioned as the most critical method for preventing breaches.
With innovation as a goal, the NSA is looking to recruit individuals from many disciplines. Advanced technology such as Artificial Intelligence and Machine Learning are considered promising while understanding the problem to be solved is a critical first step. One useful area for AI/ML is alert automation to reduce the amount of noise for NSA analysts.
The Cloud Security Alliance provided an entire day’s track of presentations as part of their CSA Summit, including an expert panel on Cloud Vulnerabilities. Key takeaways:
- Consider what data you are putting in the cloud, and where it is located
- Talk to Developers – Identify those in charge of development & architecture and understand the tools
- Value your people – your teams are key to creating and maintaining a security culture
Evin Hernandez, Technical Product Manager for VMWare, gave an informative presentation on Zero Trust Security, a concept where all network traffic data is considered untrusted. Most internal networks and cloud implementations restrict access for Web Servers, App Servers, and RDBMS and NOSQL data storage systems to specific ports and sub-networks. Zero Trust goes a step further, restricting traffic between machines in specific zones. For example, web servers in a load balanced infrastructure should not have the need to communicate with each other. Each web/application server in turn can be restricted to communicate with specific data storage. Lastly, a demonstration of VMWare NSX illustrated network and security virtualization to implement this micro-segmentation approach to network security.
The STP Technology team was able to walk away with new ideas while reinforcing our confidence in the best practices we use to secure our infrastructure and train our staff. We are looking forward to attending more security conferences in 2019 to monitor industry best practices and benefit our customers.