Day 4 @ RSA Conference Asia Pacific & Japan 2016

09.00 – 09.45 hrs

Advanced Malware and the Cloud: The New Concept of 'Attack Fan-out'

Krishna Narayanaswamy，Chief Scientist, Netskope

The rapid rise in cloud adoption, of which organizations have underestimated the scope of by nearly 10x, has created a new effect: a 'cloud attack fan-out'. Between many connected devices, which increase attack surface, and capabilities like sync and share, which increase data velocity in the cloud, both the propensity for and the severity of breaches rise.

Cybercrime Collaboration--The Changing APAC Threat Landscape 

Etay Maor，    Executive Security Advisor, IBM Corporation

The security industry is lagging when it comes to collaboration! Cybercriminals worldwide are constantly sharing data and working together to make a profit. These efforts are manifested in the form of new threats. This session will dive into APAC-specific threats to explore the dark net and will analyze a recent malware campaign to see how criminals collaborate and target Asian entities. 

Cybersecurity Insurance: New Risks and New Challenges--Be Smart 

Mark Weatherford，Chief Cybersecurity Strategist, vArmour

The cybersecurity insurance market is exploding and while underwriters don't completely understand the risks involved, they and their insurance clients are boldly moving forward. This dynamic and interactive talk will explore how cybersecurity insurance could be the catalyst that finally incentivizes private companies to take security seriously by investing in people, process and technology. 

From Strategy to Tactics: Targeting and Protecting Privileged Accounts 

Lavi Lazarovitz，Cybersecurity Researcher, CyberArk Software (Singapore) Pte Ltd 

CyberArk Labs found that 88% of networks are significantly susceptible to compromise through privileged account credential theft or abuse. Neglected privileged passwords and SSH keys open up unnecessary attack surfaces causing vulnerabilities on networks. The high profile Bangladesh heist breach is just one example. Use this information to conceive your defence strategy and deploy best-in-practice tactics.

 

Security Implications of Using Blockchain Technology for More than Money 

Thomas Keenan，Professor, University of Calgary

While cryptocurrencies like Bitcoin are currently the main applications for blockchain technology, enthusiasts believe it can do much more, from keeping land title registries in Honduras to IoT apps like making your washer smarter. But can it do this securely, given cryptocurrency's checkered track record? This session will look at where blockchain technology is going and point out pitfalls to avoid. 

https://www.rsaconference.com/writable/presentations/file_upload/fle1-f01_security-implications-of-using-blockchain-technology-for-more-than-money.pdf

Thingbots: The Future of Botnets in the Internet of Things 

Paul Sabanal，Security Researcher, X-Force Advanced Research Team, IBM Corporation 

The age of the Internet of Things is upon us. With billions of devices connecting to the Internet in the coming years, targeting them has become more attractive. One threat that has started to emerge are botnets consisting of infected IoT devices, aka Thingbots. This talk will discuss the current state of Thingbots, then show how they could evolve and become a significant threat in the future.

https://www.rsaconference.com/writable/presentations/file_upload/gps2-f01_thingbots_the_future_of_botnets_in_the_internet_of_things.pdf

10.00 – 10.45 hrs

Data Science for Cybersecurity: How Can We Make It Work? 

Eyal Kolman，Senior Researcher, RSA

Although machine learning tools are commonly used in numerous applications, the big boom of advanced analytics in cybersecurity is yet to come. This session will cover the current paradigm for utilizing machine learning algorithms to solve cybersecurity problems, present some of the promises and challenges, compare different approaches and demonstrate concrete use cases over real data. 

https://www.rsaconference.com/writable/presentations/file_upload/sds1-f02_data-science-for-cyber-security-how-can-we-make-it-work.pdf

Eastern European Black Market Economy Trends

Alex Holden，Chief Information Security Officer, Hold Security, LLC

Eastern European cybercriminals are evolving. Their new schemes are getting more disruptive and harmful to businesses. This session will analyse the most effective attacks and monetization techniques. It is possible to disrupt these attacks and make your organization an unfeasible target. 

https://www.rsaconference.com/writable/presentations/file_upload/fle1-f02_eastern-european-black-market-economy-trends.pdf

I Am Divergent: EMDIVI's All Kinds of Attacks

Pearl Charlaine Espejo，Sr. Threat Analyst, Trend Micro

Join this session to understand the growing threat of EMDIVI, a Remote Access Trojan (RAT) that targets organizations mostly in Japan. Based on their observations into an EMDIVI campaign, the speakers will reveal insights into how the malware keeps improving, utilizing different ways to infect its targets. Learn the steps you can take to protect your organization from this RAT. 

https://www.rsaconference.com/writable/presentations/file_upload/tta1-f02_i-am-divergent-emdivis-all-kinds-of-attacks.pdf

Is the Tokenisation Framework Really Secure?

Thiago Musa，Director, Trustwave

Tokenisation is not a new concept even when it relates to Cardholder Data (CHD). The release of 'Apple Pay' raised attention to the new standard by EMVCo about Payment Tokenisation. From a security perspective, it removes the CHD not only from the merchants, but also from the acquirer and even from the cardholder, giving a new perspective and including the Token Service Provider. 

https://www.rsaconference.com/writable/presentations/file_upload/cmi1-f02_is_the_tokenisation_framework_really_secure_final_copy1.pdf

OS X Malware: Growth and Maturity

Jason Carpenter，Principal Security Consultant, Cylance

Malware grows in a standardized fashion. It starts off fairly simplistic, adding complexity as the battle between malware authors and endpoint protection grows. OS X malware is following this standard but at a much higher rate than seen before. This session will talk about parallels of malware history, the current state of OS X malware and what is likely to come next. 

The Path to Active Defense by Combining Deception Technologies with Analytics

Daniel Cooper，Head of Advanced Cyber Services, BT

Security analytics technologies are only as effective as the quality of the data that is ingested and the processing applied to it. With a long history of protecting the UK government and other Fortune 500 companies from cyberthreats, BT will share how indicators generated by deception technologies can be used in security analytics to deliver actionable intelligence. 

11.15 – 12.00 hrs

Behavioural Analytics--A Closer Look

Mike Huckaby，Vice President of Global Presales, RSA

User behaviour, entity and other variants of analytics are the hot topics in security today. With every new emerging technology comes the usual hype, and false hopes. This session will take a closer look at what behavioural analytics really is: how it came about, how it really works, the problems it can realistically solve and what the future holds.

https://www.rsaconference.com/writable/presentations/file_upload/gps2-f03_behavioural_analytics_a_closer_look_final_copy1.pdf

Encryption, Apple and Global Implications

Jeffrey Blatt，Of Counsel, Tilleke & Gibbins International

The attempt by the FBI to require Apple to hack its own iPhone is the latest attempt by a government to require access to encrypted data residing on a device and in the cloud. The Apple case, when considered with the U.S. v. Microsoft 'Outlook.com' appeal, represents a perfect storm that will determine the future of our businesses and expectations of privacy. 

https://www.rsaconference.com/writable/presentations/file_upload/cmi1-f03_encryption_apple_and_global_implications_final_copy1.pdf

Fighting 'Sophisticated' Attacks with Advanced Persistent Security 

Ira Winkler ，President, Secure Mentem

Any attack against significant organizations is labeled 'sophisticated' by default. The reality is that most of these attacks result from inadequate security programs. This review of recent notable incidents will highlight the root vulnerabilities and define an adaptive security strategy to prevent incidents, but more importantly to detect and respond to such incidents before loss can be realized. 

https://www.rsaconference.com/writable/presentations/file_upload/tta1-f03_fighting-sophisticated-attacks-with-advanced-persistent-security.pdf

这个思路比较认可。APT硬是被现在的商家炒成了新概念，搞的好像是全新技术。对于一般企业来说，花80%成本解决1%不到的攻击，不值得。况且如作者所说，大部分的APT都是因为企业内部一些基本安全没做好，比如弱口令、通用密码等，解决这些问题才是根本。何况，当前的APT工具也都是事后很久才能发现异常，等发现时数据已经泄露，意义就更不明显了。

The Need for Speed: Application Security in a DevOps World

John Dickson，Principal, Denim Group

This session will cover how organizations are applying application security in continuous integration / continuous deployment environments. With competitive forces driving faster software deployment schedules, security architects are implementing end-to-end automation and other strategies to ensure rapid software deployment does not leave security behind. 

https://www.rsaconference.com/writable/presentations/file_upload/sds1-f03_the-need-for-speed-application-security-in-a-devops-world_copy1.pdf

Web Attacks of Past, Present and Future

Michael Smith，Security CTO, Asia Pacific & Japan, Akamai Technology

As a service provider delivering and protecting roughly 30% of the world's web traffic, Akamai receives and responds to a huge amount of attacks. This session will share analysis of attack campaigns, tools and techniques that Akamai has seen--account takeover, watering-hole attacks, site scraping, vulnerability scanning and hijacking--and discuss basic protections that website owners can implement. 

https://www.rsaconference.com/writable/presentations/file_upload/gps1-f03_web_attacks_of_past_present_and_future_final.pdf

What Can We Do to Mitigate the Risk of Falling Victim to Ransomware? 

Masayoshi Someya，Senior Security Evangelist, Trend Micro

Whilst ransomware has been so successful in compromising businesses of all sizes, it is becoming more and more sophisticated. How are cybercriminals attacking businesses with ransomware? What can businesses do to mitigate the risk of falling victim? This session will look at ransomware's attack vectors and characteristics, and countermeasures that businesses can adopt. 

https://www.rsaconference.com/writable/presentations/file_upload/fle1-f03_what-can-we-do-to-mitigate-the-risk-of-falling-victim-to-ransomware.pdf

14.15 hrs

Beyond Traditional Security: The Latest Internet Security Practices of Alibaba 

Fang Chao，Director of Alibaba JAQ Security, Alibaba Inc.

With the tremendous development of mobile Internet, services such as e-business, e-bank, e-taxi, etc., are deeply steeped in our daily lives. This change has caused new security problems to emerge prominently, including false credit, false orders, etc., which cannot be dealt with using traditional security solutions. This session will share the best practice approaches toward Internet security at Alibaba.

阿里巴巴聚安全产品化输出

目前5.0版本提供了诸多功能，并针对金融、游戏等行业提供全套解决方案

Are You Ready for a Breach?

Glenn Gunara-Chen，Executive Director - Fraud Investigation & Dispute Services, EY 

Cybercrime is a growth industry where the returns are great and the risks are low. As such, cybercrime has become the 'new normal' where EY have observed that the 'protect and control' mentality is no longer sufficient. In order to adequately address cyber-breaches, it is necessary for organizations to develop a strong, centralized response framework as part of the enterprise risk management strategy. 

假设企业已经被攻陷，怎么办？

作者认为组织应该建立更强大的中央响应框架（centralized response framework)

The Effects of the Digital Age

Sir Bob Geldof，Musician, Businessman

Sir Bob Geldof, winner of the Nobel Man of Peace Award, will discuss the intersection of our digital world with sustainability, resources and political instability. Learn how social media is being used to gain rebel support, how high-frequency commodities trading impacts the world and how young people live in a highly connected but non-physical world as well as global security and current geopolitical threats. 

来自为知笔记(Wiz)

附件列表