Cybersecurity industry facing AI, privacy and trust issues: RSA president
By Benjamin Cher March 4, 2016
- Privacy vs national security, the danger of setting precedents in Apple vs FBI
- Greatest challenge is alerting people to danger while cutting through hype
THE cybersecurity industry is now caught in a vice between national security and customer privacy, and trying to strike a balance has left many scratching their heads.
The ongoing tussle between Apple Inc and the US Federal Bureau of Investigation (FBI) is a case in point.
Conversations around privacy and trust, especially with regards to the Apple v FBI case, have massive implications for all industries, according to RSA president Amit Yoran (pic above).
“It has incredibly important implications to all industries because all industries rely on technology,” he told Digital News Asia (DNA) in an interview at the ongoing RSA Conference 2016 in San Francisco.
“I don’t think it’s a case of security versus privacy – I think the security industry is on the side of privacy and on the side of national security,” he added.
Apple is fighting a court order compelling it to provide technical assistance to the FBI in getting data out of the iPhone that belonged to Syed Ridzwan Farook, one of the shooters in the San Bernadino shooting.
The FBI is using the All Writs Act of 1789 to justify its request. Apple has refused to comply with the order, with chief executive officer Tim Cook saying, “The Government suggests this tool could only be used once, on one phone. But that’s simply not true.
“Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks – from restaurants and banks to stores and homes.
“No reasonable person would find that acceptable,” Cook said in an open letter to Apple customers explaining the company’s stand.
How this case plays out will set a precedent for future cases, with wide-ranging implications that would have an impact all over the world, RSA’s Yoran warned.
“It is incredibly important it plays out the right way – there are reasons why law enforcement wants to compel Apple to write software to get data for the FBI,” he said.
“I think it is a dangerous precedent – if you do it for this case, you are effectively compelling … Apple to write software just to hand something over, which is a very dangerous decision for the Government.
“Hopefully Apple will be successful in its appeal,” he added.
And if Apple loses its appeal, the wide-ranging implications that Cook and Yoran are warning about would only be negative, the latter argued.
“If you do this once for an iPhone, requests are going to come from other agencies compelling other companies to write software or weaken security, which is a very slippery slope,” said Yoran.
“This is especially so when you think about all the countries that Apple and other companies operate in – some of the governments might not be so friendly to human rights, and how should Apple respond then?” he added.
Cybercriminals are getting shadier and more sophisticated, organisations are becoming more vulnerable – all of which bodes well for the cybersecurity industry, which has been enjoying a boom of sorts in recent years.
But those ‘halcyon days’ are numbered, with Yoran believing that a shakedown is imminent, where only the most innovative and future-proof companies will survive.
“There is a lot of confusion and near-chaos in the security industry – part of it is because of the challenges customers are facing, and the billions of dollars being spent inefficiently.
“And there is an opportunity to displace those dollars with new technologies, new approaches, and new solutions,” he said.
Venture capitalists seeking to tap the cybersecurity industry growth have not helped matters either, Yoran argued.
“Because of the ‘frothiness’ of venture capital markets over the past few years on security investments, so many ideas that were not strong business ideas or not necessarily great technologies got funding,” he accused.
But it became a different matter in the last few months, when financial markets became increasingly volatile and startups started securing ‘down rounds,’ pointing towards a market shakedown.
“Investments from the venture capital community are significantly down, venture rounds and follow-on investments have lower valuations than Series A rounds did in 2015,” said Yoran.
“I think we are facing a market shakedown, in part because the market was over-funded from a venture capital perspective and in part because customers are confused and they don’t want to have to deal with 32 vendors.
“Customers are saying, ‘When I partner with a security vendor, it is a relationship, a multi-year journey – I want to be more strategic with the partners I select’,” he added.
The coming shakedown will thin out the industry, with merger and acquisition (M&A) activity expected to rise, he ventured.
Machines meet the human factor
The use of machine learning and artificial intelligence (AI) for cybersecurity was discussed heavily at last year’s RSA Security Conference, but Yoran believes that this is the year they will really become a key focus.
However, challenges remain: The right kind of data is needed to churn out actionable results.
“The challenges that each one of these behavioural analytics and AI engines is one – you need the right data,” said Yoran.
“If you put garbage into the system, you can have the best data science module in the world but you’re still not going to get the best insights coming out of it, or you are going to miss things that are very important,” he added.
There is also the danger that companies may see AI and machine learning as silver bullets.
“Our industry loves to run to the next shiny object – we see AI and a particular type of solution, and we go, ‘Yeah, this is the answer.’
“But there is no one answer – we need to have visibility, we need to have a diverse set of approaches to view and find things more rapidly,” argued Yoran.
And shiny aside, the human factor needs to be considered as well: Machines follow predefined rules, but cybercriminals are all about breaking the rules.
“There are no definitive answers, no silver bullets in security,” said Yoran.
“There is also the other side of security which is increasingly becoming a best practice – the concept of creating teams of hunters, of taking analysts and giving them the tools and time to go out and find the significant incidents because you won’t see those in the firewall or intrusion detection systems,” he added.
The No 1 threat
And the No 1 threat in today’s increasingly vulnerable world is not fancy malware or state-sponsored hacker groups, it is plain old blissful ignorance.
“The biggest challenge is how do we reach more people faster, how do we raise awareness,” said Yoran.
“We can do more – there are new approaches, new technologies, new ways of organising your security team, new methods of operating and thinking that make you much more effective against the advanced threats we face today,” he added.
But his biggest fear is that people will remain unenlightened, choosing to ignore the reality of today’s cyber-environment.
“My biggest fear is that we don’t get people to wake up fast enough to change their behaviour and continue down the track we’re on,” said Yoran.
Benjamin Cher reporting from the RSA Security Conference in San Francisco, at the invitation of RSA. All editorials are independent.
The threat landscape runneth over, here’s what we need to do
Security industry needs to abandon fear and trepidation: RSA chief
Apple vs FBI: What you need to know
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.