Security Summit 2015 Recap
Last week, Neustar hosted our first-ever annual Security Summit—and it was a resounding success! Taking place in San Francisco’s Marriot Marquis, the summit gathered 120 professionals from all aspects of security in the information technology sector. In all, it was an eye-opening and informative opportunity for everyone involved to learn about the current state of cyber warfare and how to be prepared against its inevitable impacts.
Following are some highlights from sessions of the summit.
DDoS Truths & Trends
Neustar’s Chief Information and Security Officer, Mark Tonneson and Director of Product Marketing in IT/Security, Margee Abrams together discussed the current landscape of DDoS attacks. Using survey data gathered for Neustar’s recently released 2015 DDoS Attacks and Protection report, Margee and Mark highlighted some compelling findings on who's attacking which companies and why; what new tactics are being used; why firewalls and other old-school defenses are increasingly ineffective; and how much attacks are costing businesses.
Citing key findings on DDoS attacks from this year’s survey, Margee discussed the increasing prevalence and efficacy of hybrid approaches to protection. This trend further validates the stark reality that a DDoS attack on any single company is only a matter of time—but that a hybrid approach to protection creates a series of barriers that collectively mitigate the impact of such an attack. On what was most surprising about the findings of this year’s report, Margee pointed to “the sheer impact of a cyberattack on a company’s brand,” highlighting that a single breach can devastate the work that a company’s CMOs works for years to build. The take away: security is no longer simply an “IT-only” concern.
DDoS Mitigation Demonstration
Neustar Security Operations Center (SOC) Manager, Kevin Uhl, and Information Security Engineer, Andrew Elliot together presented a live demonstration of an actual DDoS attack and showed the steps that Neustar SOC staff would typically take to mitigate it. It was a unique opportunity for audience members to witness the overall strategy and quick-thinking tactics entailed in minimizing the damage of an attack—all in real time. Although without quite the Hollywood glamour portrayed in movies like War Games or The Net, the online demonstration was certainly an enthralling rendition of what often amounts to a cat-and-mouse game.
Customer Experience Panel
Neustar Product Marketing Manager in IT/Security, Joe Loveless graciously facilitated a panel of security experts representing four Neustar customers: Joan Pepin of Sumo Logic, Chris Haag of Agari, Andrew Tang of BlueCava, and Jeff Bull of Redwood Credit Union. It certainly made for a lively discussion to hear both the differences and commonalities in their professional perspectives:
- How they deal with ever-present online security threats
- Which measures they take to protect their online businesses
- What challenges they are facing in the security industry
- How they continue to stay one step ahead of the bad guys
The Art of Deception: How Hackers and Con Artists Manipulate You
Keynote speaker—and once the FBI’s most wanted hacker—Kevin Mitnick drove home what was perhaps the most compelling message of the summit: People are the weakest security link. Through several colorful anecdotes and engaging demonstrations, Kevin explained how easily people can be influenced into unknowingly helping hackers to break into their organization's computers. Manipulating others into handing over the keys to the kingdom, as it were, is apparently far easier than you might expect.
Kevin entertained and educated the audience by performing his "live technology magic show" of the latest hacking techniques. The point he drove home was that security technology, no matter how sophisticated and robust, is completely ineffective against a motivated hacker using a technique called "social engineering." Commonly used by hackers and con artists, social engineering takes full advantage of our human tendency to trust others. As Kevin illustrated at numerous points throughout his presentation, in the context of personal and organizational security, trust is a significant weakness that can be easily exploited.
As the worldwide authority on social engineering, Kevin constantly improves and updates this highly acclaimed "security awareness" presentation with the latest threats and risks that most people don't even know exist. Leveraging that knowledge and experience, he did an impressive job at engaging the audience on how to detect attempts at manipulation and take steps to protect our organizations and ourselves.
The Relevance of Government for CyberSecurity Intelligence
In this compelling last session of the summit, Senior Vice-President and Fellow at Neustar, Rodney Joffe discussed the increasing irrelevance of the U.S. government’s “classified” cyber threat information. Referencing his experience as a cybersecurity adviser to the White House, Rodney discussed the reason for the dwindling role of the government in this area: many commercial companies are using their cumulative technical sophistication to develop and rapidly build a trove of cybersecurity intelligence on their own. In short, the locus of control over this information is increasingly in the hands of those who develop cybersecurity technology—with some very intriguing implications.
With his closing remarks, Neustar Senior Vice President of Sales for IT/Security wrapped up the summit, which after a full day of talk on cybersecurity threats, got everyone in the mood to unwind. Even the most staunchly security-minded attendees let loose during the final networking event at The View lounge. On the top floor of the Marriot Marquis, the venue greeted everyone with—you guessed it—a breathtaking view of the City by the Bay. It was the perfect end to an information-packed day.
Hats off to Angela Culver, VP of Brand and Corporate Marketing, and her Creative and Events teams for superbly executing Neustar's first annual Security Summit!