Last week San Francisco’s Moscone Center hosted the world’s largest professional meeting on ICT security. More than 45,000 expert and visitors attended the RSA Conference 2018 to learn about new policies, practices, advances and technological solutions that are being developed to deal with current challenges facing the sector and to anticipate future ones.
As it was not possible to do otherwise, in a continuous internalization process of its telecommunications technologies and solutions, Gradiant participated in this global reference event showing its technological innovations on security and cybersecurity for digital administration, eHealth, secure user authentication for banking and insurance services, among others. Our colleague Daniel Ramos, International Business Development Manager, went there to tell us about five cybersecurity trends everyone is talking about after RSA Conference 2018, even though he said that the main challenge will be “information privacy and intelligent threat management and visibility to solve security problems at the enterprise level”.
1. The relevance of Cloud services
Over the next few years the adoption of cloud-based services for running corporate applications will continue. While such tools bring great benefits to businesses, they will need effective solutions to manage their data securely because, if not configured properly they could expose their assets and those of their customers. With the growing adoption of containers (within a security model in DevOps we have already mentioned), it will be essential to manage this type of information well and protect it from any kind of attack. One of the most accessible alternatives may be solutions based on homomorphic encryption and hardware security modules (HSMs), such as BlackICE Connect, which allow operations in the cloud with encrypted data in the encrypted domain.
2. Improve security on IoT devices
If in previous years the main objective was to try to protect security holes in WIFI or Bluetooth networks, now the challenge is to deal with attacks on IoT devices (integrated in drones, critical infrastructures, vehicles, or household appliances for example). Suppliers will have to address these security issues directly from the conceptualization and design stage or risk serious commercial and legal problems. As for this issue Gradiant has been able to take advantage of its experience in embedded systems and wireless communications to apply this paradigm of IoT in cases of real use, in which security plays a very important role.
3. Phishing and third-party data management
In line with external threat protection, another constant in security trends will be managing the impact of fraudulent websites, theft of credentials, and how to deal with the risks involved in managing third-party data, something that already affects many organizations. Biometric authentication solutions are still very important, as they are also useful for combating other types of threats, such as phishing, using intelligence-based technologies. The Gradiant experience in facial recognition has allowed the development of techniques for the detection of phishing attacks, in addition to ensuring verification even when there are changes in appearance in front of the photo ID card or the person has aged. Both faceIDNN and selfie&sign incorporate these technological innovations, which Gradiant focuses on strong authentication and digital onboarding and KYC processes.
4. Data privacy debate
With the new EU General Data Protection Regulation (GDPR), organisations need to build a new management framework (together with a new organisational figure, the DPO) based on data governance that insists cybersecurity and privacy go hand-in-hand. In addition, with Facebook’s data privacy crisis in relation to Cambridge Analytics as a backdrop, this issue has opened a public debate on data privacy ethics that has even surpassed the doors of RSAC 2018. Gradiant continues to bet on its information processing technologies in a secure way in the encrypted domain to guarantee the privacy of the information even during its processing.
5. Ransomware proliferation
Online extortion is expected to continue to play a key role in the remainder of 2018. During the last few years, different malware types have shown the possibility of blocking entire networks and demanding a ransom to get their operations back up and running. These “enterprise ransomware” attacks are more likely to spread to small and medium-sized enterprises (which are often unprepared for them) and become a major trend among eCrime in 2018. Gradiant continues to be advanced in Machine Learning-based techniques for detecting malware in files. Thanks to these techniques, security analysts are reaching new heights that in many cases escape the classic techniques of general malware detection.