RSA Conference 2022. PHOTO: Cybercrime Magazine.

Scenes From The World’s Largest Cybersecurity Conference

Cybercrime Magazine and Secureworks In Real Life at RSAC 2022

David Braue

Melbourne, Australia – Jun. 23, 2022

After two years during which the COVID-19 pandemic forced security conferences to go virtual or be cancelled altogether, RSA 2022 was back in person this year with a vengeance — and Cybercrime Magazine was there to catch up with all the buzz.

This year’s conference was always going to be a big deal, with organizers noting that for many of the more than 20,000 registered attendees “this event could likely be the first large-scale physical conference they have attended in nearly two years.”

“That’s both exhilarating and a little trying all at once.”

No less trying was the sheer variety of ways to fill the event, which included over 350 sessions on 25 topics, presented by over 600 industry experts and featuring more than 400 industry exhibitors.

The opportunity to meet up with people face-to-face again was enough to convince Jeffrey Moore, chief product security officer with Dreger Medical, to return to the RSA conference after a 12-year absence.

“I was fed up with the sameness of it,” he told Cybercrime Magazine from the show floor. “There’s been no real security innovation in years, so now I’m just looking more at the security evolution that we’re having.”

A big fan of the event’s talks and technology demonstrations, Moore had been chatting with FBI representatives and examining a range of products as he looks for ways to improve the security of his company’s medical devices.

“Trying to put security into these devices is the hardest part,” he explained. “Looking at the leaders that have the possibility to be added to our products to help boost security for hospitals, while not messing with the essential performance of the device, is key for us.”

Talking with security companies and their founders “is always interesting,” Moore said, adding that “seeing people again — and friends again — is always important.”

RSA 2022’s real-life networking opportunities provided ample opportunity for catch-up — made even sweeter by the fact that years of work-from-home policies meant the conference was the first time many security technology users had even been in the same room with key partners for several years.

Despite the distance, however, a close working relationship with Secureworks had proven to be a lifeline for Collin College, a health science specialty college in McKinney, Texas, whose system security specialist Richard Salas lauded the “fantastic” relationship he had been able to maintain with crucial cybersecurity allies despite the disruption of the past few years.

“I’m really pleased with the direction that we’re headed,” Salas told Cybercrime Magazine, who was meeting with his relationship managers from Secureworks at RSA and noted their strong help in current projects to implement XDR functionality “and just add an extra layer of cybersecurity.”

That layer includes a team of cybersecurity specialists that have been working alongside the college’s IT and security staff to continuously audit potential security risks, such as unpatched vulnerabilities in critical assets that are prioritized based on their criticality.

“Having that accessible and the breakdown that they provide — [which says] here’s the issue, and this is what can happen if you don’t take care of it, and here’s the potential solution so go in there and fix it — it doesn’t get easier than that.”

“You can never be safe enough — but having Secureworks gives us a comfortable feeling. The more layers of defense the better, so we feel better protected.”

Walking the fine line

Yet for every company that has been proactive about its security, many others have found themselves cleaning up after a security breach — and struggling to navigate the complex maze of security remediation, corporate liability, legal consequences, regulatory risk, and more.

With so many RSA 2022 attendees having experienced ransomware attacks and other data breaches in recent years, many were sharing their experiences from the front lines of the cybercrime explosion that dogged businesses as they tried to navigate the complexity of the pandemic.

Attorney Justin Daniels — a corporate M&A and transactional attorney who works with law firm Baker Donaldson in Atlanta, Georgia — has seen incident response and ransomware handling comprise “a big part of my practice,” he told Cybercrime Magazine, with many companies struggling to clarify whether their attacks had actually resulted in data exfiltration.

Even after dealing with an incident, he said, many companies are still “on the fence as to whether there was data exfiltration [and whether they’re] going to have to give third-party breach notification that brings in the ‘rogue’s gallery of plaintiffs.’”

Given the importance of such a determination, Daniels said, he has been working closely with incident responders at companies like Secureworks — as well as with law-enforcement authorities — to trace the sequence of events involved in each breach and whether it passes the threshold to trigger notification of the breaches to third parties.

Avoiding the rogue’s gallery may be a tacit goal of security practice, but there are more immediate concerns for critical-infrastructure operators like satellite operator Iridium, which has been working with Secureworks to ensure the availability and integrity of its network of low-earth orbit (LEO) satellites, which cover the entirety of the Earth’s surface to support a broad range of communications needs.

To protect the satellites and supporting networks, Iridium has been relying on its partnership with Secureworks to stay ahead of the changes wrought by changes such as work-from-home policies.

“If one of the satellites are going to get affected or compromised, it’s going to happen through the ground,” a cybersecurity manager at the company told Cybercrime Magazine, “so the front line is really securing the end user.”

For all the protections around the network, he said, the preponderance of working-from-home users “are still browsing the web on their personal machine, which can then be used to pivot into an environment that we don’t want the bad guys into.”

To stay ahead of the curve, Iridium recently migrated from the Red Cloak endpoint security service to the next-generation Taegis XDR offering.

Having installed the Taegis agent “on all of our endpoints and most of our servers,” he continued, “now we’ve got the logs from our networking, servers and other solutions forwarding into Taegis — so we can get all those together and get a correlated view of what is happening in our environment.”

David Braue is an award-winning technology writer based in Melbourne, Australia.

Go here to read all of David’s Cybercrime Magazine articles.

About Secureworks

Secureworks is 100 percent focused on cybersecurity. In fact, it’s all we do. For nearly two decades, we’ve committed to fighting the adversaries in all their forms and ensuring that organizations like yours are protected.

Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improves your ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.