Author: Wang Yanhua
At the RSA Conference 2018 Asia Pacific & Japan, which took place in Singapore on July, a seminar on blockchain was included for the first time. The RSA Conference is one of the most important information security events in the world–approximately 45,000 people attend one of the conferences each year.
Global security strategy director at Juniper Networks Laurence Pitt presented on emerging cryptocurrency scams and shared tips on how organisations and individuals can protect themselves during the blockchain seminar. Block Asia caught up with Pitt to find out more about his takeaways at the conference.
- How did RSA Conference benefit your company?
- The RSA Conference is a fantastic platform to engage with new and existing customers, share knowledge about emerging technologies and participate in discussions about today’s cybersecurity landscape.
- More importantly, it’s a great opportunity to reinforce Juniper’s brand presence and showcase our thought leadership and expertise within the security space.
- There was a lot of excitement at the Juniper Networks booth at this year’s RSA Conference, with attendees stopping by to learn more about our capabilities – through interactive booth presentations, and live product demonstrations which featured our security solutions.
- What did you learn from the event?
- There is continued focus on the Internet of Things as this continues to present security threats, also the importance of data protection and governance was highlighted alongside the recently implemented GDPR which is driving regulatory changes globally. Very interesting to me, however, was how much conversation was had around blockchain, crypto-currency and the growth of crypto-malware. I engaged in a number of conversations on this topic, which was very hot at RSA.
- A key takeaway is that we all need to be aware of the need to protect data – this is not just for multi-national companies, but also small businesses and individuals. Everyone has a role to play when it comes to cybersecurity and the responsibility is now on us to be critically aware of the kind of information we enter and where we enter the information. More importantly, we need to know who to talk to so that the data we are holding onto remains safe.
- How do you think blockchain can enhance cybersecurity?
- Blockchain is transparent by design, yet it inherently guarantees the integrity of data. As a distributed, decentralized ledger, blockchain contains data integrity and authenticity characteristics that can guarantee trust among untrusted parties as they conduct digital transactions. Each block is cryptographically tied to the previous block’s information. The data cannot be changed or removed once it’s in the blockchain—a key design characteristic that safeguards the data and audit trail.
- While blockchain can assure data authenticity and integrity, it is by no means a replacement for comprehensive network security. Furthermore, the fact that blockchain allows for anonymity in transactions makes it really attractive to the bad guys. Breaches can still occur if private keys for accessing the blockchain are compromised or stolen. At the end of the day, blockchain, like any other application, still requires secure underlying communications networks, reliable infrastructure, and end-to-end cloud orchestration. The best defense includes shifting toward a more holistic network security strategy where all elements of the network are involved in threat intelligence and remediation.
- What are some tips to protect ourselves from emerging crypto scams?
- For organizations, it is critical to establish a security baseline of normal, as this will make it simpler and faster to identify any deviation which may point to anomalous behavior. Leverage intelligence from the network and combine this with data-points of existing security solutions to give, this will enable the Security operation teams to find ways of pulling together data points and draw insights that they can apply to the business. For instance, looking at things happening from a chain of events rather than single points in time, and knowing how to report them back to the business. At Juniper, we look at leveraging intelligence from networks, especially since large amounts of information pass through the network to help organizations protect their critical network infrastructure.
- Companies also need to enforce a consistent security posture across environments, from on-premises infrastructure to cloud workloads. Junipers’ unified cybersecurity platform for instance, can transform a company’s network into a cyber-defense system that streamlines security operations to mitigate threats faster and more efficiently and detects hard-to-catch malware with threat behavior analysis.
- For smaller organizations, or those needing greater agility, leverage cloud-based technologies, such as cloud-based gateways and advanced threat solutions, as security measures. It is also worthwhile for them to invest time and money in professional services, as they can provide recommendations on what small businesses can do to better secure their networks.
- As individuals, we can protect against crypto scams by having strong passwords, enabling two-factor authentication and linking our personal identification numbers to our phones. We also need to have up-to-date, correct malware, and the right patches installed on our personal devices. Additionally, we can exercise caution by trusting our instinct – if we are on a website that offers something too good to be true, it probably is. At the end of the day, awareness is key and with the amount of information available, we should all know of the basic cybersecurity measures to protect ourselves.