1. KBA and NSA are shaping tech startups
General Keith B. Alexander, who retired as NSA Director in 2014, has become the founder and CEO of a new startup, Ironnet. During his RSA session this year, he talked about how to heal the wounds to the tech community and what gift he’d send Snowden if he were given the opportunity. For the tech community, he recommended classified briefings to get technology companies the facts. For Snowden, he said he would send him the oath, which was met with loud applause from the audience. Take a look at the FCW article here.
2. Breaches are happening, even during RSA
On the 2nd day of RSA, a major hotel chain notified their 18 million members via email that their accounts had been reset out of an abundance of caution. According to us at Shape, it seems possible, even likely, that account checkers had been used to hijack 200 accounts at the hotel chain. Take a look at the Shape blog post on account checkers.
3. Taking security up one level – to the Board
Everyone seemed to like and agree with what was said at the presentation, “A CISO’s Perspective on Talking to the Board about Cybersecurity”. See what WSJ wrote about it here.
4. Password management is hard
Shape’s own Zhiwei Li spoke about password managers, exposing several vulnerabilities (now plugged) and discussing which manager would be the best manager in various cases. Take a look at his presentation slides.
5. Botnets are alive and well despite takedowns
Botnets are alive and well, despite takedowns. The federal agencies behind the takeover of a major Zeus botnet (12 governments, 13 companies, 4 non-profits and 3 USG federal agencies) said the criminal enterprises have learned and adapted to build more sophisticated and evasive botnets. Check out the list of agencies involved on the RSA session summary page.
It was a great show for Shape Security. If you go to a lot of conferences, like we do, then we’ll be seeing you at Blackhat in Vegas, and again at RSA in San Francisco in 2016.