Booz Allen’s Brad Medairy Shares Cyber Insights at RSA Conference 2019
How is our critical infrastructure becoming more vulnerable to cyber attacks, and what are government and commercial IT leaders doing to stay ahead of threats?
On March 4-8, RSA Conference 2019 brought together over 50,000 security professionals from around the world to talk about cyber threats, trends, and more. From the RSA show floor, Booz Allen Executive Vice President Brad Medairy shared his insights with Jeff Frick, general manager of SiliconANGLE Media, Inc. during an episode of theCUBE. Highlights follow.
Escalating detection and coordination
As “black swan events”—unanticipated attacks from unanticipated vectors—catch people off guard, organizations have been stepping up their cybersecurity. Medairy described how they use threat intelligence to tune and tailor their security operations and integrate tools and technologies from the environment into their processes.
Organizations are also escalating their efforts to work together across departments. Medairy cited his work with Internet of Things (IoT) security. “When we first started, there was a big vocabulary mismatch. You had chief information security officers talking about threat actors and vectors, and then you had heads of manufacturing talking about uptime, availability, and reliability. And they were talking past each other.”
“Now we’re at a turning point where both communities are coming together to recognize that this is a real threat to the survival of their organization and that they’ve got to work together to protect their IoT environment.”
Safeguarding industrial IoT
IoT security—specifically “IoT devices broadening state-run espionage operations”— ranked second among Booz Allen’s Top Cyber Threats for 2019. At the conference, Medairy walked Frick through the vulnerabilities of industrial IoT, or operational technology (OT).
Frick cited devices like turbines, hospital monitors, and military equipment that might not be designed to be connected.
Medairy agreed. “We talk about manufacturing but think about utilities, the power grid, building control systems.” He recalled asking an IT executive about their organization’s biggest hurdle. “I thought they’d talk about their mission control system. They’re biggest challenge is their HVAC.”
At a data center, for instance, an outage of merely 60 seconds can start shutting things down. Complicating things even more, Medairy said, is the fact that many of these systems run on legacy technologies—like 1990s era Windows NT.
Minding “the cyber seams”
“Expanding attack surfaces” was another of Booz Allen’s top cyber threats for 2019. “Adversaries live in the seams,” said Medairy.
As organizations store data in multiple clouds and adopt multiple software as a service (SaaS) applications, this attack surface is not only expanding, it’s “creating a whole lot of seams,” in Frick’s words.
“With hybrid cloud, SaaS, OT, IoT and more, the problem’s getting much more complex,” Medairy said.