We’re just starting to recover, which means its time to reflect on what happened this year, what we learned, and where we go from here.
1. Security Has A Long Way To Go
Many RSA attendees felt there was a “pall of darkness” over this year’s event. There was certainly some literal darkness, with Amit Yoran’s opening keynote. But more than that, it seemed like everyone was talking about the ways that security has failed over the past year. At the 451 Research Breakfast, Research Director Wendy Nather asked why we in the security community are celebrating when we’re not doing a very good job?
2. Breaches Are Only the Beginning
2014 may have been the year of the mega breach, but 2015 is the year that we start seeing the wide-ranging effects of all these breaches. In Wednesday’s “Gumshoes Part Deux” session, security journalists, including Brian Krebs, discussed their reporting on data breaches, and the need for more threat intelligence across enterprises. “Failure to share information in a timely way causes a lot of problems” noted Krebs.
Pindrop has been monitoring the exploitation of breach channel in the call center, where data acquired from a breach (names, addresses, SSN, health records, etc.) is used to mount further cross-enterprise attacks. Krebs has used the Home Depot breach as a great example of this. Fraudsters bought Home Depot’s information on the black market, then used it in social engineering attacks on several bank call centers.
3. Know Your Enemy, But Also Know Your Customer
In the Pindrop booth, we found ourselves discussing how to verify authenticity as much as how to detect fraudsters. The focus is on streamlining the verification process, both in terms of call time reduction making the process less visible for customers – the intersection between security/fraud and customer experience. Check out our authentication presentation on Slideshare for more information.
So a good time and a productive time had by all – see you next year!
Written by: Mike Yang
- 05.01.15
Recent Posts
- Evaluating Your Defense Strategy Against Deepfakes: Top 4 Factors to Prioritize
- Unmatched Performance: Pindrop’s Liveness Detection and the Waterloo Study
- Exposing the Truth About Zero-Day Deepfake Attacks: Meta’s Voicebox Case Study
- IVR/IVA Authentication Methods
- Real-time Deepfake Detection of Senator Bluementhal’s Remarks at AI Committee