It’s not a sponsored post, however I’m thankful to FireEye for assisting me with getting to the event. The conference details can be seen on CDS official page.
The topic of attacks coming from specific state actors such as Russia, Iran, North Korea and China has resonated through every session and keynote that I attended.
Being born in Russia I must say it deeply confuses me – where all those talented hackers are coming from – basically if you’re a talented software developer in Russia – (a) you avoid going to military service by being accepted in one of the top Russian universities and (b) on the day you graduate – you move to Redmond, WA or one of other software giant’s HQs. According to all data collected and demonstrated during the event those hackers work for Russian military – unless they are kept in jail (read the story of Russian Space program chief architect Sergei Korolev who was imprisoned for the most of his active career) or blackmailed by some way or brainwashed – I have no explanation where the human resources for such attacks are coming from.
Also first ever public presentation of NSA was interesting – NSA is building a new facility and it would be great to know how it compares to Apple new HQ? Another very interesting fact that NSA shared – they haven’t seen any fundamentally new attacks in last two years – everything is done using kits and code that previously has been used.
Every time being at security conference I feel that it’s extremely difficult to look at things and stay reasonable not paranoid. One of statements I’ve heard that one of the world largest pharmaceutical manufacture would cut off any electronic communications with their Ukrainian branch for several days as they are getting intelligence of possible attacks. It’s still not clear if it’s called being too cautious or reasonably careful?
Technology wise – I definitely inspired to look at FireEye HELIX platform that collects logs from multiple third-party devices and correlates them in FireEye hosted cloud. As it seems to be one of the biggest problems in security operations these days – too many point solutions, too many consoles and dashboards. If all such data can be aggregated, analyzed and correlated – it can be a really valuable business proposition. if I have an opportunity to test solution then with certainty you will be able to read my detailed report.
Finally, it was the most dressed-up IT Conference I ever attended – someone explained to me that it comes from doing business in Washington, DC. Still it made me feel uncomfortable being dressed in jeans and runners. Also it was the smallest convention I ever traveled too – and it was very valuable when you meet new people and then bump into them again to share your thoughts – priceless experience for building relationships!