Conference Coverage

RSA 2017: Special conference coverage

Reporting and analysis from IT events
News Stay informed about the latest enterprise technology news and product updates.

Microsoft: Nation-state cyberattacks have changed the security game

Microsoft's Brad Smith spoke at RSA Conference 2017 about the effects of nation-state cyberattacks and what businesses and governments can do about them.

There are plenty of issues and complicating factors influencing cybersecurity, but Brad Smith, Microsoft president...

and chief legal officer, believes that one problem overrides all others.

"I think we should come together and reflect on one thing," Smith said during his RSA Conference 2017 keynote Tuesday morning. "There's one thing that has clearly made this situation more challenging -- that is the entry of more nation-state attacks."

In his keynote speech, titled "Protecting and Defending against Cyberthreats in Uncertain Times," Smith focused on the increased threat of nation-state cyberattacks and hacking, which has quickly become a reoccurring theme at this year's conference. Smith cited a number of recent nation-state cyberattacks, including attacks on power grids in Europe as well as the Sony Pictures Entertainment hack, which he said was a "turning point" for such attacks because it showed that commercial enterprises and civilians could be affected.

"We've seen these [attacks] burst into the news in terms of geopolitical controversies," Smith said, citing the phishing attack on Clinton campaign chair John Podesta. "Let's face it -- cyberspace is the new battlefield."

And unfortunately, Smith said, these developments have put the information security on the front lines. "It puts you in a different position," he told the audience, "because when it comes to these attacks in cyberspace, we not only are the plane of battle, we are the world's first responders. Instead of nation-state attacks being met by responses from other nation states, they're being met by us."

Because nation-state cyberattacks have targeted commercial enterprises and civilians, Smith encouraged the creation of something similar to the Geneva Convention for cyberattacks. "For over two thirds of a century, the world's governments have been committed to protecting civilians in times of war," he said. "But when it comes to cyberattacks, nation-state hacking has evolved into attacks on civilians in times of peace."

Smith described some recent efforts at Microsoft to mitigate nation-state cyberattacks, including the seizure of fake domains created by state-sponsored hacking groups, but he said the problem requires the world's governments and industry leaders coming together to find solutions. To that end, he also advocated the creation of a public-private consortium of the "best and brightest" in government and the technology industry to address the increased threats of nation-state cyberattacks.

"We are far away from declaring victory," he said. "We are going to need to do more, and we are going to need to do more together if we're going to address this problem effectively."

Smith also said the solution will require the technology industry as a whole to act fairly and impartially in order to "retain the world's trust" and not be seen as extensions of governments with agendas.

"Even in an age of rising nationalism, we need to be a digital Switzerland," Smith said. "We need to make clear that there are certain principles for which we stand. We need to be clear that we will assist and protect customers everywhere. That is what we do, regardless of the country from which we come. We need to be clear that we will not aid in attacking customers anywhere, regardless of the government that may ask us to do so."

Next Steps

Learn about the increase in IAM security in response to nation-state attacks

Find out how cloud-based systems and network-connected devices threaten security

Read about the Fancy Bear threat group's ties to the Russian government

PRO+

Content

Find more PRO+ content and other member only offers, here.

Conference Coverage

RSA 2017: Special conference coverage

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How have nation-state attacks affected your organization?
Cancel
With new innovations come a wide array of threats to these discoveries sometimes it takes adding more emphasis on hiring individuals with similarities in certain areas to enhance or broaden the overall horizon of this issue. Hacking has become more prevalent in today's society we need to combat the problem with experienced IT Personnel; although some organizations are hiring more needs to be done. For example when Bank of America or either JP Morgan Chase gets breached significantly what happens consumer confidence is diminished with both companies. Furthermore jobs are lost revenues or earnings go down investigations are started by the Federal Government making sure all laws were followed. Meanwhile sometimes bright new ideas coming from new hires can be actually just what your organization needs especially with growing new concerns about the Cloud Infrastructure and the Hackers who are trying desperately to gain information by whatever means necessary. Profits are nice but; to me security is paramount because; without it then it means your foundation is standing on shaky ground.

Sincerely,

Mr. Darren P. Green  
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close