Halfpoint - Fotolia
In this week's Risk & Repeat podcast, SearchSecurity editors discuss some of the major themes and debates from RSA Conference, from hacking back to GDPR compliance.
The prospect of hacking back against foreign adversaries and how it could affect the relationship between the public and private sector were just two of the major topics at this year's RSA Conference.
A number of speakers and experts tackled the concept of hacking back, or offensive cybersecurity measures, and thje potential benefits and drawbacks of that approach during the conference. Microsoft President Brad Smith, for example, said during his RSA keynote that the newly formed Cybersecurity Tech Accord wouldn't get involved in offensive cyberattacks.
However, Department of Homeland Security Secretary Kirstjen Nielsen said during her keynote that the U.S. needs to start "identifying and punishing" its cyber adversaries, and a panel of experts suggested different ways to successfully hack back against attackers.
Other major topics at RSA Conference 2018 included the upcoming enforcement of the European Union's General Data Protection Rule (GDPR) and how it will affect enterprise security and privacy measures; the effectiveness of bug bounties and vulnerability disclosure programs; and the relevance of major vulnerabilities, like Meltdown and Spectre.
Will private infosec companies engage in offensive cyberattacks on behalf of the government? What will GDPR's effect on WHOIS mean for cybersecurity investments? Is cyber attribution becoming less relevant for enterprises today? SearchSecurity editors Rob Wright and Peter Loshin discuss those questions and more in part one of Risk & Repeat's recap of RSA Conference 2018.