Intel & U.S. Embassy: Virtual Security Dinner in Copenhagen 16.9.2020

This is formal thanks to everybody who participated in Intel’s and US Embassy’s Virtual Security Dinner in Copenhagen. Included is a photo collage from the webinar on September 16th and summary of the conversations.

Lead-up

Intel and US Embassy started already in January 2020 to plan a traditional Danish CISO dinner. The location was set to be Ambassador’s residence in Rydhave, one of the most beautiful locations in the whole Nordics. Then pandemic changed the plans, many times actually.

Our choice of arrangements was to build an ad-hoc studio into a hotel suite. It was located in the 20th floor of Radisson Collection Royal Hotel near the railway station and Tivoli. We filmed the presenters with Copenhagen cityscape behind them. We also provided for a Vimeo stream for audience and dial in line for speakers, like in a traditional webinar. Also, we offered a physical reception in restaurant Maven which involved a separate registration.

U.S. Embassy keynotes

Her Excellency, Ambassador Carla Sands honored the event and provided some welcoming remarks to get the program started. She discussed cloud and its importance in the context of our recent change to teleworking. She also mentioned the Schrems II ruling and expressed confidence it is in everyone’s interest on both sides of the Atlantic to have a robust mechanism in place for cross-border data transfers. Lastly, Ambassador thanked all the IT security professionals who are committed to creating safe and secure online environments for all of us.

After that, I interviewed Greg Massa, Embassy’s legal attaché and FBI’s senior representative to the Nordics. I asked him first specifically on FBI’s role compared to the other U.S. security organizations, beyond what we all have seen on TV. As for cybersecurity, FBI is at the very center of the U.S. construct, being both a law enforcement and intelligence gathering agency. FBI comes in when there’s been a bang but also carries out investigations afterwards.

I asked Greg for some specifics on what had changed during the pandemic, and he mentioned two as having a meteoric rise – ransomware attacks and phishing emails. Low estimate is they have tripled in six months. He also gave interesting data points in that 80 percent of companies have experienced a cyberattack and that one in eight of them is successful. In Denmark, where there are some 300.000 companies, that makes 12500 attacks. Attribution is important, said Greg as a focus point for FBI.

The panel discussion

Schrems II

Riccardo Masucci works as Intel’s Global Director of Privacy Policy. The intention was to give another remote speaker from the Nordic the cue to talk about Schrems II ruling, but since we experienced a bad glitch (see “Errata”), it was Riccardo who discussed the topic.

As readers might know, Schrems II is the judgment by the Court of Justice of the European Union invalidating the so-called Privacy Shield agreement for data transfers between the U.S. and EU. Riccardo gave 5 takeaways for Schrems II:

1. Uncertainty around the existing legal tools such as the model clauses and binding corporate rules. This has increased the need for guidance by the data protection authorities (DPAs).
2. The ruling puts more burden and creates greater expectations on companies, to put in place technical and organizational measures as “additional safeguards” mentioned in the ruling.
3. Ruling sets alight global data flows in general. They are used in lifeblood services such as cybersecurity protection or fraud detection.
4. The ruling made clear law enforcement and intelligence agencies access to data is a complex issue, and it needs to be addressed.
5. Data localization is becoming a more and more alluring option, both worldwide and in Europe. We should strike a balance between contradicting ambitions.

AI for security

Next presenter was Marley Hasselbach from Darktrace. Darktrace provides cybersecurity sensory capability and remediation. While Darktrace is an important security-area partner for Intel in its own right, we wanted to specifically discuss the marriage of AI and security. Darktrace uses AI to understand what is normal in an organization, and based on that, the solution finds what is abnormal. Marley said since the threats are way more complex nowadays – they might come in via an IoT sensor and go after files in SaaS services. AI can be taught to make sense out of all that and more quickly.

Greg asked Marley if there was a common theme of weaknesses witnessed with customers. Email was seen to be in a sorry state - 94% of threats come via email. Emails are looked at and interpreted separately, message by message, and not by comparing what email the user usually receives and/or sends. Even if the workforce would have been trained not to generally click on malicious emails, in some circumstances, like in a hurry, they might. That is why it might make sense taking responsibility off users to put it into hands of AI.

Then we wanted to know if customers react somehow differently to a security solution which includes AI, and if they insist on some additional controls for that AI. Marley said to become a discussion topic only after Darktrace moved from mere detection to response. And yes, some customers apparently are concerned that AI does wrong decisions. Darktrace starts with an arrangement where solution requires human confirmation, and that there is kind of a dial to set what AI can do on its own.

An interesting thing was Darktrace has also introduced AI into investigation, meaning an AI based analyst. In this functionality, AI will not only notify the human team but would also investigate by correlating small abnormalities across the network. Next the company might take feeds from the endpoint protection and other sources, and channel them to this “bionic” Darktrace analyst. Cool!

Cloud, encryption, trust

Then Kalle Koivisto from Fortanix dialled in. Fortanix is a run-time encryption company offering technologies which often are alternatives to traditional Hardware Security Modules or HSMs, and in a cloud friendly way. An HSM would be an ultra secure hardware device specifically for storing secrets such as encryption keys. Fortanix customers include companies such as Adidas, Google, Paypal, Standard Chartered and, Intel. Intel is an investor, supplier and customer to Fortanix, the core of their technology being based in Intel’s SGX enclaves technology.

I asked Kalle on how he sees market demand for these technologies. He mentioned Adidas as an example where the activities had been around creating a hybrid arrangement and convenience for customer organization to move traditional HSM capacity to cloud. Kalle left us with an impression that this is a recurring theme, especially for big customers with legacy HSM environments.

I wanted to know if the gentlemen regarded encryption as something falling in the realm of basic IT skills. For Greg, in the law enforcement circles, it is. Marley said it’s interesting to witness how much unencrypted traffic that shouldn’t be there still takes place in organizations, and that files named “password” or “credentials” is not just an urban legend. Kalle took the view it should be, since it just takes a single person in an organization not adequately informed to create havoc.

Then we discussed trust towards cloud. Do customers trust cloud as such without additional controls? Kalle’s opinion was that big organizations with regulatory requirements such as banks generally they don’t. Marley said going to cloud is often a business deliverable which has preference, and Darktrace often helps IT teams to play catch up since the need is to go up there really quickly.

Another view on AI for security

Steven Kenny from Nordic security camera and cybersecurity company Axis Communications was then on air. Axis is one of Intel’s Nordic-specific security industry customers. Axis is a Swedish company, has offices in 50 countries and originally invented the IP video surveillance camera. The idea was to give audience two “AI in security” views, one from Darktrace and one from Axis. Steven works as an industry liaison, often presents and supports government organizations.

Around the Axis business case of AI, Steven said that Axis looks at AI as a business optimization vehicle, such as how does it help the people who operate the operational systems, what enhancements could it provide and how to improve the user experience. These aspects then make the systems more accurate as well. Secondly, to use AI after an anomaly has been detected and feeding necessary information to customer organization’s security apparatus.

Security tips for 2021

Final round of questions was a security tip for 2021 from each speaker:

1. Marley – embracing the dynamic workforce
2. Steven – supply chain due diligence
3. Kalle – go for the encryption and key management solutions
4. Riccardo – monitor how the public policies on data and security develop, there’s an opportunity for competitive advantage

Wrap-up - Intel’s Nordic specific contribution

In the Nordics it’s important to tell the audience what you specifically provide in this complex world. Also, presenting capabilities in the Nordics is important. I presented what’s that for us - the 4 pro bono strategy consulting sprints for cloud, AI, data and edge computing. We have a reference customer in Finland for the AI strategy sprint and we’re midst of delivering a cloud strategy for another one in the same manner. Sprints also include free of charge trainings for AI, data and cloud.

We are happy just to share our ideas developed for the sprints with end customers and service providers. Team has put a lot of effort into what good looks like for modern deliverables. Sprint deliverables can be a video, French playing cards or cartoons in customer livery, and we showed a glimpse of that.

The physical reception

Denmark had just the day before tightened the pandemic social distancing rules, to take effect on Thursday the same week. We still managed to gather five people and have a very lively conversation on IT and business. Restaurant Maven served us with warm snacks – you should go there and try the potato croquettes and wasabi salmon. It’s simply awesome!

Errata and apologies

Due to a quite awful technical problem with the connection for speakers, we couldn’t get all the remote speakers in. We missed two of the intended Nordic voices and the Intel keynote address (for which I provided a backup). This was such a crying shame, and I apologize and take full responsibility of this inconvenience.

For the dial in function, we used a bespoke software which would have allowed for much greater bit rate and hence better visual experience compared to typical tools such as MS Teams or Zoom. For some reason, the tool simply didn’t work that day. Also, we experienced intermittently disappearing headset sound, so some parts of the speakers’ voices weren’t recorded. Bummer. Still, in the room, everyone seemed to have enjoyed themselves.

Thank you and see you in the next virtual security event, in a Nordic capital near you!