From London to San Francisco, Innovation and Cybersecurity Top the Agenda
Over the past week, I have had the good fortune to travel to London to meet with clients, and then spend some time in San Francisco at RSA. It is always enlightening to experience different parts of the world and capture the common and sometimes diverging trends, and today I want to share with you what I saw and heard.
Living on the West Coast, it is all too easy to view Silicon Valley as the global hub of technology innovation. In many ways it is, but focusing exclusively on Silicon Valley does a disservice to the incredible innovation happening elsewhere around the world.
And that’s what I found in London, where there is some incredibly creative talent. When it comes to legal technology and fintech, I saw examples of innovation that have barely even registered in US. For example, I learned the UK Ministry of Justice is leading an ambitious, multi-million-pound initiative to completely modernize and digitize courtrooms which will enable electronic information sharing across the entire criminal justice system and establish digital case files for every case.
I also saw a very focused effort on the part of businesses to mitigate cybersecurity threats in the UK, which, of course is a global financial hub and an especially inviting target. Professor Richard Benham, chairman of the National Cyber Management Centre, recently predicted that a major bank will fail as a result of a cyberattack in 2017. And there already have been a number of high-profile hacks in the UK, including the theft of £2.5m from Tesco Bank customers in November 2016.
Lastly, Brexit was of course a hot topic of conversation with almost everyone I met. I heard plenty of opinions both for and against – again, a good reminder that the best way to cut through social media hyperbole is to engage with real people, in real conversations. Top of mind for many UK businesses around Brexit is the potential regulatory impact when the UK formally breaks ties with the EU. Right now, there appears to be a great deal of confusion over which existing regulatory standards will still apply and which will be overhauled or eliminated. Business continues to thrive, however, even with all the uncertainty.
When I came back to the US, my first port of call was the Bay Area and the annual RSA conference, an event that seemed particularly packed this year. Much like companies in the UK, many US companies have put cybersecurity back on the top of the agenda, but this time it’s not just because of the ongoing revelations of high-profile hacks. There is growing awareness that the world is connected more than ever before, and this presents further opportunities for hackers. A prominent example is the so-called Internet of Things (IoT), which opens up networks to a growing number of “authorized devices” that can and will inevitably be exploited for nefarious ends.
While the usual big names in security were present, and advanced versions of tried-and-true technologies, like firewalls, were in evidence on the floor, it was interesting to note the number of new companies entering the market with radically new approaches to cybersecurity challenges. For example, a number of companies offered products and services designed to secure the application/software coding process. Others offered solutions that focus on a more data-centric approach to security.
User behavior analytics (UBA) also appears to be a hot topic and the focus of innovation. Insider threats account for a significant portion of data breaches and traditional perimeter defenses are rarely well-equipped to stop them. UBA offers a promising approach to insider threats, using data analytics to perform real-time monitoring and analysis of data and activity logging. UBA combines powerful computer systems, advanced applied mathematical models, and business and behavioral intelligence to analyze data, detect anomalous activity and alert security teams to issues that may warrant a fast response. It can also help security professionals intelligently prioritize potential threats and mitigation tactics. The potential for this technology on the cybercrime front appears to be enormous.
Learning about these exciting new approaches to a pernicious problem was especially gratifying given my experience at Legalweek a few weeks ago where artificial intelligence (AI) and data analytics were clearly the buzzwords of the conference and are giving rise to the novel idea of “data-driven lawyering.”
While it’s not exactly surprising that many of the latest security products that I saw on the floor at RSA already have also incorporated AI, machine-learning or similar technologies that use applied mathematics and sophisticated analytics to generate meaningful and actionable insight from large bodies of data, observing the convergence of such approaches in very different industries and professional cultures validated the impression that I’ve had for a while now – that we may be watching the early stages of a new technological transformation. Stay tuned.