RSAC Insights: Ido Safruti, co-founder and CTO, PerimeterX
Updated: Feb 17
This is part of an ongoing executive guest blog series -- focused on top trends for RSAC 2020.
Ido Safruti, co-founder and CTO of PerimeterX
"This year at RSAC will likely be a microcosm for cybersecurity in 2020 as a whole. Due to the show’s focus on the human element of cybersecurity, companies will be highlighting the everyday impacts of cyberthreats on people like you and me, and how many aspects of protection can be made more human-friendly. For example, bots have become more efficient at solving CAPTCHAs than humans. These challenges are supposed to be hard for bots and easy for humans. In many cases, the opposite is true—these can fail to filter out bad actors and prevent the right traffic from flowing through websites. Machine learning will be taking a more active role this year in ensuring that web traffic is comprised of humans and not malicious bots—with integrated solutions that improve user engagement while keeping sites secure.
Protecting customer data will be a core issue as well. We’ve seen a new precedent established for customer data exfiltration through the propagation of digital skimming and Magecart attacks. Web application publishers need to not only protect against exfiltration of their customer data from the organization’s own databases but also against unauthorized modification of a company’s web properties or APIs. This modification is how Magecart and other digital skimming attacks operate. It is also how customers of Magecart victim British Airways had their personal information stolen when they tried to log into their accounts on legitimate websites and mobile apps operated by the airline. We expect that GDPR fines, such as the $230 million fine incurred by British Airways’ attack, will become all the more common as a result of Magecart’s spread. The California Consumer Privacy Act (CCPA) took effect in January 2020 as well, bearing strong regulations for consumer data protection and privacy in the US."
More information about PerimeterX:
PerimeterX is the leading provider of application security solutions that keep your business safe in the digital world. Delivered as a service, the company’s Bot Defender, Code Defender and Page Defender solutions detect risks to your web applications and proactively manage them, freeing you to focus on growth and innovation. The world’s largest and most reputable websites and mobile applications count on PerimeterX to safeguard their consumers’ digital experience.