Article

Rick McElroy
Rick McElroy 9 May 2018
Categories Technology

It’s good to talk: key takeaways from RSA conference 2018

The RSA Conference is an intense experience but - just like with endpoint security - once you analyse all the unfiltered data coming at you, you get a great insight into where security is headed and what your priorities as a network defender should be. What were the key themes and what should we be expecting over the next 12 months?

Every year the cybersecurity community gathers to share its collective wisdom on the threats we face and the innovative ways that we’re trying to get ahead of them. So now that we’re coming down off the high of spending five days with 40,000 people who live and breathe security, what were the key themes and what should we be expecting over the next 12 months?

First is an observation about the way the sector is maturing. Back in the early days, and for a long time after that, security people were paid to not take risks. They were expected to operate as cautiously possible. That’s just not feasible any more. The pace of change in attack types, vectors, and volumes, plus the demands of users, means that if we’re going to have any chance of success, we need to start acting more like our adversaries and being more aggressive in our posture. This was reflected in the approach of vendors on the conference floor as they showcased the latest technology to detect and mitigate attacks. They were getting a good reception from defenders who realise that they need to start moving at the same pace as their foes – no more signatures sitting on endpoints but instead far more dynamic real time threat handling and analysis. Much of this is enabled through the way we’re using the cloud, but bear in mind that our opponents are using cloud too. We have seen a “generational advance” in the scale and sophistication of the attacks we’re facing; at this year’s conference it felt as though we were finally beginning to adapt to this new normal.

Speaking of the new normal: Next-generation AV

Often, when you STOP hearing about something at RSA Conference, that’s because people have finished talking about it and started doing it. This was the case this year with NGAV. The discussion is over, organisations are getting down to deploying and fine-tuning NGAV to protect their business. My bet is that next year it’ll be cloud-native security that has passed the RSA Conference test and is firmly on the deployment schedule.

GDPR: Readiness depends on who you are

The pendulum of the security industry has a tendency to swing back and forth between security and compliance. For the past couple of years, with cyberattacks grabbing the headlines, it has been the security side that has been in the ascendant. However, the big beast of GDPR is making its presence felt and we heard a lot of talk about the challenges of compliance and companies offering their solutions. The overall feel was that larger companies – who let’s face it have more at stake from regulatory fines – are getting their internal processes in order, but smaller companies don’t really know what’s coming.

All about cloud

It’s not surprising that one of the key themes of this year’s conference was the cloud, how changes in architecture as we move towards infrastructure as a service will impact security and how we need to plan for that. There were a lot of companies talking about their offerings, and Carbon Black was among them with our Predictive Security Cloud, which leverages the power of the cloud to collect and analyse all of the data coming off endpoints to predict and protect from malicious activity, even if it’s an attack strategy that has not been seen before.

Machine Learning and AI

Machine learning and AI were another big theme and there was a lot of discussion looking at how this has the potential to change the way that we look at security and exploring how advanced algorithms and mathematics are impacting security as we know it.

Linked to this is security orchestration automation and response (SOAR). This is evolving in response to the recognition that we have a skills gap in the industry. It’s hard to get the skills we need to fill all the positions we’d like in our teams, so we’ve got to get better at allowing machines to shoulder some of the work. Organisations are starting to do some serious research into how they can use automation to lift some of the burden and achieve more.

International cybersecurity – we’re all in it together

At the conference we heard that the US government is constantly battling nation state attacks. This was echoed on this side of the pond in the recent speech by Director of GCHQ Jeremy Fleming, who told the CyberUK Conference: “hostile nation states are rapidly building and enhancing their cybertools to stay ahead in the global race.” That speech was followed by an unprecedented joint announcement from the FBI and GCHQ confirming that Russia was preparing to launch attacks against critical network infrastructure in both countries. That joint announcement underlined that we need to work collaboratively to counter the level of threat we face.

To that end, Microsoft announced its “Tech Accord,” of which Carbon Black is a part. This is an initiative that calls for a “Digital Geneva Accord” to protect customers and users from cyberattacks. It subsequently calls for greater partnerships within the industry as a whole. Carbon Black has signed up for this initiative and it emphasises something that veteran analyst Mike Rothman, of Securosis, said in a recent webinar: “The bad guys are talking to each other all the time, so should we be. As a SecOps professional you’ve got a million guys out there trying to break you – you don’t want to be facing them on your own.”

That’s my biggest takeaway from RSA this year: it’s good to talk. However strongly our organisations might compete in the commercial world, we’re all up against a threat that we can’t handle individually. It’s only by sharing intelligence, strategy and technology that we’ll stand any chance whatsoever of winning this fight.

Eric Wertz
Eric Wertz

Not so bad at all

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more
7 reasons why social media marketing is important for your business

7 reasons why social media marketing is important for your business

Social media is quickly becoming one of the most important aspects of digital marketing, which provides incredible benefits that help reach millions of customers worldwide. And if you are not applying this profitable...

Sharron Nelson
Sharron Nelson 6 February 2018
Read more
Top 10 B2B Platforms to Help your Business Grow Worldwide

Top 10 B2B Platforms to Help your Business Grow Worldwide

Although the trend of a Business to Business portal is not new but the evolution of technology has indeed changed the way they function. Additional digital trading features and branding has taken the place of...

Salman Sharif
Salman Sharif 7 July 2017
Read more
Collection Of The Best Email Testing Tools Online

Collection Of The Best Email Testing Tools Online

Don’t be afraid of email testing. There are many free or freemium tools online that can help you with testing your SPAM score, deliverability and even the rendering of your email. We feature 30 email testing tools in...

Roland Pokornyik
Roland Pokornyik 31 October 2016
Read more
4 Important Digital Marketing Channels You Should Know About

4 Important Digital Marketing Channels You Should Know About

It goes without saying that a company can't do without digital marketing in today's world.

Digital Doughnut Contributor
Digital Doughnut Contributor 5 November 2014
Read more