RSAC 2019: Paving the Way for #BETTER Cyber Security in the Year Ahead
Every year, the RSA Conference (RSAC), held in San Francisco, provides a glimpse of the what lies ahead for the cybersecurity industry and this edition was no different. This makes RSAC a must attend event for cyber security professionals who have an unparalleled opportunity to learn about new trends, solutions and directions in which cyber security industry is so rapidly moving.
The motto for RSAC 2019 was a simple yet powerful one – #BETTER. This accurately captures the spirit of the event which helps organizations better understand the cybersecurity industry, threats and solutions and thus adopt better means of defense.
RSAC 2019 in a Nutshell
RSAC 2019 featured 700+ exhibitors and was attended by more than 42,500 visitors. With keynotes from industry veterans, CEOs and even movie stars, as well as over 700 sessions – ranging from product pitches to tales from the trenches – the event proved incredibly valuable not only for attendees and exhibitors, but also for the security community as a whole.
The rainy San Francisco week aside, we had plenty of positive developments and insights to share from the world’s biggest and the best cyber security conference!
This year, RSAC hosted more keynotes than ever before. Among these was the keynote by Nikesh Arora, CEO of Palo Alto Networks and Arista Networks CEO Jayshree Ullal on the secrets of a successful cloud journey; and the keynotes by Cisco executives, including Liz Centoni, SVP and General Manager for IoT, and Matt Watchinski, Vice President of the Global Threat Intelligence Group, that elaborated on the risks presented by Internet of Things (IoT) devices. Also deserving of mention was the keynote by Kyla Guru, a “Teenage Security Supergirl”, who runs a non-profit organization focused on cybersecurity awareness. It was a refreshing and motivating session that gave us a glimpse into what the younger generations expect and need from cyber security professionals and the community.
The RSAC Top Three
This year, it was abundantly clear that three main topics ruled the conference sessions and conversations around the convention, capturing the attention of attendees and exhibitors alike. These were:
All things SOC (Security Operations Center)
From sessions on open source tools that can assist organizations to achieve a certain level of security operations without “breaking the bank”, to sleek product demos by leading vendors, it was clear from day one that this was THE hot topic of the conference.
Cloud – from DevSecOps to Compliance and Zero-Trust in the Cloud
There is an emerging class of solutions that are “cloud born” and “cloud only” highlighting to us all that there is no way back. Utilization of cloud technology, in one form or the other will be unavoidable in the future as organizations look to gain or maintain a competitive advantage. Staying secure during the inevitable cloud journey is therefore of paramount importance.
OT (Operations Technology)
The world has finally woken up to the realization that we need to secure those PLC controllers in power plants, even though they have been there for over 20 years. A new breed of solutions is coming to the market, providing visibility into OT, enabling integration with security controls and bridging the gap between OT and IT, even to the point of running joint SOCs.
Furthermore, on the topic of all things SOC – throughout the RSA conference, one could see plenty of discussions around automation (SOAR), SIEM (best-of-breed SIEM, next gen SIEM, and easy-to-do SIEM), threat hunting using AI, threat intelligence, EDR (endpoint detection and response), UBA (User Behaviour Analytics) and more. All these dots connect and relate to how we can implement security in a better, more efficient, cost-effective and fully automated fashion. This topic was repeatedly discussed by vendors at the sessions and was reinforced by a live RSA Conference SOC operating on-site and by Alphabet, Google’s parent company, releasing their flagship cloud based SIEM Backstory.
One can clearly see that implementing the SOC the right way – choosing the right vendors, the right integrations and the matching services – will make the difference between staying secure and being continuously breached. The importance of the topic is further strengthened by the industry’s well documented lack of human resources which mandates the need for effective data analytics, automation and integration that works. As a result, each of these three aspects is equally important:
- Powerful data analytics which includes the use of true AI/ML: This will empower us to differentiate noise from high fidelity events/incidents with greater accuracy, enabling us to better direct our efforts.
- Automation: It enables us to work smarter and make the best use of the human resources that we have.
- Powerful bi-directional integrations between different security tools: This enables us to act efficiently and see true value from cyber security investments.
Vendors and service providers that successfully address the above will be the ones to succeed, because that is what businesses need today and will need even more tomorrow. At Help AG, we regularly attend key cyber security focused events such as RSAC and engage deeply with our clients to understand the unique challenges they face, and constantly monitor the threat landscape to ensure we stay at the forefront of the industry. This enables us to keep pushing forward and delivering better security with higher efficiency – all for the ultimate benefit of our clients.