Over 40,000 attendees and nearly 550 vendors are getting back to their inbox this week after having attended the gargantuan vendor show otherwise known as RSA. It was RSA’s silver anniversary, and as with each passing year, it gets BIGGER with age!
Like any relationship, an anniversary is a great time to step back, reflect, and renew vows. In this case, reflect with a renewed sense of improving information security globally – at least that’s the stated intention of every vendor on the show floor. For this momentous occasion, let’s pause for a moment and look at the state of our relationship – this marriage of security solutions and end users. There’s something each side can offer his or her security partner in terms of strengths, weaknesses, and opportunities.
While we’re commemorating the past, let’s look at some of the topics that generated the most buzz at RSA, and make a promise for a brighter future in this vendor/customer relationship.
Sharing: I promise to share my data. Sharing is a key part of any strong relationship, and the industry is (fortunately) starting to move (slowly) towards the idea of sharing threat data. We’re not fully there yet, but the industry is warming up to the idea that shared intelligence on attackers, their tactic and techniques, and their motivations is a benefit to all. Speaking of threats, threat intelligence vendors and threat intelligence platforms were hugely represented both in presence and also conversations. Continue to look at 2016 as a year of data exchange and streamlining multiple sources of data to take action.
Integration: I promise to integrate with others: Like every year, first-time vendors were in abundance in the exhibit halls. What’s different is that these new vendors offering niche services are now integrating with the largest vendors in the security space—the stalwarts and trusted providers. Technology Alliance Programs are popping up and vendors are partnering with the intention of solving unique customer needs rather than offering just another bolted on point solution. In fact, many customers now require as part of their due diligence and vendor evaluation that the potential vendor is willing and capable of integrating with others. Furthermore, several vendors have indicated that the path to their success is not about increasing the size of the sales team, but integrating with partners. For as much as every vendor would like to offer the silver bullet to solve all that ails the customer, it doesn’t work that way (just as there is no one formula to the perfect relationship). APIs are enabling easier vendor integration, and they are becoming quite common (think of them as the Match.com for the security industry).
Efficiency: I promise to be more efficient around the office. Or at least be nimbler. Security orchestration and automation have been buzz worthy. FireEye conducted a quick acquisition of Invotas in early February, and others like Phantom Cyber have hit the scene hard. Whether it is a pure-play company offering automation or vendors enhancing their solution to shed low-value tasks, creating efficiency is becoming crucial to success. Not everything requires constant attention, and those things that can be smoothed with automation should be so that end users can focus on the tasks that need a little extra human TLC.
Incident Response: I promise to be (IR)esponsible: Vendors are improving their incident response capabilities. Sure, prevention is still the gold standard, but identifying and responding to incidents is the next best thing and continues to drive vendors and their offerings forward. The reality is that attacks will continue (they’re the bumps in the road of relationships), so we’re seeing a number of vendors using deception and hunting techniques to help enterprises identify the attackers and reduce dwell time.
Artificial Intelligence: I promise to think differently but ethically. A lot has been said about AI and where we’re going as an industry. Can we use AI to mimic analyst decisions? What are the safety concerns we will face when AI goes further in not just security, but the world in general? Autonomous vehicles, for example, show no signs of slowing down (no pun intended). Ethics is a significant topic as well when AI is introduced. Several speakers at RSA brought their AI research forward, and undoubtedly, there’s more where this came from.
IoT: I promise to not leave my Internet of Things lying around: The infinite possibilities of IoT is still in its infancy. There’s no question that nearly everything will be Internet-connected in the future. Consumers gobble up the latest and greatest digital watches and baby monitors and vacuums without much thought to how, when, or to what they’re connected. As security professionals, the question is: how do we secure and trust these devices? Many sessions focused on where the problems lie and how to fix them (now we need to bring the manufacturers and developers into our inner circle). Look for 2017 to see more vendors offering solutions to help secure anything we wear, drive, or plug in.
Behavior: I promise to behave: Spotting suspicious user behavior and alerting appropriate parties before damage is done, or at least escalating issues as part of the IR process, is becoming more commonplace. Communication is king, after all. By combining intelligence, user activity, network visibility, and external threats, user behavior analytics solutions help identify activity which warrants investigation. The quicker problems are identified and communicated, the better the outcome. Vendors such as Exabeam, ObserveIT, Bay Dynamics, and Fortscale are making a strong presence in the market and helping end users identify anomalous behavior and react more swiftly.
The past 25 years have been remarkable! The conference draws international and mainstream media attention, and it is a spectacle of lights, sounds, and pitches
(along with badge scanning, sore feet, and pockets full of tchotchkes). We’ve learned much from our time together, and now we must resolve to build into the future to ensure sustainability and relevance. Our commitment to security must not waver; thank you to RSA Conference 2016 for highlighting how far we’ve grown and providing ideas on how to be even better in the years to come.