Dr Aleksandar Valjarevic, Head of Solutions Architecture, Help AG Middle East, shares some of the key takeaways from the recently held RSA Conference in San Franciso and highlights the different trends organisations need to focus on in 2019.
Every year, the RSA Conference (RSAC), held in San Francisco, provides a glimpse of the what lies ahead for the cybersecurity industry and this edition was no different. The motto for RSAC 2019 was a simple yet powerful one – #BETTER. This accurately captures the spirit of the event which helps organisations better understand the cybersecurity industry, threats and solutions and thus adopt better means of defence.
In a nutshell
RSAC 2019 featured 700+ exhibitors and was attended by more than 42,500 visitors. With keynotes from industry veterans, CEOs and even movie stars, as well as over 700 sessions – ranging from product pitches to tales from the trenches – the event proved incredibly valuable not only for attendees and exhibitors, but also for the security community as a whole.
The rainy San Francisco week aside, we had plenty of positive developments and insights to share from the world’s biggest and the best cybersecurity conference!
This year, RSAC hosted more keynotes than ever before. Among these was the keynote by Nikesh Arora, CEO of Palo Alto Networks and Arista Networks CEO Jayshree Ullal on the secrets of a successful cloud journey; and the keynotes by Cisco executives, including Liz Centoni, SVP and General Manager for IoT, and Matt Watchinski, Vice President of the Global Threat Intelligence Group, that elaborated on the risks presented by Internet of Things (IoT) devices. Also deserving of mention was the keynote by Kyla Guru, a “Teenage Security Supergirl”, who runs a non-profit organisation focused on cybersecurity awareness. It was a refreshing and motivating session that gave us a glimpse into what the younger generations expect and need from cybersecurity professionals and the community.
The RSAC top three
This year, it was abundantly clear that three main topics ruled the conference sessions and conversations around the convention, capturing the attention of attendees and exhibitors alike. These were:
- All things SOC (Security Operations Center)
From sessions on open source tools that can assist organisations to achieve a certain level of security operations without “breaking the bank”, to sleek product demos by leading vendors, it was clear from day one that this was THE hot topic of the conference.
- Cloud – from DevSecOps to Compliance and Zero-Trust in the Cloud
There is an emerging class of solutions that are “cloud born” and “cloud only” highlighting to us all that there is no way back. Utilisation of cloud technology, in one form or the other will be unavoidable in the future as organisations look to gain or maintain a competitive advantage. Staying secure during the inevitable cloud journey is therefore of paramount importance.
- OT (Operations Technology)
The world has finally woken up to the realisation that we need to secure those PLC controllers in power plants, even though they have been there for over 20 years. A new breed of solutions is coming to the market, providing visibility into OT, enabling integration with security controls and bridging the gap between OT and IT, even to the point of running joint SOCs.
Furthermore, on the topic of all things SOC – throughout the RSA conference, one could see plenty of discussions around automation (SOAR), SIEM (best-of-breed SIEM, next gen SIEM, and easy-to-do SIEM), threat hunting using AI, threat intelligence, EDR (endpoint detection and response), UBA (User Behaviour Analytics) and more. All these dots connect and relate to how we can implement security in a better, more efficient, cost-effective and fully automated fashion. This topic was repeatedly discussed by vendors at the sessions and was reinforced by a live RSA Conference SOC operating on-site and by Alphabet, Google’s parent company, releasing their flagship cloud based SIEM Backstory.
One can clearly see that implementing the SOC the right way – choosing the right vendors, the right integrations and the matching services – will make the difference between staying secure and being continuously breached. The importance of the topic is further strengthened by the industry’s well documented lack of human resources which mandates the need for effective data analytics, automation and integration that works. As a result, each of these three aspects is equally important:
- Powerful data analytics which includes the use of true AI/ML: This will empower us to differentiate noise from high fidelity events/incidents with greater accuracy, enabling us to better direct our efforts.
- Automation: It enables us to work smarter and make the best use of the human resources that we have.
- Powerful bi-directional integrations between different security tools: This enables us to act efficiently and see true value from cybersecurity investments.
Vendors and service providers that successfully address the above will be the ones to succeed, because that is what businesses need today and will need even more tomorrow.