Cybersecurity Industry To-Do List for RSA Conference

During his keynote at last year’s RSA Security Conference (titled: Escaping Security’s Dark Ages), Amit Yoran, president of RSA, lambasted the industry as failing its customers. In a related interview with Fortune Magazine, Yoran said, “let’s do things differently; let’s think differently; let’s act differently — because what the security industry has been doing has not worked.”

Topics: Cybersecurity FIDO RSA Security Conference CNAP

The Highs and Lows of Cybersecurity Integration

Based upon anecdotal evidence, I estimate that the average large enterprise organization uses more than 70 different security tools from an assortment of vendors. As they say in Texas, “that dog don’t hunt.” In other words, it’s nearly impossible to maintain strong security hygiene or establish best practices when the security organization is chasing cybersecurity optimization on a tool-by-tool basis.

Topics: Information Security Cybersecurity DHS FIDO DoD

Undercurrent RSA Conference Theme: Security Technology Integration

Just a few days until the start of the RSA Conference and I expect an even bigger event than last year – more presentations, vendors, cocktail parties, etc. The conference will likely focus on security technologies like endpoint security, cloud, security, threat intelligence, IAM, and others which I described in a recent blog

Topics: Network Security TAXII STIX FIDO vulnerability management

Last Minute Cybersecurity Predictions for 2015

By now, every vendor, analyst, and media outlet has already published their cybersecurity predictions for 2015. I actually described some of mine on a Co3 webinar with Bruce Schneier last week, so I thought I’d put together a quick list. Here are ten predictions in no particular order.

Topics: Apple Cybersecurity threat intelligence cyber attack FIDO CISA

“Cold” Topics at RSA that Should Receive More Attention

In my blog yesterday, I outlined the hot topics I anticipate at this year’s RSA Security Conference. Since the show is dominated by security vendors, the show hype will focus on products, services, and various technologies.

So what’s missing? A broader discussion on cybersecurity issues, trends, collective efforts, and best practices. Yes, these subjects will get some attention in presentations and break-out sessions but the show floor and cocktail party banter will lean toward a myopic security perspective around bits and bytes.

Topics: Information and Risk Management Security and Privacy Security cybersecurity skills shortage google Bradford Networks Cybereason LogRhythm compliance DHS ForeScout CybOX Great Bay Software Lancope Edward Snowden Facebook FIDO