Cloud Computing Security Chaos Continues at RSA Conference 2018

My esteemed colleague, Doug Cahill, did a great job at the RSA Conference with a killer presentation on hybrid cloud security. Unfortunately, Doug’s presentation occurred on Thursday afternoon, when many conference attendees were catching flights home, packing up their booths, or recovering at a bar somewhere else in San Francisco. Despite the timing, about 150 souls showed up, but I’m guessing that Doug’s conference room would have been overflowing if his presentation was on Tuesday rather than Thursday.

Topics: Cybersecurity RSA Security Conference cloud security

RSA 2018: Securing (y)our Data, (y)our IT…and the World -- includes video

This year’s RSA Conference in San Francisco was held under the theme of “Now Matters.” To play off those semantics, one could clearly see the continuing shift in this industry from it being (in the past) all about matters of IT security, to (now) a world where IT security really matters. That’s not just playing with words - it’s impossible to over-state the importance of the endeavor that this event reflects and represents; but equally the burgeoning user needs and vibrant vendor competition creates a giddy atmosphere, in all senses of the word.

Topics: Storage Cybersecurity RSA Security Conference

Quick Take-Aways From the RSA Security Conference

Like many others, I’m still recovering from last week’s marathon at the RSA Security Conference in San Francisco. Here’s a shotgun list of my impressions of the show:

 

Topics: Cybersecurity risk management RSA Security Conference SOAPA

ESG at RSA: Identity, No Passwords, and Email Security (Video)

In this video, ESG analysts Mark Bowker and Jon Oltsik run through some of the top topics they will be tuning into at RSA Conference 2018. Mark and Jon home in on how identity has become the control plane and how the software-defined perimeter is impacting the CISO's decision making process and future investments. 

Topics: Cybersecurity identity and access management RSA Security Conference software-defined perimeter

RSA Conference 2016: Day 1

Day 1 of the 2016 RSA Conference. Vendors are still setting up their booths in the exhibition hall but the sessions have begun in earnest. Here are a few highlights of what I’ve heard so far:

Topics: Cybersecurity RSA Security Conference

Cybersecurity Industry To-Do List for RSA Conference

During his keynote at last year’s RSA Security Conference (titled: Escaping Security’s Dark Ages), Amit Yoran, president of RSA, lambasted the industry as failing its customers. In a related interview with Fortune Magazine, Yoran said, “let’s do things differently; let’s think differently; let’s act differently — because what the security industry has been doing has not worked.”

Topics: Cybersecurity RSA Security Conference

All I Need to Know about Cyber Security, I Learned in an NSA Pamphlet for Securing Home Networks

Do you remember a list called All I Really Need to Know I Learned in Kindergarten? No? It’s a list of basic things that children are taught, which can guide them throughout life. It’s pretty old but was very popular in its day. Thinking about this led me to ask: Would lessons from a pamphlet for securing home networks have prevented some recent mega breaches? No way? Think again. 
Topics: Cybersecurity Networking RSA Security Conference

Wrapping up RSA USA 2015, and Looking Forward to Interop

I’m wrapping up my visit to the RSA USA 2015 Conference. The conference was as big as ever. There was a feeling of how to protect ourselves from breaches by being realistic: Realize that adversaries will somehow get into your system, so look for multi-layered approaches to protect yourself after a breach occurs and minimize the damage. But there was some hopefulness as well, since we are acknowledging the changes in the security landscape, and we’re adapting ourselves accordingly. So I hope we’re not fighting the last war, and we’re becoming forward-looking.

Topics: Networking RSA Security Conference

A Multitude of Mobile Security Issues

The Black Hat USA conference takes place next week. If it's anything like RSA and Interop, there will be a fair amount of discussion about BYOD and mobile device security. Yup, a lot of hype but this is a topic worth discussing as nearly every enterprise organization and CISO I speak with is struggling here.

Topics: Microsoft Cybersecurity Cisco Information and Risk Management McAfee google Black Hat Symantec Interop DLP RSA Security Conference Enterprise Mobility