RSA Conference Blue Suede Shoes

2-19-16_CS_RSA_Microsite_Sidebar_CTA.pngMy feet have almost recovered from the many miles walked at RSA last week, bouncing between meetings and sessions. Given my penchant for referencing songs and musicians in my blogs, “Feets Don’t Fail Me Now” and “Many a Mile to Freedom” come to mind.

RSA is a long week that also seems to go by quickly, a paradox of busy-ness. With the meta-changes in the scope of what to secure expanding exponentially (immutable infrastructure, knowledge worker mobility, and the world of connecting things), the moving target of attacker methods, and a myriad of protection solutions, there is much to process at RSA. Having let the input settle over the weekend, here are a few of my takeaways from RSA Conference 2016.

Segment Blurring

My part of the cybersecurity industry is guilty of “bucketizing” vendors and products and it just doesn’t work anymore. I guess it’s human nature to want to put everything neatly into a box, but it’s not good for customers who need to think about outcomes, what use cases lead to desired outcomes, and what functionality is needed for said use cases. Buyers should not be bounded and limited by product category thinking. The increasing number of integrations and use-case-based feature sets are category-breakers, with examples including Fidelis and Digital Guardian, both of which are merging data loss prevention and threat detection and response to keep the good in, and bad out.

In the endpoint security market, established and emerging leaders are filling their respective functional gaps across the prevent, detect, and respond spectrum. Cybera, vArmour, Illumio, and Unisys are other category-busting party crashers that some want to label as microsegmentation or SDN plays with a security bent, missing the more important point — the applicability of having security travel with the workload to secure inter-workload communication be it east-west or north-south in cross-cloud deployments. Oh, how I love the rebel! I know, so many more possible song references.

Kill Chain Orientation for a Beyond Malware Perspective

A narrative I heard a number of times last week is that we need to be worried about more than malware and have a more holistic purview of the threat landscape, including stolen credentials, the insider threat, and more. While some may quibble at the accuracy of a certain cybersecurity kills chain model, it is nevertheless a illustrative construct for how threats operate thus providing a valuable framework to vet attack vectors and methods and how we detect, prevent, and respond. LookingGlass and Dell SecureWorks were particularly on point on this particular thread.

Securing the "Cloud First" Imperative

In a reality where "Cloud First" is the new norm, such initiatives must also contemplate securing this increasingly broad use of cloud-delivered SaaS apps and platform and infrastructure services. This dynamic puts cloud access security brokers and cloud infrastructure security solution at the forefront, where the outcome is the prevention of northbound data leakage to the cloud, the lateral spread of threats between cloud services, hijacked API keys, and more. Solutions from Netskope, Palerra, Bluecoat, Threat Stack, Intel Security, and Trend Micro enable the essential visibility and control use cases to enable securing this modern computing paradigm.

Going on the Hunt

Another theme heard a bit more loudly at this year’s RSA was enabling cybersecurity teams to go on the hunt for a proactive, lean-forward strategy. Let’s not call that turning the tables and going on the offense per se, but rather initiative-based detection. And doing so is a thing of big data-driven cybersecurity analytics in the wheelhouse of the likes of LogRhythm and Sqrrl.

Gotta love an anniversary, especially a big one. Apparently 40,000 people wanted to show up for the 25th anniversary of the RSA Conference, but more to get smarter about cybersecurity than to celebrate. The show sure how grown over the years, right along with the attack surface area and threat landscape.

And why the Blue Suede shoes title? Well, I tried to keep this to 3 take-aways and got “one for money, two for the show, three to get ready” stuck in my head, but oops ‚ I ended up with four. Who’s got a good “four” in a song reference?

identity access management infographic

Topics: Cybersecurity RSA Conference