One of the great things about these conferences is that I get to meet a variety of end-customers (CISOs), essentially security consultants who are in-house practitioners. I had the pleasure of having dinner and lunch with some of them yesterday. One thing that’s apparent from talking to them, is the cybersecurity skills shortage, which Senior Principal Analyst Jon Oltsik recently described in an ESG Brief (login required). There is a quandary: one needs to train people and invest in their skills, and at the same time, it makes them ever more valuable to be poached by other firms. Can automated systems help, and what really requires human insight?
Despite the boatload of innovation being exhibited, one consultant told me that in many ways, there is much we can learn from the past. Many threats are reworked versions of problems we had many years ago, dressed up for new platforms like highly virtualized platforms or containers. We need to be good at learning from our lessons form the past (this makes us more efficient and effective), and still being aware of what’s different this time around.
In other news, I've been playing shutterbug since the conference began, and some of my shots from the event are below. Keep an eye out for a later ESG On Location video which will have additional snapshots from San Francisco:
Above, a cybersecurity history on which attendees can write their own notable events.
One of the conference relaxing/collaborating/working areas.
On the left, an IoT-themed and inspired crib. On the right, a bedroom laden with IoT-enabled devices.