ESG's Doug Cahill and John Grady recap RSA 2020, held in San Francisco.
Read the related ESG Blog(s):
Doug: Hi, Doug Cahill here and I'm with my colleague, John Grady. John is our lead analyst for network security. And, John, the dust is just settling from RSA Conference 2020. Obviously, coronavirus impacted the conference a little bit. We had some major sponsors back out, and attendance was down a little bit. Still thought it was really energetic, engaging conference, though.
John: Yeah. I was just talking to someone recently. I mean, RSA has kind of outgrown Moscone. So it was still full. Had a little room to breathe this year.
Doug: That is true.
John: Which isn't a bad thing.
Doug: Little more elbow room.
Doug: Yeah. Hey, so the theme of this year's conference, I thought it was so appropriate, it was the human element. A lot of things come to mind, like community comes to mind first and foremost. But from your perspective in covering network security, I'm sure the human element for practitioners and vendors have a lot of implications. Like, I know one of the things you're looking at sort of thematically with network security is sort of replatforming a lot of the traditional controls. So when you think about the human element, how's that getting manifested?
John: Yeah. I think, one aspect is kind of better enabling users. And that's kind of through, in some of the research we've done, around software-defined perimeter and the idea of, replacing your VPN to kind of modernize access to corporate resources. Moving from, kind of a broad permissions model to more one-to-one access.
And so there's a zero trust component. But relative to kind of enabling users, the idea that, they shouldn't have to worry about how they, connect to a specific gateway or where they have to go for, a SaaS application versus an on-premise application. Everything's centralized, they put in their credentials, they're authenticated, and then, they have a nice dashboard, and it's very easy for them to get what they need and not beyond that.
Doug: Right. And I know part of your perspective on software-defined perimeters is that, over time, very well could be an element of a lesser cloud gateway sort of edge-based network security controls that really consolidate that sort of direct to cloud access in a secure way.
John: Absolutely. And what that kind of enables is this idea that, we've both touched on at times, this matrix of any-ness, you need to connect, any user on any device in any location at any time to any resource seamlessly.
Doug: That's right.
John: Without them having to, jump through hoops and securely.
Doug: Yeah. Yeah, absolutely. And so sort of following on from this human element theme at RSA Conference, we have a bunch of research we'll be conducting in this area over the course of 2020. Zero trust coming from you later in the year. And here in the near term, I'll be working on a study with Jon Oltsik entitled Cloud-Driven Identities.
And we did a little bit of research and sort of background research for this study that looked at whether or not the broad adoption cloud services necessitated retooling identity and access management programs. And across the board, it absolutely is. So as that sort of traditional perimeter, model gets challenged, organizations are absolutely revisiting all things identity in terms of single sign-on, and multi-factor authentication, and adaptive auth, even the primary forms of authentication going to, biometrics. And, one of the themes there is also around user analytics. So hey, I want to have better visibility in sort of this user perimeter, have I had a user who has had their credentials stolen? Have my privileged cloud accounts been compromised vis-a-vis spearfishing that maybe got hold of, admin credentials that then got to service accounts?
But we also have, the malicious insider. And so I know from sort of an analytics perspective, it's also incredibly important to have that sort of telemetry and user activity being able to propagate into the SOC. How's that get tied together with the network piece?
John: Yeah. It seems like, there was a big pop a few years ago with user analytics, and then it got quiet because it's hard, and the technology was kind of nascent. But that's become so much more important for context as you're trying to authenticate users, understand what they're doing, the kind of either malicious or curious insider use cases, something that we still haven't solved for. And, when that's baked into, an ECG concept or, different identity components, becomes a lot easier to kind of facilitate that.
Doug: Yeah, you get context, you're getting rich data by really understanding the context in which a user is accessing a particular application or asset and whether or not that's anomalous, relative to normal activity.
Doug: Yeah, absolutely. Well, great. A lot of activity last week at RSA Conference. Great to see so many people. We had a great turnout or at our breakfast.
John: We did.
Doug: We could talk for another couple of videos, but we'll do some more videos later. Absolutely.
John: Sounds good.
Doug: Hey, thanks for joining us for a recap of RSA Conference 2020. We appreciate that all of us are watching closely on the developments of the coronavirus, and so rethinking about how we get contact with our community. And to that point, we will be suggesting ways in which ESG can help you connect with your prospects and clients in your community at large through digital marketing.
So stay tuned for more from ESG on that front. Thanks very much.