read
March 6, 2020

Our Takeaways from the 2020 RSA Security Conference

This year’s RSA Security Conference was a rousing success, even with the onslaught on Covid-19. During our time at the show there were a number of interesting cyber security trends that we observed and wanted to share. As you continue to plan for 2020 and consider your overall security strategies, you may want to consider these top priorities.

 

 

Our Takeaways from the 2020 RSA Security Conference

This year the RSA Security Conference began somewhat ominously, as the Coronavirus breakout resulted in the cancellation of the Mobile World Congress in Barcelona and Facebook’s global marketing summit in San Francisco. 

RSA security was also affected with just over 1% of attendees canceling their registration amidst the reduced presence of key sponsors, including IBM Security, AT&T Cybersecurity, and Verizon. The irony was not lost on cyber security professionals—the rapidly increasing virus threat impacting the day-to-day of security professionals.

Even still, as thousands of IT security professionals descended on San Francisco for the annual conference, many top trends quickly emerged from keynotes, panel discussions, and vendor announcements. Many of these aligned with what we saw late last year, but many also offered a slightly different take. 

 

Here are the top cyber security trends we saw from this year’s RSA Conference:

Cybersecurity moves to the boardroom

As threats become more material and consequences compound with GDPR, the California Consumer Privacy Act (CCPA), and even more complex compliance requirements looming, board members are spending more time discussing  what their companies are doing in relation to a cybersecurity strategy. 

Given the complexities outlined above along with the intricacies of a hybrid and flexible environment to secure it requires deep conversations.  This forces the technical professionals, that deal with network and data issues on a daily basis, the business leadership and the business-minded board members to find a common language. This can be challenging because the issue isn’t just about the technical aspect of securing IT infrastructure and risk mitigation but is also about assessing and communicating the level of risk; it’s also about being able to characterize the risk with a business posture aimed at the competitive market. Security leaders need to bear more responsibility than ever to the organization’s success.

 

Reputation is the target du jour

At one time businesses focused on protecting their networks and data assets from physical criminal threats such as theft. But now more often than not the focus of cybercriminals is maximizing business disruption, from damaging brand reputations to stirring economic fallout, as many discussions pointed out. Once inside the cybercriminals spend a considerable amount of time in the network causing damage and remain invisible to the affected organization.

This means relying on traditional tools that mostly focus on perimeter protection and the monitoring of what is moving in and out of the network is not enough.  Organizations need to place more emphasis on understanding and monitoring how data moves in and out of the organization—east-west and north-south—and make sure they have complete visibility into all network traffic.

 

Security can be all work and some play

One of the more fascinating stories from the RSA Conference involved Target’s director of enterprise incident management Erin Becker. In her session, "Enterprise Incident Management: How to Get Everyone Ready for a Crisis,” Erin described the War Games approach Target now uses to prepare associates for a range of cyber-attack incidents

Some so real, in fact that executives have mistaken them for the real thing. Given Becker’s enthusiasm for how the games prepare Target for worst case scenarios, it will not be surprising to see other enterprises adopt a similar posture. 

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Related resource: We recently described the Target breach (and how it could have been avoided) in our blog, “What Do the Worst Data Breaches Have in Common?”

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

DevSecOps continues to move to the forefront

Application development security was once thought of as a future state or idealistic vision for most organizations. But hot topics at RSA clearly indicate DevSecOps is a priority for more organizations than ever before, and something they consider critical to present efforts. 

It is not just a technology consideration however; as many pointed out, success requires a cultural change and a willingness to adjust how developers think, act and behave. 

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Related resource: To learn more, download our white paper on the subject, “How to Secure DevOps Across Any Environment.”

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Innovative cyber-security solutions

As you can tell, evolving cyber-security trends continue to force the entire industry to adapt. Yesterday’s tools and approaches simply won’t work with increasingly sophisticated hackers and modern new threats. Instead, today’s cyber security professionals need innovative new tools capable of overcoming past flaws and helping them protect their company.

ARIA Cybersecurity Solutions agrees with this mindset, which is what led us to develop the ARIA SDS platform and related solutions. We will continue to provide these types of industry updates, and describe how our cyber-security solutions are well-positioned to help any organization gain the upper hand on potential attackers. To learn more, please visit our solutions portfolio page today.

 

About ARIA Cybersecurity Solutions

ARIA Cybersecurity Solutions recognizes that better, stronger, more effective cybersecurity starts with a smarter approach. Our solutions provide new ways to monitor all internal network traffic, while capturing and feeding the right data to existing security tools to improve threat detection and surgically disrupt intrusions. Customers in a range of industries rely on our solutions each and every day to accelerate incident response, automate data breach detection, and protect their most critical assets and applications. With a proven track record supporting the Department of Defense and many intelligence agencies in their war on terror, and an award-winning portfolio of security solutions, ARIA Cybersecurity Solutions is committed to leading the way in cybersecurity success.

Tags: cyber attack, secdevops, cybersecurity