The Dust Has Settled – Impressions from RSAC 2017
RSAC 2017 – with its grand mix of speakers, exhibitors, and presentations – was a whirlwind of security news and innovation. While last year’s conference highlighted point products and tools centering around deception and end-point anti-malware, this year’s buzz tended towards more holistic security solutions, with collaboration, intent-based security and business-driven risk management grabbing the spotlight.
Holistic Security and Collaboration
The shift toward broader, all-encompassing solutions is reflected in the growing need for simplifying security operations and maximizing security investments – rather than investing in additional security platforms. Adding more and more individual tools creates a heavier workload, as security tools can produce large amounts of data. Instead of struggling to make use of all the data streaming in from these security tools, we should be asking ourselves how we can take the most relevant information and make optimal use of it – i.e., how we can connect the dots effectively, and utilize this correlation to provide better security through faster and more precise responses. This is exactly why we’re seeing a trend toward solutions that facilitate collaboration between products, such as Cisco ISE and McAfee DXL.
RSAC also shined a spotlight on simplifying workflows. More than ever before, organizations are voicing a pressing need to simplify security operations. This can be achieved by focusing on “intent” – a widening attempt to ensure that organizations optimize their security investments and correlate the resolution of security events with their attack intents, according to their urgency vis-à-vis business impact.
Another growing trend is the effort to remove complexity and attain better ROI from existing security solutions through integration, automation and orchestration. Organizations are increasingly demanding solutions that eliminate errors and create order where there is chaos. This issue can be addressed by new intent-based security solutions that enable better security while simplifying security operations through advanced analytics and automation.
Security Talent Shortage
Last, but certainly not least, is the growing challenge of the shortage of security talent. Cybersecurity organizations across the board understand the necessity of maintaining job retention while staying alert to employee fatigue and preventing burnout. They must also learn to get out of their own ways – in part by adhering to the three other trends discussed – in order to allow their trained security professionals to focus on top risk priorities, i.e. the more complicated cases, rather than the deluge of inconsequential positives they are faced with on a daily, hourly, and minute-by-minute basis.
As the cybersecurity ecosystem becomes increasingly complex, more enterprises are recognizing the need for smarter, more holistic solutions with which to head into battle. This year’s RSA conference has shown that quality over quantity is key; a hoard of specialized products is not as desirable or effective as solutions that focus on orchestration, analytics and automation. As the dust settles from RSAC 2017, it’s becoming clear that we’ll soon be seeing many more of these types of solutions on the horizon.