As security vendors and professionals from across the globe gear up for attending next week’s RSA 2018 security conference, we wanted to give our perspective on what everyone should expect and how to get the most out of the conference.
The 2017 conference set a record with over 43,000 attendees, and we would expect that we could see close to 50,000 this year’s RSAC as security remains an important topic to every digital business.
Every year there are a few common themes from multiple vendors and the top marketing terms that we predict we will see include the following:
- AI/ML – First, please don’t conflate the two terms. Machine Learning is a simple way of achieving Artificial Intelligence. Building proper ML models to power AI solutions typically requires a fair amount of data to ‘train’ the model. Make sure that the vendors who are touting these solutions can articulate how their offering truly delivers those capabilities.
- Blockchain – Often confused with Bitcoin, or at least tightly coupled with it, blockchain technology is a decentralized, distributed ledger that records transactions using cryptography in an chronological, immutable manner. It is still early days for leveraging blockchain, especially in high-transaction environments, so once again, make sure that the vendor can speak to these potential issues.
- IoT Security – Our hope is that we see much stronger regulations around IoT security, or lack thereof, very soon now. There should be ramifications for shipping any Internet-connected device with default credentials such as ‘admin:admin’ and vendors need to also start implementing strong Authorization (in addition to Authentication).
- GRC – There needs to be new ways of addressing Governance, Risk and Compliance. Risk, which has typically been viewed as static, is truly elastic in today’s high-velocity Cloud and Mobile world. Traditional approaches won’t be, and haven’t been, effective so hopefully we’ll see innovative platforms instead of ‘next-gen’ products.
- DevSecOps – This term has certainly seen a significant uptick in Marketing approaches, and we at ZeroNorth have been huge proponents of it since Day 1. The key thing to remember is that it’s a cultural approach where security teams are a collaborative part of the software development life cycle. There is no magic product that can ‘Do DevSecOps’.
We hope that everyone enjoys your time at RSA and comes away with actionable approaches and solutions to start moving the security needle in a positive direction. Our CEO Ernesto DiGiambattista and the rest of the team be there, and we’d love to connect.