Gartner Blog Network


Thoughts from RSAC

by Jonathan Care  |  February 25, 2017  |  Submit a Comment

RC_BusinessDisruptionI may as well ‘fess up straight away. It was my first time at RSAC despite having attended many other events before. And I wasn’t quite prepared for an event that spanned not only three exhibition halls, but a number of the surrounding hotels as well!

I was very interested to get a briefing from RSA on their new place in the Dell universe, and it was interesting to get the chance to sit and talk with Michael Dell on his thoughts on the opportunities and challenges that await.

So, what did I notice? What trends and disruptions were there?

Vendors improve their understanding of bad actor behaviour

Knowledge is the antidote to fear – Ralph Waldo Emerson

Across the show, vendors were anxious to display how they have taken time to investigate and explore the world of the digital criminal, with the consequence that many more are following Gartner’s Predict, Protect, Detect & Respond model. Everyone was keen to demonstrate their ability to determine good from bad, and humans from ‘bots. The impact of this is huge, as it changes the way we build, monitor, authenticate, and respond.

With the rise of skilled, resourced attackers, defenders must accept the very best sources of intelligence and defense, and the vendors are certainly rising to the challenge. A lot of the vendors I would have traditionally considered specialist fraud are bringing their technologies and applying to broader challenges in InfoSec. I am seeing more evidence of convergence in many areas.

It’s not AI unless it will talk to me

There was a significant buzz around advanced analytics and machine learning, with vendors applying these techniques to understand human behaviour, both internally and externally. For a long time we’ve seen very little interest in actually detecting and responding to the insider threat apart from after-the-fact forensics.

Particularly interesting are the vendors who are crossing the channel gaps – picking up interaction data from web, mobile, and even voice transaction (coupled with analysis of key semantic and sentiment) to determine trader malfeasance, employee fraud, abuse of privilege and of course violation of corporate policy (time to remove that web-based file sharing app!).

While there’s always a lot of heat (as well as light) generated in the AI space, we seem to be seeing solutions that have real-world potential.

Cybersecurity – one more entry in the software defined pantheon

For some time, DevOps and Cybersecurity have eyed each other warily, and now a meeting of minds appears to be in place, with innovations to represent CyberSecurity as a software defined model. This is of course interesting as we move more and more to cloud, and it is likely to lead to increased agility in responding to advanced threats, allowing increased automation and machine-controlled rapid response.

Israel is the new Silicon Valley for Cyber

While I was pleased to see Britain’s representation sponsored by the Department for International Trade  and there are some really exciting innovators coming out of this small island, there is no denying the incredible sense of mission that comes from Israel, with a knockout powerhouse combination of government, investment and academic drive. With some 450 vendors originating there, and 26 occupying a third of the expo floor, it was striking how much exciting technology is coming from this area. Venture firms internationally are clearly aware of the potential of the region, and its unique combination of talent, money and chutzpah.

2017 promises to be a great year. This was an exciting start.

Category: cybersecurity  machine-learning  

Jonathan Care
Research Director
1 years at Gartner
22 years IT Industry

Jonathan Care expertise includes payment systems, cybersecurity, fraud detection and prevention applications, authentication, identity proofing, identity theft, and insider threats. He also covers the PCI compliance program, tokenization and the security aspects of payment systems. Read Full Bio




Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.