As I am starting to write this, RSA 2018 is not even over yet, but I think I am ready to blog my impressions from this year’s event. As I mentioned many times, I love the #RSAC conference, unlike many of my peers. I like the “industry in one room” vibe, the connections, the hallway insights and – yes – I even like the over-the-top vendor expo. And, no, I never said “50,000 lemmings can’t be wrong”, this is a fake quote 🙂
OK, this post is about RSA themes and trends observed by me! Note that I don’t pay attention to some areas of security that are perhaps very important, but I personally don’t care about them – like, say, application security. Hence the list below is biased by my interests.
- My #1 fear for RSA this year was that “AI” will stare at me from every booth, and it didn’t happen. Hurrah! Machine learning and “AI” were visible, but not overwhelming. Somebody mentioned there was a booth with a slogan “machine learning cyber AI”, but I failed to locate it.
- For a few years, I’ve been looking for IoT security (as well as its OT and ICS brothers), and my impression this year was that perhaps more vendors mentioned the theme, but not many (my suspicion is that the spend is just not there).
- Here is one “was old, now new” bit – and this is an insight to me. I saw a lot of asset management. Say, what? Well, asset discovery and asset management for the modern era is a BIG HUGE problem, and so I am happy to see some vendors appear to handle it creatively.
- Also, from the “old to new” bucket: I think I’ve seen more email security this year (I assumed that it is a solved problem, apart from well-crafted spear phishing – which is IMHO unsolvable in principle)
- Ah, and another “old to new”: I’ve seen a bunch of flow-based security monitoring tools, and my first reaction was “oh, so 2002!” Now, I need to be convinced that they matter for modern threats.
- Threat hunting – well, we did a panel on that and hopefully we contributed to signal and not noise. Many booths did have something about hunting and of course few if any defined it, but, just as “AI”, it didn’t feel too excessive.
- There was comparatively more data security (if not DLP) at the event, and I hypothesized that perhaps GDPR made them do it [I even saw a data diode in one booth – and who doesn’t love those…]. GDPR itself also was not a big presense, boosting my fears that it may help security … or hurt it.
- Furthermore, every year I seek to confirm that few care about insider threats – and this year is no exception. I’ve seen some sleepy booths that mentioned insiders, but, as I suspect, no insider threat rush.
- Moving target security – OK, it does sound vaguely interesting, but does it work IRL? To me, the proof is in the pudding and the vendor saying “we secure military IoT” isn’t pudding …
- And finally…. BLOCKCHAIN. You just had to ask, eh? Unlike my esteemed colleague, my uneducated opinion is that blockchain is good for two things only: providing cybercriminals with money and generating hilarity. So, no, not a security trend IMHO. Not now. Not later. Not ever.
Past blog posts related to RSA conferences: