I may as well ‘fess up straight away. It was my first time at RSAC despite having attended many other events before. And I wasn’t quite prepared for an event that spanned not only three exhibition halls, but a number of the surrounding hotels as well!
I was very interested to get a briefing from RSA on their new place in the Dell universe, and it was interesting to get the chance to sit and talk with Michael Dell on his thoughts on the opportunities and challenges that await.
So, what did I notice? What trends and disruptions were there?
Vendors improve their understanding of bad actor behaviour
Knowledge is the antidote to fear – Ralph Waldo Emerson
Across the show, vendors were anxious to display how they have taken time to investigate and explore the world of the digital criminal, with the consequence that many more are following Gartner’s Predict, Protect, Detect & Respond model. Everyone was keen to demonstrate their ability to determine good from bad, and humans from ‘bots. The impact of this is huge, as it changes the way we build, monitor, authenticate, and respond.
With the rise of skilled, resourced attackers, defenders must accept the very best sources of intelligence and defense, and the vendors are certainly rising to the challenge. A lot of the vendors I would have traditionally considered specialist fraud are bringing their technologies and applying to broader challenges in InfoSec. I am seeing more evidence of convergence in many areas.
It’s not AI unless it will talk to me
There was a significant buzz around advanced analytics and machine learning, with vendors applying these techniques to understand human behaviour, both internally and externally. For a long time we’ve seen very little interest in actually detecting and responding to the insider threat apart from after-the-fact forensics.
Particularly interesting are the vendors who are crossing the channel gaps – picking up interaction data from web, mobile, and even voice transaction (coupled with analysis of key semantic and sentiment) to determine trader malfeasance, employee fraud, abuse of privilege and of course violation of corporate policy (time to remove that web-based file sharing app!).
While there’s always a lot of heat (as well as light) generated in the AI space, we seem to be seeing solutions that have real-world potential.
Cybersecurity – one more entry in the software defined pantheon
For some time, DevOps and Cybersecurity have eyed each other warily, and now a meeting of minds appears to be in place, with innovations to represent CyberSecurity as a software defined model. This is of course interesting as we move more and more to cloud, and it is likely to lead to increased agility in responding to advanced threats, allowing increased automation and machine-controlled rapid response.
Israel is the new Silicon Valley for Cyber
While I was pleased to see Britain’s representation sponsored by the Department for International Trade and there are some really exciting innovators coming out of this small island, there is no denying the incredible sense of mission that comes from Israel, with a knockout powerhouse combination of government, investment and academic drive. With some 450 vendors originating there, and 26 occupying a third of the expo floor, it was striking how much exciting technology is coming from this area. Venture firms internationally are clearly aware of the potential of the region, and its unique combination of talent, money and chutzpah.
2017 promises to be a great year. This was an exciting start.