Thoughts from RSAC
by Jonathan Care | February 25, 2017 | Submit a Comment
I may as well ‘fess up straight away. It was my first time at RSAC despite having attended many other events before. And I wasn’t quite prepared for an event that spanned not only three exhibition halls, but a number of the surrounding hotels as well!
I was very interested to get a briefing from RSA on their new place in the Dell universe, and it was interesting to get the chance to sit and talk with Michael Dell on his thoughts on the opportunities and challenges that await.
So, what did I notice? What trends and disruptions were there?
Vendors improve their understanding of bad actor behaviour
Knowledge is the antidote to fear – Ralph Waldo Emerson
Across the show, vendors were anxious to display how they have taken time to investigate and explore the world of the digital criminal, with the consequence that many more are following Gartner’s Predict, Protect, Detect & Respond model. Everyone was keen to demonstrate their ability to determine good from bad, and humans from ‘bots. The impact of this is huge, as it changes the way we build, monitor, authenticate, and respond.
With the rise of skilled, resourced attackers, defenders must accept the very best sources of intelligence and defense, and the vendors are certainly rising to the challenge. A lot of the vendors I would have traditionally considered specialist fraud are bringing their technologies and applying to broader challenges in InfoSec. I am seeing more evidence of convergence in many areas.
It’s not AI unless it will talk to me
There was a significant buzz around advanced analytics and machine learning, with vendors applying these techniques to understand human behaviour, both internally and externally. For a long time we’ve seen very little interest in actually detecting and responding to the insider threat apart from after-the-fact forensics.
Particularly interesting are the vendors who are crossing the channel gaps – picking up interaction data from web, mobile, and even voice transaction (coupled with analysis of key semantic and sentiment) to determine trader malfeasance, employee fraud, abuse of privilege and of course violation of corporate policy (time to remove that web-based file sharing app!).
While there’s always a lot of heat (as well as light) generated in the AI space, we seem to be seeing solutions that have real-world potential.
Cybersecurity – one more entry in the software defined pantheon
For some time, DevOps and Cybersecurity have eyed each other warily, and now a meeting of minds appears to be in place, with innovations to represent CyberSecurity as a software defined model. This is of course interesting as we move more and more to cloud, and it is likely to lead to increased agility in responding to advanced threats, allowing increased automation and machine-controlled rapid response.
Israel is the new Silicon Valley for Cyber
While I was pleased to see Britain’s representation sponsored by the Department for International Trade and there are some really exciting innovators coming out of this small island, there is no denying the incredible sense of mission that comes from Israel, with a knockout powerhouse combination of government, investment and academic drive. With some 450 vendors originating there, and 26 occupying a third of the expo floor, it was striking how much exciting technology is coming from this area. Venture firms internationally are clearly aware of the potential of the region, and its unique combination of talent, money and chutzpah.
2017 promises to be a great year. This was an exciting start.
Additional Resources
Read Complimentary Relevant Research
Top Strategic Predictions for 2019 and Beyond: Practicality Exists Within Instability
Technology-based change is happening continuously, and most organizations struggle to see the change in advance. Continuous change can...
View Relevant Webinars
...
Category: cybersecurity machine-learning
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.