6 key takeaways from RSA Conference 2020

This past week I attended the RSA Conference in San Francisco. If there is a key takeaway from this year’s RSA Conference, it’s that the industry and the interest—nay, the need—for cybersecurity solutions to protect and defend the valuable assets of today’s enterprises continues to grow. In fact, according to IDC, investment in cybersecurity is on track to surpass $133 billion in 2022. The industry is booming.

The RSA Conference is one of the largest single global cyber security events to date, and like Mobile World Congress, it somehow continues to grow each year. Unlike Mobile World Congress, it actually took place amidst the growing concerns for coronavirus.

Accedian at RSA 2020

From the conversations I had and the time I took to wander around the show floor, taking in sessions as I could, I compiled a list of the 6 key emerging trends I took away from the conference:

  1. There was a big emphasis placed on artificial intelligence (AI) and machine learning (ML) in cyber security. But one must not forget that visibility across hybrid IT and cloud assets is still essential to ensure the right data is obtained to model and analyze. 
  2. AI is being applied to behavior-based threat detection. But even threat intel feeds, which are more signature-based, are leveraging analytics to reduce the false positive noise and provide context around threats.
  3. The same technology is utilizing analytics to dive deeper into their data.
  4. Complementing endpoint and perimeter security solutions with intrusion detection systems is gaining traction—with the average cost of a data breach in 2019 coming to a whopping $3.92 million, I’m not surprised.
  5. More discussion around containers and microservices are happening for efficient utilization of resources.
  6. The biggest challenges continue to be a short supply of trained security professionals, with 68% of business leaders feeling cybersecurity risks are increasing. These professionals are dealing with the double-edged sword of AI/ ML …the benefits of AI/ML for speed of computation but also the false positive noise of ML alerts because ML and AI are never 100% accurate so every percent of inaccurate detections translates into an order of magnitude of false-positive noise. 
  7. Bonus: It takes an ecosystem of solutions to compete effectively against threat actors who are well funded and organized, we need to be organized and prepared also.

Bringing all these trends together, one main factor we need to emphaze is the marriage between machines and humans. Machine-accelerated human response to threats is the best balance between allowing machines and human brains to function where each is best-suited. Stuart G. Walesh’s quote, “The computer is incredibly fast, accurate and stupid. Man is unbelievably slow, inaccurate and brilliant”. More of an emphasis on investigation workflows are needed that really help guide the SecOps teams and IT users to the best steps and better-correlated views is critical.

To better prepare you for the growing threats lurking outside your network (and looking for a way in), our partner Splunk just added Accedian Skylight powered Security to their Splunk Security Essentials package. You can get it for free here.