What We Learned at RSA 2018
We were excited to meet so many of you at RSA 2018 last week. Security and IT leaders from all sorts of industries stopped by our booth, but one thing we noticed was that the same questions came up, no matter what type of business a visitor worked for.
We expected some of the questions, especially the ones about IoT and GDPR. Those things are top-of-mind for technology leaders right now, thanks to recent events like the Mirai botnet and the upcoming deadline for GDPR.
Cryptocurrency was another issue we were frequently asked about. One of the speakers, Johannes Ullrich, talked about the threat imposed by crypto mining, where hackers break in not to steal data, but to steal processing power by installing coin mining software.
That doesn’t mean the heat is off your data. Another speaker, Ed Skoudis, talked about a new strategy used by criminals, where they collect and compile data from many sources in order to create a complete profile of a business’s strengths and weaknesses, which they then use to plan an attack or sabotage an organization’s mission.
Security Breaches Continue to Make News
As professionals responsible for protecting our organizations, we all get a little excited about trending threats. We’d rather they didn’t exist but they do, and they keep our jobs interesting. But a lot of our visitors had a concern that shows one of the biggest battles we face isn’t hackers, but our own organizations.
A question we heard a lot is, “How can I help my organization understand the need to prioritize security?” Every security professional knows the odds are stacked against us; as so many of us like to say, a hacker only needs to be right once, but we need to be right every time. And by now, when breaches regularly make headlines in popular news sites for everyone to read, we’d expect our organizations to understand how high the stakes are. Yet breaches continue to make news.
At the same time, despite the headlines and companies’ efforts to publish information security policies and require security awareness training, insider threats continue to be a problem. No news there. Maybe after a few more RSAs have gone by, people will have grown more alert to the threats in their inboxes and on their phones, but for now, it looks like the only solution to insider threats is a technological one.
And there’s a new issue that many of us will be facing in the next few years: the perception that the security team is a roadblack to digital transformation.
The Role of the Security Team in Digital Transformation
Digital transformation has gained traction and is growing at a rapid pace. Spending on Digital Transformation Technologies to Reach $1.3 Trillion in 2018, which demonstrates the level of commitment businesses have to moving their operations onto the internet—and explains why so many people at RSA were talking about it.
This should be our time to shine, shouldn’t it? What team is more important to helping businesses run digitally than the security team? Yet we often find ourselves perceived as obstacles to agility.
So one of the biggest challenges security teams will face in the next few years is how to balance the defense of our organization’s networks and data against the defense of the business’s overall competitive position.
Have a Safe Year
Thanks to everyone who visited our booth and came to our demos. We hope to see you next year, but in the meantime, threats are going to keep evolving. If you have questions about the future of security, contact us to talk to one of our experts.
Learn more about DDoS Protection, SSL Visibility & Secure App Delivery.