Next Monday marks the start of RSA Conference 2019, where a projected 50,000 vendors and practitioners will descend on the Moscone Center in San Francisco. The theme for the conference this year, “Better”, is an interesting one and the description that RSA gave is even more so:
When it comes to cybersecurity, what defines better? New tools for building stronger walls? Sharper algorithms for predicting risk? AI and machine learning to help outsmart cybercriminals? That’s certainly part of it. Technology always has to move forward. But it’s not the only answer. Ensuring a brighter future requires all of us—everyone from the C suite to those of us on the front lines—to be better today. To stay on top of the latest threats. To put in the extra hours. To make security a top priority. And most importantly, to never forget the fundamental reason why we’re here: to help ensure a more secure world so others can get on with the business of making it a better one. This collective desire to do more is the mission of RSA Conference. We come here to experience better solutions, brainstorm better ideas, and remind ourselves that a better, safer world is ahead when we have the drive, the strength and the vision to work together to create it.
The theme this year is a rallying cry for the information security industry - yes, each facet of security can improve: tools and solutions can become smarter, processes can be improved, people can be trained, but one without the other is not enough.
A glance at the RSA agenda points to this integrated approach even further - with a history of hands-on technical sessions, there are a growing number of sessions focused on behavioral engineering. As the industry understands, oftentimes the lagging factor for security is the human interactions themselves. It doesn’t matter the strength of the firewall or the complexity of the algorithm powering an endpoint solution, without a risk-aware culture and proper education events will continue to occur.
The tools to become Better
The exhibition hall is a tentpole to RSAC - swag, product demos, and product launches as far as the eye can see. If a critical aspect of becoming Better is a holistic, integrated approach to security then what solutions should we be on the lookout for? It all converges on integrated risk management.
IRM: The path to Better
As we’ve seen with two of the latest acquisitions in the IRM/GRC space, legacy GRC products are concerned - the modular, heavily configured solutions are not delivering the value necessary for a Better information security program. Catalyzed by the rise of digital business, and the new forms of risks and threats that come with it, checkbox compliance is no longer sufficient. The static assessment process that many programs have used and managed with spreadsheets for years is not Better. Better is the intersection of people process and technology to secure an organization and articulate these new risks in ways that non-technical leaders can understand and find useful.
A Better solution is accessible, from (as RSA puts it) everyone from the C suite to those of us on the front lines. For many management solutions today, the fragmented approach is dis-empowering. To achieve a Better program, the solutions that leaders choose must provide visibility from the C suite to those on the front lines.
A powerful trend for the past few years of RSAC has been the rise of smarter solutions that leverage AI and ML to augment security teams. While leaders have seen this as a two-fold value proposition i) the ability to glean insights that would take weeks of human effort in a matter of minutes and ii) a stopgap for the cybersecurity skills gap, allowing the already overtaxed cybersecurity personnel to do more with less. A single pane of glass solution empowers the integration that RSA’s Better call to action demands.
We are excited to be headed to San Francisco to exhibit the CyberStrong IRM solution, stop by booth #1641 in South Hall and see a Better risk and compliance solution next week.