CSPI...CSPi's takeaways from the 2020 RSA Security Conference...
This year’s RSA Security Conference was a rousing success, even with the onslaught on Covid-19. During our time at the show there were a number of interesting cyber security trends that we observed and wanted to share. As you continue to plan for 2020 and consider your overall security strategies, you may want to consider these top priorities.
Our Takeaways from the 2020 RSA Security Conference This year the RSA Security Conference began somewhat ominously, as the Coronavirus breakout resulted in the cancellation of the Mobile World Congress in Barcelona and Facebook’s global marketing summit in San Francisco.
RSA security was also affected with just over 1% of attendees canceling their registration amidst the reduced presence of key sponsors, including IBM Security, AT&T Cybersecurity, and Verizon. The irony was not lost on cyber security professionals—the rapidly increasing virus threat impacting the day-to-day of security professionals.
Even still, as thousands of IT security professionals descended on San Francisco for the annual conference, many top trends quickly emerged from keynotes, panel discussions, and vendor announcements. Many of these aligned with what we saw late last year, but many also offered a slightly different take.
Here are the top cyber security trends we saw from this year’s RSA Conference:
Cybersecurity moves to the boardroom
As threats become more material and consequences compound with GDPR, the California Consumer Privacy Act (CCPA), and even more complex compliance requirements looming, board members are spending more time discussing what their companies are doing in relation to a cybersecurity strategy.
Given the complexities outlined above along with the intricacies of a hybrid and flexible environment to secure it requires deep conversations. This forces the technical professionals, that deal with network and data issues on a daily basis, the business leadership and the business-minded board members to find a common language. This can be challenging because the issue isn’t just about the technical aspect of securing IT infrastructure and risk mitigation but is also about assessing and communicating the level of risk; it’s also about being able to characterize the risk with a business posture aimed at the competitive market. Security leaders need to bear more responsibility than ever to the organization’s success.
Related resource: To learn how you can improve your ability to comply with even the most challenging data privacy regulations, download our How-to Guide: “Successful Data Compliance” today.
Reputation is the target du jour
At one time businesses focused on protecting their networks and data assets from physical criminal threats such as theft. But now more often than not the focus of cybercriminals is maximizing business disruption, from damaging brand reputations to stirring economic fallout, as many discussions pointed out. Once inside the cybercriminals spend a considerable amount of time in the network causing damage and remain invisible to the affected organization.
This means relying on traditional tools that mostly focus on perimeter protection and the monitoring of what is moving in and out of the network is not enough. Organizations need to place more emphasis on understanding and monitoring how data moves in and out of the organization—east-west and north-south—and make sure they have complete visibility into all network traffic.
Security can be all work and some play
One of the more fascinating stories from the RSA Conference involved Target’s director of enterprise incident management Erin Becker. In her session, "Enterprise Incident Management: How to Get Everyone Ready for a Crisis,” Erin described the War Games approach Target now uses to prepare associates for a range of cyber-attack incidents.
Some so real, in fact that executives have mistaken them for the real thing. Given Becker’s enthusiasm for how the games prepare Target for worst case scenarios, it will not be surprising to see other enterprises adopt a similar posture.
Related resource: We recently described the Target breach (and how it could have been avoided) in our blog, “What Do the Worst Data Breaches Have in Common?”
DevSecOps continues to move to the forefront
Application development security was once thought of as a future state or idealistic vision for most organizations. But hot topics at RSA clearly indicate DevSecOps is a priority for more organizations than ever before, and something they consider critical to present efforts.
It is not just a technology consideration however; as many pointed out, success requires a cultural change and a willingness to adjust how developers think, act and behave.
Related resource: To learn more, download our white paper on the subject, “How to Secure DevOps Across Any Environment.”
Innovative cyber-security solutions
As you can tell, evolving cyber-security trends continue to force the entire industry to adapt. Yesterday’s tools and approaches simply won’t work with increasingly sophisticated hackers and modern new threats. Instead, today’s cyber security professionals need innovative new tools capable of overcoming past flaws and helping them protect their company.
ARIA Cybersecurity Solutions agrees with this mindset, which is what led us to develop the ARIA SDS platform and related solutions. We will continue to provide these types of industry updates, and describe how our cyber-security solutions are well-positioned to help any organization gain the upper hand on potential attackers. To learn more, please visit our solutions portfolio page today.
About ARIA Cybersecurity Solutions
ARIA Cybersecurity Solutions recognizes that better, stronger, more effective cybersecurity starts with a smarter approach. Our solutions provide new ways to monitor all internal network traffic, while capturing and feeding the right data to existing security tools to improve threat detection and surgically disrupt intrusions. Customers in a range of industries rely on our solutions each and every day to accelerate incident response, automate data breach detection, and protect their most critical assets and applications. With a proven track record supporting the Department of Defense and many intelligence agencies in their war on terror, and an award-winning portfolio of security solutions, ARIA Cybersecurity Solutions is committed to leading the way in cybersecurity success. https://blog.ariacybersecurity.com/blog/our-takeaways-from-the-2020-rsa-security-conference
CSPI...And not to forget Juniper Networks...This is from Juniper's website...
JUNIPER, ARIA JOINT SOLUTION PRIORITIZES EVENTS TO QUICKLY IDENTIFY ATTACKS
Detecting and stopping cyberattacks as soon as possible is critical to minimizing damage. Network monitoring plays a critical role in the process, detecting compromise events before they have a chance to spread. With the joint Juniper Networks® Secure Analytics-ARIA Packet Intelligence solution, organizations can detect and mitigate threats faster than ever. Successful threat detection requires the broadest possible network monitoring capabilities combined with advanced analytics. Just as important is the ability to work with existing infrastructures. Cybersecurity solutions that require rip-andreplace implementations fragment existing monitoring and event correlation capabilities, limiting their effectiveness. Juniper Secure Analytics and ARIA Packet Intelligence (PI) work together to help organizations rapidly detect threats by working with the infrastructure organizations already have in place............ ................................................................. (5 page PDF file but I'll skip to the meat and potatoes)...
- Conclusion Organizations of all sizes are struggling with detecting, quarantining, and resolving compromise events before they spread. With Juniper Secure Analytics and ARIA Packet Intelligence, it is now possible to identify and react to threats in seconds—a significant change from the minutes, days, or in some cases months that are the current industry norm. This solution, unique to the market, combines Juniper Secure Analytics and ARIA Packet Intelligence capabilities to increase the detection of network-borne threats that are normally missed. Juniper Secure Analytics and ARIA Packet Intelligence allows organizations to accomplish all this without requiring a rip-andreplace of existing cybersecurity capabilities. Building on the Juniper Connected Security strategy, this joint offering allows organizations to realize maximum value from their existing investments, improve their cybersecurity posture, and meet the most difficult regulatory requirements more cost-effectively than ever before. https://www.juniper.net/assets/uk/en/local/pdf/solutionbriefs/3510667-en.pdf
News 
Market Data 
Discover 
