What’s the Buzz in the InfoSec and Cloud Community

August 16, 2016 |
Decorative image of cloud on a keyboard

Over the last two week’s I’ve spent my summer at Black Hat in Vegas and the AWS Summit in New York. An interesting cross-sector of security and the cloud, I asked the people I spoke to “what’s hot?” The responses from both events – very similar.

I asked multiple attendees and vendor personnel what they thought the top keyword phrases were at these events and here are the results of my unscientific survey. Three stood out:

 

  1. Security Analytics
  2. Orchestration
  3. Endpoint Security

There was also significant buzz around Apple’s invitation-only bug bounty program (Apple will now pay for vulnerabilities found in certain aspects of iOS and iCloud). Let’s first touch on this announcement. While it initially sounded like a major announcement that “could help convince researchers to disclose problems to Apple and remain mute until the bugs are patched,” it’s limited to researchers with an existing relationship with Apple, so not exactly an open invitation for ethical hackers. These select researchers could collect fees up to $200,000, depending upon severity and category. Maybe this is the first step in a positive direction.

On to the List… First up Security Analytics

Top of the list for popular keyword phrases both on booth graphics and in discussions was security analytics. Needing no definition, the industry is embracing the notion that we can’t successfully remediate without meaningful analytics. Somewhat lost in this discussion is the idea that organizations of any size should focus first on preventative measures and that security analytics are all too often all about “what has happened” and not enough on spending to “prevent breaches.”

Orchestration

Next phrase: Orchestration. According to TechTarget’s SearchITOoperations, “to orchestrate something is to arrange various components so they achieve a desired result. In an IT context, this involves combining tasks into workflows so the provisioning and management of various IT components, and their associated resources, can be automated. This endeavor is more complex in a cloud environment because it involves interconnecting processes running across heterogeneous systems in multiple locations.” While a good definition, those interviewed at both events spoke of orchestration as being important to correlate and enrich security analytics, essentially intelligently collecting and meaningfully reporting on disparate security data to make good, quick decisions around remediation.

Among vendors productizing the phrase, CloudLock, recently acquired by Cisco, has a product called the CloudLock® Cybersecurity Orchestrator that is an “API-driven solution that aggregates data feeds across existing IT infrastructure to enrich security intelligence and harmonize data protection across on-premises and cloud environments for unprecedented insight and control.” It seems that security analytics that are successfully “orchestrated” will provide the most relevant data to organizations. IntelSecurity also provided several pieces of collateral at Black Hat that address “orchestrating incident response.”

Endpoint Security

The final keyword phrase with the most popularity was Endpoint Security. While several attendees and vendors indicated that this was a hot topic, one of the most dynamic demonstrations at both events could be found at Cylance’s booth. They promote their endpoint product as the only solution that “blocks threats in real time BEFORE they ever cause harm. Good. Now we’re talking… A solution that’s “prevention-focused” versus “after the fact.”

Tweet: As security solutions evolve, the focus needs to shift to prevention to address enterprise security @Cryptzone http://ctt.ec/dfILa+

What will be interesting to track over the next several months is whether we see an increased awareness and buzz around preventative versus analytic and orchestrative solutions. Analytics and orchestration are no doubt important, but as security solutions evolve, the focus, in this author’s view, needs to shift to prevention to meaningfully address enterprise security needs.

Hide All Network Resources a User is Not Authorized to See. Get the white paper.

Back to Blog Home

Philip Marshall

As Cryptzone’s Director of Product Marketing, Phil Marshall brings over 14 years of experience in both product and services marketing as well as 10 + years experience in the high-tech publishing space with publications including Dr. Dobb’s Journal and Byte magazine. Prior to joining Cryptzone, Phil worked at security firms Rapid7, Positive Technologies and RSA. He also was a Senior Product Marketing Manager at Black Duck, the leading open source governance and management firm.

A speaker at recent (ISC)2 conferences and ISACA, he’s participated in numerous webinars, in panel discussions and presented on topics including Identity Security, Application Security and Open Source Governance and Management.

Marshall earned a BA at Bates College and an MBA, cum laude, at the F.W. Olin Graduate School of Business at Babson College.

Leave a Reply

Your email address will not be published. Required fields are marked *