RSA 2017: The Trends Demanding a Software-Defined Perimeter
The largest gathering of security professionals is happening right now in San Francisco. There are several trends at the RSA Conference worth reporting on. From cloud security to malware prevention and the software-defined perimeter, here’s what we think every security professional in 2017 should know about.
1. Cloud security
This is more than a trend. Cloud security continues to dominate the stage – how to secure hybrid environments and ensure compliance (a main topic Cryptzone addresses at Booth: S407). There are clear security challenges facing organizations in the cloud arising from combining native IaaS access controls with traditional network security tools. The Cloud Security Alliance announced new research into the topic that explains these challenges and how a Software-Defined Perimeter approach can be applied to Infrastructure-as-a-Service environments.
2. The Software-Defined Perimeter (SDP)
Enterprise Strategy Group’s Jon Oltsik defines SDP as a “means of connecting users and devices to network services using attribute-based access controls and continuous risk scoring.” Read ‘Why a Software-Defined Perimeter for more information’. This is a HOT topic because attendees are struggling with how to secure access to their hybrid environments while ensuring compliance.
3. Network security analytics
Last year we saw a lot of startups in this space at the show. This year, we see even more activity. Network security analytics help organizations navigate cyber-attack kill chains based upon suspicious network activity. Analytics provide important input for monitoring the behavior of critical data assets, endpoints and users. Many large vendors are integrating analytics solutions as part of their security incident and event management (SIEM). Soon Cryptzone (as part of its new entity) will have a story to tell here as well.
4. Malware Prevention
A tried and tested means for attackers accessing the network, at RSA this year, a lot of the discussion has been on how to prevent malware from getting into the network – and then spreading. Just consider Microsoft’s finding that an attacker can be present on a network for more than 200 days before being detected – lurking and learning.
This year has seen massive breaches because of it and it’s only due to continue. Attendees want to know how to prevent it – and we believe it’s about not letting malware get on the network. And if it does, that it can’t spread. Keeping your network secure includes securing access to resources by making the network invisible to people who are not both authorized and authenticated based on context.
5. DDoS Attacks
They will continue and only get worse. We saw a lot of these type of attacks in 2016 – Trump hotel website, Sonic (ISP in CA), Emsisoft, and Lloyd’s Bank to name a few.
6. AWS Security
As the leader in for cloud, AWS offers many benefits. But it can also cause operational complexity. At RSA, we’ve been discussing the benefits of how a Software-Defined Perimeter can help reduce this complexity.
7. Politics, politics, politics
The trend from nearly all of yesterday’s talks and discussions on the expo floor – politics and cyber security – mainstream conversation that’s helping to increase security awareness.
There are two days left at RSA. Make sure to stop by the Cryptzone booth S407 to learn more about a Software-Defined Perimeter or to see if your network is invisible. Not at RSA? Let’s chat after the show!