Lessons from RSA 2019: The year of man/machine symbiosis
As I traveled home looking back on a very productive week at RSA, I’m already wondering what next year will hold.
It’s easy to see how some folks might feel a bit overwhelmed at a conference like RSA… the show reconfirms what I said last year: “There is no shortage of technology!”
The best advice I can offer new attendees is to create a “show plan” in advance, and then work your plan. Decide which vendors you want to visit, which keynotes, discussions and panels you want to attend, and then stick to the plan. (I can hear the voices now: “That’s great, Tim, but I could have used that advice a month ago!”)
And for those who attended last year, you may recall the construction mayhem around the North and South Halls. That was all wrapped up this year, and there was a new path between the two halls that doubled as one continuous stream of exhibitors.
But enough about the mechanics of the show. Let’s shift gears and take a look at the themes I saw this year as I engaged in great conversations and listened to what others had to say.
First off, there was no denying that people continue to be concerned about the cloud. Front and center in those conversations was how to gain clear visibility into the operations of the applications, assets and resources that have been deployed or will be soon. And, most encouraging to me, people were raising the issue of security controls without me having the prompt them.
The reason I find this encouraging is that it shows how people are finally starting to grow concerned about the less-than-adequate security controls in the cloud. People also raised a variety of other cloud concerns, including:
- Shared cloud models
- Security ownership
- Alignment of DevOps with security
- Cloud skillsets
- Resource constraints
- Application/storage performance
The cloud visibility theme was widespread across the expo floor, with many exhibitors proudly displaying their capabilities for ending everyone’s worries. What I felt was missing, however, was a consistent theme that included a holistic view across the hybrid infrastructure. This came up often in my conversations as people expressed their desire for a centralized view that paints a complete picture (the proverbial “single pane of glass).
Another point of encouragement for me was seeing more than one exhibitor advertising platforms to assist in the software development lifecycle process (SDLP). This is a growing area of concern, as companies attempt to align DevOps and security. I took particular note of Synopsys promoting its Polaris Software Integrity platform used to integrate security into the SDLP.
The final theme I’ll mention, although there were many others, centers around the concept of humans and machines working more closely together.
During Tuesday’s keynote presentation, RSA President Rohit Ghai said one of the most significant advancements that will occur over the next four decades will be humans and machines working in union to solve the problems that face the planet. Rohit labeled this union as “trustworthy twins,” where the power of human creativity merges with machines’ ability to comb through mountains of information to find answers.
After the presentation, I ventured off to the showroom floor to find an example of something approximating this vision. As I waded through the aisles of hyperbole-mania, I came across a dear old friend, Microsoft. What I found was something being promoted as the first cloud-native SIEM with built-in AI-driven analytics, called Microsoft Azure Sentinel.
Microsoft claimed the new product would reduce the burden of sifting through an endless ocean of alerts by using scalable machine learning to correlate millions of low-fidelity anomalies, to present a high-fidelity security incident that should be given appropriate attention.
This fit Ghai’s presentation perfectly – a machine working in unison with humans to solve a problem: accurately identifying investigation-worthy security events. This does not replace humans – it replaces work that humans should not be doing (manually processing false positives), so they can be more effective in their jobs.
There you have it! My very quick take on an exciting annual event that brings so many bright minds together for a full week of live debate, problem solving and networking. There are so many other things I didn’t even touch on, such as IoT, risk, GDPR (a year later), endpoint security, and the growing cybersecurity skills gap…but that gives us a nice list of topics to talk about next time.