RSA Conference Recap: Day Two
On wrapping up day two of RSA Conference, we sat down with Carl Leonard, Forcepoint Principal Security Analyst, and asked him about he’s seen and heard:
Many of our conversations have been focused on threat intelligence and we’ve found that those we’ve spoken to don't have the skills and capabilities to know what it is they’re looking for exactly. Instead, they want a partner who does so they can get back to focusing on their business. It's very clear after the past couple of days that established and potential customers see the value of the data we have. Our threat intelligence takes time and resources; it's not something that can be built today and understood tomorrow. This ties to a pain point we see across the industry: a clear desire to find the right type of person to offer value to an organization when it comes to security. This makes competition between highly skilled individuals very intense. However, most organizations find investing in a solution that buys into a skill set more economically sensible.
We've also seen a trend that the malware market is being disrupted. Currently, the marketplace is saturated with stolen data and therefore the economics don't make sense for cyber criminals anymore. As companies increased the barrier to entry on their networks, malware authors and cyber criminals quickly moved to something else. We can see that very explicitly with Locky ransomware. Tomorrow, malware authors may change their attack methods again. Organizations have to be not only agile, but informed with the right threat intelligence to change methods to combat new attacks.
Attendees to the Forcepoint boot have also been asking questions about data aggregation. Many have multiple systems providing different and disparate info which they want to consolidate. They have the systems, but it they're still missing the mark. Similarly, with threat intelligence, you can't simply start data aggregation today and expect to see the results tomorrow. It takes time.
Data theft technologies are another hot topic. People are starting to recognize that it's not always what's getting into your network so much how important it is to see the data flowing out. We've seen this across the show floor with vendors focusing on solutions addressing the insider threat.
Lastly, many companies have to consider local rules and regulations, resulting in compliance being another top focus for conference attendees. As the nature of technology business is global, we’re seeing a lot of compliance with an emphasis on 'Think local to be global.'
Check back tomorrow for a recap of day three!