HIT Think

Why securing info in the cloud loomed large at RSA 2019

As I traveled home looking back on a very productive week at the 2019 edition of the RSA Conference, I’m already wondering what next year will hold.

But there's plenty to consider about what was presented at this year's show in San Francisco. Let’s shift gears and take a look at the themes I saw this year as I engaged in great conversations and listened to what others had to say.

First off, there was no denying that people continue to be concerned about the cloud. Front and center in those conversations was how to gain clear visibility into the operations of the applications, assets and resources that have been deployed or will be soon. And, most encouraging to me, people were raising the issue of security controls without me having the prompt them.

HDM-121517-Cloud.png

The reason I find this encouraging is that it shows how people are finally starting to grow concerned about the less-than-adequate security controls in the cloud. People also raised a variety of other cloud concerns, including:

  • Shared cloud models
  • Security ownership
  • Alignment of DevOps with security
  • Compliance
  • Cloud skillsets
  • Resource constraints
  • Application/storage performance

The cloud visibility theme was widespread across the expo floor, with many exhibitors proudly displaying their capabilities for ending everyone’s worries. What I felt was missing, however, was a consistent theme that included a holistic view across the hybrid infrastructure. This came up often in my conversations as people expressed their desire for a centralized view that paints a complete picture (the proverbial “single pane of glass").

Another point of encouragement for me was seeing more than one exhibitor advertising platforms to assist in the software development lifecycle process (SDLP). This is a growing area of concern, as companies attempt to align DevOps and security. I took particular note of Synopsys promoting its Polaris Software Integrity platform used to integrate security into the SDLP.

The final theme I’ll mention, although there were many others, centers around the concept of humans and machines working more closely together.

During Tuesday’s keynote presentation, RSA President Rohit Ghai said one of the most significant advancements that will occur over the next four decades will be humans and machines working in union to solve the problems that face the planet. Rohit labeled this union as “trustworthy twins,” where the power of human creativity merges with machines’ ability to comb through mountains of information to find answers.

After the presentation, I ventured off to the showroom floor to find an example of something approximating this vision. As I waded through the aisles of hyperbole-mania, I came across a dear old friend, Microsoft. What I found was something being promoted as the first cloud-native SIEM with built-in AI-driven analytics, called Microsoft Azure Sentinel.

Microsoft contends that the new product would reduce the burden of sifting through an endless ocean of alerts by using scalable machine learning to correlate millions of low-fidelity anomalies, to present a high-fidelity security incident that should be given appropriate attention.

This fit Ghai’s presentation perfectly—a machine working in unison with humans to solve a problem, specifically accurately identifying investigation-worthy security events. This does not replace humans—it replaces work that humans should not be doing (manually processing false positives), so they can be more effective in their jobs.

There are so many other things on the menu at the RSA Conference that I didn’t even touch on—such as IoT, risk, GDPR (a year later), endpoint security, and the growing cybersecurity skills gap—but that gives us a nice list of topics to talk about next time.

For reprint and licensing requests for this article, click here.