Here is my traditional RSA (#RSAC) reflection post for RSA 2015 Conference – all my personal opinions/impressions/thoughts, of course.
Keyword of the year: ADVANCED. Nearly every booth had something advanced – analytics, malware, system, attacks, algorithms, threats. So, 2015 – the Year of Advanced Security Something?
Other common themes: I’ve noticed visibility, focus on the endpoint, “the attacker will get in” theme, etc.
Surprise of the year: Fuzzy product category boundaries – and getting much fuzzier still [more on this below].
The “advanced” theme made me realise that there is now “malware” (1), “advanced malware” (2), and “no, really, this is seriously advanced advanced malware” (3).
Stopping malware is easy (=just run AV), stopping advanced malware is …ahem… also easy (=just run sandboxing/whatever), but the real challenge is this last category of “no, really, this is seriously advanced advanced malware” …
Things I did expect to see – but didn’t see a lot of:
• Deception – yeah, there was a vendor or two that I know uses/focuses on deception and honeypots, but it was not in your face at all.
• IoT / OT security – I was coming to RSA this year with fear in my heart that it will be the year IoT security hype emerged – and it hasn’t [yet].
• Compliance – I am sorry guys, but RSA this year made me think that “compliance is dead” [in the hype/theme/meme sense, regulations of course remain]; the number of security vendors that that flat out don’t care about compliance is pretty amazing; moreover, compliance used to be a DRIVER, but now it is often a SILLY PUT-DOWN (“ah, that vendor technology? heh, its just for compliance….”)
• Security for DevOps – this one is probably easy to explain since this is not about box sales, but about processes and people.
Also, mobile security / mobility was no longer an overwhelming presence; definitely there but not everywhere.
There was, it seems, more CASB (for “bolt-on” cloud security – because don’t we all love bolt-on security?!), more IR (that made me happy!), more traffic capture / network forensics, etc.
Things I really didn’t expect to see – and they really were not there:
• Insider threat – seriously, nobody cares; there was a tiny bit of that mentioned by some authentication vendors, but who goes to those booths, really? :-)
Now, let’s get back to my surprise of the year – fuzzy product categories.