That’s a Wrap – RSA Conference 2019

Dan Lamorena

Another RSA Conference is in the books.  The remodel of Moscone is finally complete, and not only was there more exhibit space than ever before, the ability to walk between the North and South Halls made the space more open and less congested than in prior years.

Amid the dizzying array of technology, there were some interesting announcements during the show.

Chronicle, a Google Alphabet company, announced Backstory, which appears to be another entry into the cloud-based SIEM space. Promising better performance, it also might shake up the space by not charging for storage used, but rather by employee count, clearly targeting folks like Splunk who have been hearing complaints over the rising cost of storage.

Perhaps one of the biggest news items was the United States’ National Security Agency’s release of Ghidra – a reverse engineering malware tool. Security researchers largely lauded the move, which will give the good guys easier access to technology for analyzing bad guy code. Perhaps most interesting of all, the NSA also announced it was going to open source the tool.

IoT Security Challenges were everywhere, with new research showing that most devices in our homes and offices have vulnerabilities that hackers can exploit to gather data from the device, or to hop onto your network in search of critical information to steal. Threatpost wrote a good story on this trend.

Visibility isn’t only a problem in the IoT/OT space; it’s also a major problem for security operations teams trying to get a handle on what their organizations are doing in the cloud.  by FireMon announced a new solution addressing this visibility problem, Lumeta CloudVisiblity.  You can learn more about a free trial here.  Given that the internet was designed to be open and most new software development is open sourced by design, organizations need to ensure that Zero Trust is applied as all devices should be deemed untrustworthy until proven otherwise.  Proper microsegmentation is a must and ensuring compliance is as much a visibility issue as anything.

Finally, one couldn’t walk the halls and talk to people without realizing how many smart people are working on different elements of the cybersecurity puzzle, however there are still no common frameworks to bring these solutions together.  The key is real, open APIs and tighter integration to share data across platforms.

Until next year…