RSA 2019: Emerging threats, Zero Trust, DevOps and more . . .our view

RSA 2019 is two weeks old and now that we have had time to digest, the planning for 2020 begins. What did we learn that will help you in your roles in the coming year?

First off, I don’t envy you.  When I looked around RSA 2019 at the sheer number of vendors and security products, it was overwhelming.  It made me wonder, how do you focus on your biggest challenges? Are nation state actors your biggest threat or is it the guy or gal on the inside who mistakenly pushed a change they shouldn’t have or configured a server incorrectly?  Are your biggest challenges coming from a lack of resources or from trying to tie DevOps into your security ecosystem?  Or, maybe it’s the auditor breathing down your neck. In any case, here are a few takeaways from our view of RSA 2019.

A strong trust landscape was a theme throughout the conference, beginning with the keynote speech from Rohit Ghai, RSA President. The conference also brought discussions on everything from emerging threats, like cryptojacking, ransomware, social engineering and IoT, to nation state attacks and what should be keeping us up at night.  But it was not all doom and gloom. Many themes centered around narrowing down the security stack and focusing on what is foundational for your organization to contain the attacks as they continue to grow in their sophistication.

I surveyed some of my colleagues about their takeaways:

Reuven Harrison, Tufin CTO

My main observation was that Security people are starting to realize the opportunities for improved security by "shifting left." DevOps Security (or DevSecOps) is happening and it's big judging by the increased number of vendors in this space exhibiting at RSA with a focus on the enterprise.   I conducted a session similar to this one "DevOps and Security, Friends or Foes" which speaks to this topic.

The other theme is that “automation” is now ubiquitous as everyone not only wants but needs to automate their security.  When I spoke about security policy management and automating change processes across the entire environment from on-prem to the cloud and containers, lightbulbs went off where companies could see how important this foundational layer is to their security.  When I look at both themes together, I am observing that DevOps security is just another level of maturity when it comes to security policy automation.

Pamela Cyr, SVP Business Development

It’s a well-known fact that women are grossly underrepresented in that cybersecurity field, so I was happy to see that all of the keynotes I attended were either delivered by women or co-presented with a woman.  Additionally, the number of sessions led by women had increased this year as well.  As a 20+ year attendee of the RSA conference, I was thrilled to see a higher representation of women at RSA than in past years. With a noted lack of women in cybersecurity, RSA Conference organizers took a big step forward by urging sponsors to send more keynote speakers from diverse backgrounds and issuing a mandate to its advisory board to make diversity and inclusion a major focus of the RSA Conference moving forward.  

 (* Note: Tufin is proud to say we are striving to do our part and that 38% of our R&D staff is women!)

In addition, like Reuven, I also see that there is a big opportunity to build security into DevOps and achieve true DevSecOps. We can all be a part of enforcing a new way to build secure applications from the ground up.  If not now, when?  Let's not repeat the mistakes of all the past application development transformations we have witnessed.

Joe Schreiber, Technical Director

There was a lot of talk about “trust”, as mentioned in Rohit Ghai’s keynote speech. Whether it’s in relation to identity, data stores, or task completion, the focus is leading a push away from traditional authentication.  We must also give thought to the chain of trust that is built between these services and products, a compromise in this chain can turn it into a whipsaw causing interruptions, data loss or worse.

The number of vendors at RSA and the wide gamut of problems they purport to solve make it even more important to have specific security strategy for your organization or business unit.  There were too many competing strategies and dependent groups of integrations to rely on a single vendor ecosystem.  Orgs should take advantage of this opportunity of choice and solidify their approach whether it is Zero-Trust, Shift-Left, Positive Security or other.

Erez Tadmor, Director of Product Management:

We can’t defend against everything, so the need to follow a strict, well defined policy becomes critical. For me, RSA proved that there is definitely a trend to try to rid organizations of the security silos.  It was notable and inspiring to see how different vendors from the cybersecurity ecosystem consider the need for centralized security policy to complement their use cases.

In our booth, Capgemini with Veracode, Fortinet, Splunk Phantom, Infoblox, Demisto, and DFLabs all spoke about how security policy is central to your security posture to enrich responses or provide enforcement in their solutions to ensure the rules are carried through. For example:

  • Aiding SecOps teams to make better decisions by injecting threat intelligence into Tufin’s policybased change automation workflow
  • Strengthening organizations’ security posture by maintaining a unified and adaptive security policy based on realtime data coming from IPAM solutions
  • Help reducing SOC’s mean time to resolution thru collaboration with SOAR solutions by enriching IR processes with intelligent topology information as well as providing automated change execution to accelerate remediation of security incidents

These uses cases represent progress towards reducing security silos by offering more integrated solutions for the end users.

Other RSA 2019 notes:

Other reports and talks from RSA 2019 that we think you will find interesting include:

While we continue to digest and absorb all the information from RSA 2019, we look forward to the year ahead as we make strides to automate processes and secure the hybrid network – on-prem to the public cloud and containers – through security policy. 

If you would like to learn more about the need for Security Policy Management check out our infographic: Network & Security Operations dreaded 4 letter word: MORE