RSA Conference 2016 is currently taking place in San Francisco, with events planned in Singapore and Abu Dhabi later in the year. Here, we take a look at some of the hot topics being discussed on the conference floor.
Healthcare under fire
Organised crime targetting the healthcare sector is on the rise – the recent ransomware attack on the Hollywood Presbyterian Medical Center in Los Angeles a case in point. Unlike the financial services industry, which has invested a lot in fraud detection technology, the healthcare industry needs to up its defences – especially as patient records move online.
Compliance does not equal security
Globally, critical national infrastructure is one of the the biggest risk areas, under regular attack from hackers and other criminals. The situation is not helped by heavily regulated industries being synonymous with slow adoption of new technology. Security architects are already frustrated – external threats and nation-state attacks are an everyday consideration. Governments can combat certain behaviours – through legislation and fines – but compliance does not equal security. Anthem and Home Depot – two huge organisations that suffered extensive breaches – were both in compliance. Organisations need an enlightened CISO with a line to the board who can shore up security by making the right investments early on.
Security companies need to play well together
The chief focus areas for buyers this year are tackling endpoint security, cloud security and insider threats. The solution to all three is vendor integration and automation, but it requires security companies to play well together. Collaboration is the only way to innovate and get ahead of the evolving threat landscape, whether through network partnerships or product integration.
Big data analytics for security is still unproven, yet it’s still a popular topic. There has been a lot of talk in the last few years about fielding analytics at enterprise scale for cybersecurity, but few actual examples of it being put into practice.
Managed security services is a growing requirement for the enterprise. Traditional commodity-type security has failed to address new threat vectors – ransomware, organised crime and nation-state attacks. There’s also a staff and skills shortage. Vendors need to focus on growing this area to cater for the take-up in the market.
Chris Carlson, VP of product management at Hexis Cyber Solutions