RSA Conference 2019, San Francisco – Overview and Conference Exhibitor quotes (Part 2 of 2)
This posting may contain affiliate links for products and services that I use and recommend. If you click through and make a purchase, I may receive a commission (at no additional cost to you). Thank you for your support in this way.
One of the many RSA Conference Exhibitor Floors and IBM Security Keynote Session
Photo Credit – Bill Owen
By Bill Owen – TechNewsBlog.net – March 29, 2019
This will be Part Two of a two-part series of quotes from key contacts from a number of the Exhibitors at the RSA Conference that was held on March 4-8, 2019 in San Francisco. Part One can be found Here .
Overview of Conference
There were approximately 42,500 attendees, over 700 Exhibitors and 740 speakers and many sessions and seminars to attend. I attended a number of sessions and they were very informative with key information to take away for many attendees, depending on your focus.
Along with the well-known cybersecurity companies, there were a host of up-and-coming companies making their mark in the space. The emergence of new companies comes from the development of new and exciting technologies and the shear demand/need for their existence. The Dept. of Homeland Security (both the Cybersecurity Communications and Science & Technology Divisions), Deloitte, FBI, Dell Technologies, Intel Corporation, IBM Security, Cisco Systems, Microsoft, NSA, Oracle, Symantec, McAfee, Unisys, VMware and many, many others were represented. A link to the Exhibitor list follows.
RSA Conference 2019, San Francisco key links:
Breakdown review of each day of the RSA Conference via the RSAC Editorial Team:
As a review prior to the quotes, I have to say that this conference was a great experience, not only due to the high level of expertise of the people there, but the overall energy of the entire conference. There was an incredible amount of interaction between Exhibitors and Attendees. I personally found that the vast majority of company representatives, all the way through and including C-Suite executives, were engaging and very upbeat about what their company has to offer now and into the future. It was a level of excitement that I have not seen at a conference or trade show in some time. The fact that many were very open to supply quotes and provide their take was a testimony to the general environment there. It is an important time for the cybersecurity industry as a whole. As you will see from the following quotes, threats are a constant, but so is the focus and diligence of expert companies and personnel in combating them. I would like to thank all of the contributors for their input on the following quotes:
The following is Part Two of a two part series on quotes from key personnel at companies that I visited this year, regarding their take on the state of cybersecurity currently, and what their companies are focused on regarding mitigation of threats within their specialty area.
“In 2018, FireEye saw organizations respond faster to breaches than ever before, but we’ve also seen attackers become increasingly sophisticated as they adopt new methods. Our 2019 M-Trends report shows that no industry is safe from these threats, which is why it is positive to see breach response times improving across the board. However, most attackers only need a few days inside an organization to cause costly damage so the battle on the front lines of cyber-attacks will continue for the foreseeable future.”
—Jurgen Kutscher, Executive Vice President of Service Delivery – FireEye
“According to our own Privileged Access Threat Report, 66% of surveyed organizations claimed that they could have experienced a cybersecurity breach due to third-party access in the last 12 months, and 62% due to insider credentials. Remote access is one of the most common pathways used during cyberattacks, and almost all data breaches involve stolen privileged credentials. BeyondTrust’s Privileged Access Management solution protects against those threats by allowing information security professionals to control access to critical systems while also securing the privileged credentials for those systems.”
—Chris Stoneff, Vice President of Product Management – BeyondTrust
“OpenText, as the leader in enterprise information management (EIM), understands that for the Intelligent and Connected Enterprise, security is Job 1. Security is at the heart of today’s information governance, privacy, and regulatory requirements – the foundation of best-in-class information management. As seen from the ongoing success hackers and insiders have had compromising personal information and intellectual property, the current approach with security controls focused on gateways and perimeters rather than the data itself is not enough. OpenText Security is focused on bringing security controls closer to the information we need to protect, enabling insights into data risk before a compromise can occur.”
—Anthony Di Bello, Vice President, Strategic Development – OpenText
“Organizations and government entities carry a responsibility to consumers and civilians alike to guard their most valuable information at all cost. Personal information that does not change as easily as a credit card or bank account number drive a high price on the Dark Web. This kind of Personally Identifiable Information is highly sought after by cybercriminals for monetary gain. Companies should be implementing security best practices such as a layered approach to protection, as well as proactively updating any out of date security devices, as a matter of course.”
—Bill Conner, President and CEO – SonicWall
“We’re living in an era in which the speed and quality of software delivery represents a competitive advantage. There is a growing awareness among businesses that they need to ensure their software is secure, but as the volume of applications grows, many organizations lack an application security program and struggle to keep up. There is no way to sugar coat it, the sheer volume of flaws and percentage of vulnerable apps remain staggeringly high. Our research found that 85 percent of all applications have at least one vulnerability in them, and more than 70 percent of all flaws remain one month after discovery.
That same research shows businesses that integrate application security into their development lifecycle, scanning early and often in their processes, see significant improvements in time to flaw remediation. Veracode provides an innovative platform that empowers developers and security teams to work together to reduce the risk of data breaches, increase the speed of secure software delivery, meet compliance requirements, and cost effectively secure their software assets.”
—Ryan Davis, Chief Information Security Officer – Veracode
“Today’s evolving cybersecurity landscape can be extremely costly for SMBs. The combination of hackers finding new attack methods daily and SMBs not having the needed resources to combat these cybercriminals has left these companies even more susceptible to today’s malicious threats. At RSA, we unveiled Avast Business Secure Web Gateway, the only cloud-based Secure Web Gateway designed specifically with the needs of SMBs in mind. Not only does this security service fully protect SMBs from cyber threats on the web, but because it’s SaaS-based, it eliminates the need for costly on-premise appliances. It is delivered from the cloud, requiring only minutes to set up and deploy — no hardware to install or appliances to maintain. Avast Business Secure Web Gateway enables businesses to protect remote employees, scale easily and reduce risk associated with one of the leading sources of threats: web traffic.”
—Gill Langston, Senior Product Manager, SMB – Avast
“This year, CISOs are taking a much more proactive role in reducing their exposure through vendor consolidation, collaboration between networking and security teams, and cybersecurity training to strengthen an organizations security posture and reduce the risk of breaches, but there is still more to do. Cisco’s recent CISO Benchmark Study revealed complex security environments made up of solutions from 10 or more security vendors are hampering security professional’s visibility across their organization and into threats. Of the 3200 security leaders surveyed more than sixty-five percent of respondents did not find it easy to determine the scope of a compromise, contain it and remediate from exploits. Cisco is committed to helping organizations address these challenges and implement new techniques and technology to stay one step ahead of malicious actors and threats.”
—TK Keanini, Distinguished Engineer, Advanced Threat Solutions and Product Line CTO for Analytics – Cisco
“We have to own that as an industry: things are not where we would wish them to be. I believe that threat-centric security is a necessary part of the security equation, but I also firmly believe we need to augment that with a worldview that makes use of behavioral analytics to do a better job of understanding the human in that equation. At the end of the day, enhancing our defenses by understanding how users actually interact with data and then being able to adapt to those interactions in a way that maximizes utility but minimizes risk is something that will bear fruit. This user and data centric worldview enabled by behavioral analytics helps us treat security as a means for getting things done in the business, and I think that change in focus is crucial.”
—Richard Ford, Chief Scientist – Forcepoint