Select the directory option from the above "Directory" header!

Menu
INSIGHT: RSA 2015… Rise of Chaos

INSIGHT: RSA 2015… Rise of Chaos

Here is my traditional RSA (#RSAC) reflection post for RSA 2015 Conference – all my personal opinions/impressions/thoughts, of course.

Edited by James Henderson (New Zealand Reseller News)
Comments

Here is my traditional RSA (#RSAC) reflection post for RSA 2015 Conference – all my personal opinions/impressions/thoughts, of course.

Keyword of the year: ADVANCED. Nearly every booth had something advanced – analytics, malware, system, attacks, algorithms, threats. So, 2015 – the Year of Advanced Security Something?

Other common themes: I’ve noticed visibility, focus on the endpoint, “the attacker will get in” theme, etc.

Surprise of the year: Fuzzy product category boundaries – and getting much fuzzier still [more on this below].

The “advanced” theme made me realise that there is now “malware” (1), “advanced malware” (2), and “no, really, this is seriously advanced advanced malware” (3).

Stopping malware is easy (=just run AV), stopping advanced malware is …ahem… also easy (=just run sandboxing/whatever), but the real challenge is this last category of “no, really, this is seriously advanced advanced malware” …

Things I did expect to see – but didn’t see a lot of:

Deception – yeah, there was a vendor or two that I know uses/focuses on deception and honeypots, but it was not in your face at all.

IoT / OT security – I was coming to RSA this year with fear in my heart that it will be the year IoT security hype emerged – and it hasn’t [yet].

Compliance – I am sorry guys, but RSA this year made me think that “compliance is dead” [in the hype/theme/meme sense, regulations of course remain]; the number of security vendors that that flat out don’t care about compliance is pretty amazing; moreover, compliance used to be a DRIVER, but now it is often a SILLY PUT-DOWN (“ah, that vendor technology? heh, its just for compliance….”)

Security for DevOps – this one is probably easy to explain since this is not about box sales, but about processes and people.

Also, mobile security / mobility was no longer an overwhelming presence; definitely there but not everywhere.

There was, it seems, more CASB (for “bolt-on” cloud security – because don’t we all love bolt-on security?!), more IR (that made me happy!), more traffic capture / network forensics, etc.

Things I really didn’t expect to see – and they really were not there:

• Insider threat – seriously, nobody cares; there was a tiny bit of that mentioned by some authentication vendors, but who goes to those booths, really? :-)

Now, let’s get back to my surprise of the year – fuzzy product categories.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Gartnermalwarersa

Show Comments