RSA Talks Anchored By GRC, UBA And Real-Time Dashboards



Dan Gunderman
04/18/2018

Day 2 at the RSA Conference for the Cyber Security Hub was equally as informative as the first pass-through.

Vendors are not so much peddling solutions as they are raising awareness for their particular vertical – be it risk management, cloud security, incident response (CSIRP), data privacy, user behavior analytics (UBA), etc.

These “hot topics” have tended to cut to the core of the RSA show, as salient issues sure to sway decision-making within the enterprise – and in the short term.

Attendance on CSHub’s second day seemed equally as strong as the first – with attendees both sitting in on cutting-edge demonstrations and extracting unique insight from the product teams. Booth presence was spirited and informative, as top-tier companies and market leaders fought for the competitive edge.

As mentioned, both governance, risk management and compliance (GRC) and UBA have been the de facto leaders of the San Francisco-based conference. The Moscone Center has been filled with vendors and end-users underscoring the importance of sound security controls and visibility – specifically as they affect GRC and behavior/hygiene.

See Related: RSA Coverages Includes Automation, MSSP & The Onerous Threat Landscape

The Focus

What follows is continued coverage of the vendors/practitioners who showcased their products/processes on the show floor:

Optiv, which focuses on enterprise incident management solutions, had a presence at the show. In literature distributed at the event, the company writes, “Our expert team of incident responders, analysts and engineers has the expertise needed to help you avoid trouble, identify vulnerabilities, eliminate malware and provide assistance in the event of a breach or compromise.”

Its Enterprise Incident Management (EIM) Services “help clients reduce the likelihood of an attack or incident, secure their environment against threats and recover from incidents while minimizing disruption.”

Optiv says that analysts estimate 70 to 90% of all enterprise systems are infected; also, unplanned downtime costs large enterprises an estimated $5,000 per minute, or $300,000 per hour.

The National Security Agency (NSA) also had a big presence on the floor. The agency says that it “stands ready to protect the American way of life” and “leverages its vast cyber security expertise, capabilities, innovative technological advancements, industry and academic partnerships, and analysis-driven operations to protect the nation’s most critical assets.”

The NSA says that it categorizes its efforts into four critical focus areas: Talent (cultivating world-class professionals), Tech (unique expertise, life cycle engagement, advanced research, etc.), Threat (understanding of the threat to inform key decisions and investments) and Trust (cryptographic solutions, security engineering and cyber security operations).

RSA Conference 2018

IntSights, an Israel-based cyber security company with a large presence, emphasized its focus on Dark Web monitoring, as well as internal and external threat intelligence.

According to literature distributed at the event, IntSights is “revolutionizing cyber security with a first-of-its-kind Enterprise Threat Intelligence & Mitigation platform that delivers proactive defense by transforming threat intelligence into automated security action.” The company says that it monitors external risk profile, aggregates and analyzes tens of thousands of threats, and automates the mitigation cycle.

See Related: GDPR, Cryptocurrency Take Center Stage At RSA

In a briefing with LockPath, VP of Industry Solutions, Sam Abadir, outlined the company’s integrated risk management platform. Abadir described various risk variables when it comes to sound security controls: regulations, KPIs, management challenges, “immature” tech, etc. He called LockPath’s Keylight platform “nimble, efficient and effective.” The VP also traced five core functionalities of the platform: consuming data, integrated dynamic assessments, configurable workflow, a dedicated analytics engine and data security.

The comprehensive tool is especially effective in identifying risk, maintaining visibility and adhering to various (and prominent) regulations – namely GDPR. Abadir said the platform’s various components can be applied directly to GDPR compliance, and that the company has various tools to uphold its standards: a customer advisory board, a Ready Summit, Regional User Groups and dedicated support teams.

LockPath literature suggests that “Integrated risk management (IRM) offers an…agile way to manage all types of risk in one centralized program. Unlike traditional risk management that focuses on individual risk disciplines, IRM gives you a holistic and comprehensive view of risks to your entire organization.” It says the “new approach…improves decision-making and drives performance for a stronger, more resilient business.”

HOB, a German software manufacturer that develops remote access solutions and has products marketed worldwide, may have won the RSA creativity award – sending booth attendees on a harrowing pirate adventure that explained the digital transformation to the cloud. To the tune of “Pirates of the Caribbean,” HOB explained the many challenges to integrating cloud solutions.

HOB called its suite the “vessel for your cloud journey.” The HOB Cloud Suite allows connectivity to private, public, hybrid and multi cloud environments, identifies issues and maintains IdM controls.

HOB’s cloud product adds a “layer between the user and the application,” and features “any-to-any connectivity.”

Its enterprise mobility tool, HOBLink Mobile, allows secure access to emails, calendars, contacts, tasks and notes, etc. On the IAM front, the customer can “control access to the applications.” HOB’s product also helps eliminate service outages in the back-end (with automatic restarts) .

The manufacturer said that without this specific cloud knowledge, one could reach “Davy Jones’ locker.” HOB suggests to bring along its “treasures” for the cloud journey.

RSA Conference 2018

Closing Thoughts

All in all, the RSA trade show floor was an exciting and highly dynamic space – with conversations ranging from GRC to AI innovation and threat intelligence. Much of the dialogue incorporated “integrated” solutions – in a security landscape that can be quite disparate. The “Swiss army knife”-type solutions are certainly helpful, it seems, but they must also be able to cut to the core of a specific customer issue. Many of the featured products and solutions do just that.

The energy on the show floor did not disappoint – as attendees slipped from booth to booth, picking up industry knowledge and unique perspectives from seasoned professionals.

Stay tuned to CSHub.com for continued RSA coverage!

Be Sure To Check Out: Know Your Systems: Cyber Security Tips For Board-Level Execs