40,000. That’s the number of attendees at RSA this year, according to show floor rumors, and well above the expected 30,000 that was posted last week. There are about 500 plus vendors showcasing various security technologies and services ranging from new stronger encryption approaches, IoT security, cloud security and security analytics to high touch mitigation services. IBM announced the acquisition of Resilient Systems, a company that provides post breach planning services, on day 1 of the show.
While there have been many interesting keynotes and discussions at RSA so far, including the hot button topic of the day – breaking the encryption on an iPhone that belonged to a terrorist – one keynote touched upon a very relevant topic in cyber security. It was about the increasing need for government to work with private industry to battle cybercriminals and cyber threats.
The head of National Security Agency and U.S. Cyber Command made a case for collaboration, partnerships and massive effort across industries and government to fight cyber threats. Sharing of threat intelligence and threat data between government entities and private sector can not only help to thwart impending cyber attacks but also serve as a neutralizing element to increasingly sophisticated techniques that cybercriminals and nation-states use today.
Attendees who stopped by the Infoblox booth were also very much interested in another kind of threat data sharing – between networking and security technologies. Companies already own DNS infrastructure. Using these core network services to enhance security is a natural next step.
Discussing the notion of sharing actionable threat intelligence and network context to vulnerability scanners, SIEM or endpoint agents seemed to cause a “oh, that makes so much sense” type of reaction. And it does make a lot of sense. Not only does threat sharing help break silos, it improves the efficacy of the security ecosystem as a whole. And who wouldn’t want to do that, given the huge investment companies are making in purchasing and maintaining these security products.
RSA is far from over and the excitement is palpable. There are still many more keynotes and track sessions to come that cover topics like risk and compliance, protecting data and even showing that they can be a positive ROI for security. Every year I am amazed at the number of new companies and technologies popping up that all aim to solve one problem – making cyberspace safer.