Adaptive Segmentationmicro-segmentation May 24, 2022

A CISO's Guide to the 2022 RSA Conference

Kelvin Franklin, Field CTO, US West

Live events are back, which means this year’s RSA Conference is going to be the biggest and most exciting RSA Conference in a few years.

A lot has changed in the IT security world since we were last together in person. If you’re a security professional, what should you be looking for at this year’s conference?

Here are my thoughts on what to expect and the best ways to get the most from this premier security industry event.

Ransomware gets the spotlight

Ransomware has been rising in importance for several years. Before the pandemic, though, it wasn’t the big topic it is now.

I expect ransomware to be one of the hottest topics at the conference. After all, ransomware attacks rose 92.7% in 2021. At the same time, the average cost of a ransomware attack climbed to $4.62 million, exceeding the cost of more traditional data breaches, according to IBM.

Obviously, ransomware is a hot topic for us at Illumio. Our Zero Trust Segmentation platform stops ransomware and other cyberattacks from spreading across your hybrid digital infrastructure, regardless of where they start — in a data center, in the cloud, or at the network edge.

We’ll be demonstrating our solutions in Booth #5555 in Moscone North, showing just how easy it can be to implement Zero Trust Segmentation for any size organization, regardless of staffing or budget. We’ll also highlight integrated solutions with our partners Cylera, IBM Security, and Splunk.

And on Wednesday, June 8, we’ll be giving a presentation in the North Expo Briefing Center, Booth 6845 at 2:40 pm: 3 Easy Steps to Stop the Spread of Ransomware.

Favorite this talk in your schedule so you don’t miss it.

New security responsibilities: Operational technology (OT)

If you’re a chief information security officer (CISO), here’s something you probably already know: The scope of your responsibilities is expanding.

One area it’s expanding into is operational technology (OT), which includes everything from smart healthcare devices like MRI scanners to robots on factory floors.

If you’re new to OT, focus your time at RSA on getting up to speed on this increasingly important dimension of digital security and cyber resilience.

Until now, most CISOs did not have visibility into or responsibility for OT environments. Instead, OT devices have traditionally been managed by the operations team or asset managers, not IT staff per se. And the operations team and asset managers didn’t know much about IT security. They didn’t need to. Their devices ran on their own networks, and they seemed safe from attack.

Two things have changed:

  • First, many organizations are connecting their OT devices to IT networks to improve business agility and to accelerate workflows. As a result of these connections, attackers can now reach OT devices much more easily once they breach an IT network.
  • Second, attackers are taking advantage of this access to develop new methods for targeting OT devices. Attacks on OT devices are worrisome, to say the least. They can shut down healthcare devices in hospitals, putting patients at risk. They can stop production on factory floors or cause robots to function in dangerous ways. And they can shut down electric grids or other critical infrastructure like gas pipelines.

Last year’s attack on Colonial Pipeline was a stark example of the risks that cyberattacks pose to companies managing critical infrastructure. Using a leaked password, attackers were able to infiltrate Colonial Pipeline’s IT systems, copy 100 gigabytes of confidential data, and post a ransomware note to administrators.

The company ended up paying the attackers $4.4 million but only after first shutting down fuel deliveries along the East Coast and visually inspecting 29,000 miles of pipeline to ensure there was no physical damage. The effectiveness of this publicized attack is certain to inspire imitators.

This attack and others like it mean that CISOs and their security teams need to quickly come up to speed on OT strengths and weaknesses. And RSA is a golden opportunity to quickly get educated on OT security and build relationships with experts and vendors who can help. It’s time to implement OT security measures as soon as possible.

Security everywhere: On-premises and across multiple clouds

RSA also provides an excellent opportunity for security professionals to understand more about how to protect their increasingly complex hybrid IT networks.

So much of security work is still focused around protecting on-premises data centers. So, unfortunately, many organizations are looking past the security risks of the cloud, thinking that their cloud vendor(s) will take care of everything. But that isn't true.

At the same time, the cloud is not taking over everything in IT. Whether because of regulations or other operational factors, many organizations will run at least some parts of their businesses out of their own data centers. So it's getting complicated, to say the least.

How will you secure them all with unified policies that span environments? How will you manage all this complexity?

You may have Google Cloud, AWS, Azure and IBM Cloud. You want your security team to be able to see your entire cloud estate in a single pane of glass and to manage them as a single entity, but how do you do that?

I think there will be a lot of talk about clouds and cloud security at this RSA Conference. And there will be many great presentations and experts from which to learn. Don't sleep on the cloud. 

The distributed workforce is here to stay

Most companies that switched to a remote workforce during the pandemic are going to continue supporting a hybrid or even a fully distributed workforce. Many employees appreciate this flexibility, but it does create new security challenges.

Employees have been using their own computers for work since the days of bring-your-own-device (BYOD) policies over a decade ago. But IT departments had more control back then.

If you brought your device to the office, company software could scan it and require you to put certain applications on it. There were mobile device management (MDM) apps for securing non-corporate assets connecting to the corporate network, and there were different ways of safely adding your devices to the network.

But now employees could be connecting to company resources via mobile devices and cloud applications from anywhere, on almost any local or wi-fi network.

Today's CISOs have to continually figure out how to keep all kinds of devices and computing assets secure across most any scenario. If this type of dynamic security support isn’t on your shopping list, it should be. I would recommend seeing what vendors at RSA have to offer.

5G: A new frontier for cybersecurity threats and defenses

When most people think about 5G, they think about faster connectivity to their phones, making it easier to watch videos and surf the Internet.

But 5G is going to radically change everything in IT security. IoT networks are going to leverage 5G. Instead of using terrestrial lines to reach different locations around the world, companies will use 5G connections. Some of these connections will be 5G private networks; others will be 5G public networks. 5G is really high-speed Internet to everywhere.

Any major change to network infrastructure like this is going to fundamentally change security. You’re going to have new vulnerabilities and new types of attacks. You’ll also have new use cases, like employees connecting over 5G from their cars and other remote locations. All this is coming in the near future. It’s time for CISOs to start thinking about it — and talking about it at this year's RSA Conference.

RSA Conference: All about making connections

Overall, I've found the RSA Conference to be one of the most important ways to make connections with knowledge, people and new technologies.

For example, there are three million job openings in the IT security market worldwide. A lot of smart, talented people are going to be attending the conference. It’s a great opportunity for hiring managers and job seekers to find each other.

But certainly the biggest need for any security professional these days is knowledge. Cybersecurity is now at the forefront of any technology and business discussion. Security needs are rapidly evolving, and risks are increasing by the day. The RSA Conference is the place to find the knowledge you need.

We’re looking forward to seeing old friends and making new ones at the show. I hope that this year’s RSA Conference is a rewarding experience for you.

Meet us at RSA

If your RSA Conference checklist includes learning about new technologies for stopping the spread of ransomware and strengthening your cyber resilience, please drop by the Illumio booth (#5555) and see a live demo of Zero Trust Segmentation in action. 

We’ll be glad to show you how we make Zero Trust Segmentation fast and easy to implement for companies of all sizes. You’ll also find Illumio staff in the booths of our partners Cylera, IBM Security and Splunk.

Adaptive Segmentationmicro-segmentation
Share this post: