Zero Trust Segmentation

RSAC 2024: 3 Conversations You Might’ve Missed

The halls of San Francisco’s Moscone Center have calmed after another busy RSA Conference. Now, it's time to reflect on the insights we gained.  

Amid the workshops, speaking sessions, booth visits, and after parties, you might've missed some conversations. But, they hold key insights for cybersecurity pros.  

In this post, I'll recap three of the most common topics we heard around RSAC this year.  

1. Cloud security challenges and needs  

Over the past few years, the cloud has experienced exponential growth and transformation. Many organizations in every industry, location, and size now widely adopt cloud services for its scalability, flexibility, cost savings, and accessibility.  

There were three main themes surrounding discussions about cloud security.  

Complex hybrid, multi-cloud environments  

RSAC 2024 was filled with conversations about the cloud. Cybersecurity professionals and experts alike highlighted the challenges posed by the dynamic nature of cloud environments.  

Tony Bailey, Product Marketing Director at Illumio, called the cloud the “Wild West” at this year’s conference. He discussed the complexity cloud resources spinning-up and spinning-down rapidly, every cloud vendor having their own security offerings, and the difficulty getting end-to-end visibility into cloud environments.  

For many RSAC attendees, this complexity makes it hard to contain attacks. It also makes it hard to stop attacks from spreading through the network. They explored solutions like the Illumio Zero Trust Segmentation Platform. It provides visibility into the public cloud and builds granular segmentation. This helps them see and secure their hybrid, multi-cloud environments amidst the chaos.   

Speed and agility  

In the last few years, organizations have faced rapid digital change. This has been especially true in the cloud. It makes sense that attendees were talking a lot about speed – both cloud security deployments and AI technology in the cloud.  

Many organizations are struggling to manage the cloud's unpredictability. Traditional security methods that worked in the data center aren’t working in the cloud. Security teams are finding that relying totally on a cloud vendor for cybersecurity creates security silos and gaps.  

At RSAC, attendees were seeking solutions that offered full visibility and policy control across many cloud platforms. They also looked for solutions with AI tech. These include Illumio’s auto-labeling and AI-driven Zero Trust Segmentation that can help InfoSec teams speed up.

Consistent, comprehensive cloud security  

Attendees also highlighted the difficulty of fully understanding and managing their clouds.  Unclear connections between resources and the unauthorized access it allows create a severe security risk.  

Recent research by Illumio and Vanson Bourne shows that 46 percent of all breaches start in the cloud. RSAC attendees are feeling the pressure of cloud attacks, and they wanted to ensure the integrity and security of their cloud infrastructures.  

This dialogue emphasized the need for solutions that can extend consistent security across the entire network, including cloud, endpoint, and data center environments. The Illumio platform makes it possible to not only see every environment but also provide consistent security across them.  

2. Strategic cyber planning and risk management  

Many attendees this year were thinking about growing their team. They want to add more people and skills as their organization continues to grow.  

Among these discussions, Gary Barlet, Federal Field CTO at Illumio, spoke with other attendees about what he sees as a systemic flaw in the current approach to cybersecurity talent recruitment. He believes there’s an overreliance on academic degrees compared to practical skills. He advocates for a shift to nurturing talent and skill development. This would come through opportunities like work-study or internships.  

This conversation also converged into strategic planning and risk management. Cybersecurity experts at RSAC said organizations should focus on more than quick fixes. They need to take a proactive approach. This means understanding the threat landscape and using comprehensive strategies.  

“Rather than just trying to fix the problem that's in front of you, you need to take a step back and actually understand the problems you're facing,” said Trevor Dearing, Director of Industry Solutions Marketing at Illumio. “Try to build the most sensible, lowest-cost, lowest-resource approach around Zero Trust.”  

3. How to balance ROI and security  

Many organizations feel pressure to scrutinize budgets. CISOs and their teams are trying to balance their needs while ensuring they see strong cybersecurity ROI.  

Many attendees were thinking about ROI in security, but others challenged that by also considering the ROI of efficiency. “Strong protection is important, but you have to think about the people running the tools,” explained Keith Do, Product Marketing Manager at Illumio. “How can you make your team more efficient operationally and potentially replace ineffective or old tools they’ve been using?”   

Part of ROI should be ensuring your cybersecurity investments yield tangible security benefits. There are a few different ways to achieve this. I recommend using this three-step process:  

  1. Confirm that new technology will bring real security benefits. This includes reducing security risks and boosting cyber resilience.  
  1. Check to see if you can retire any existing tools.  
  1. Review operational processes. Will new tech simplify the infrastructure? Will it require fewer changes or take less time?  

If you can mark off at least two of these steps with any new investment, you have a compelling story for how the technology will deliver real ROI.  

RSAC 2024 recap: Let’s keep the conversations going

To all the security professionals we met at RSAC, it was great to connect and collaborate with you. The conference may be over for the year, but we'd love to continue these conversations with you.  

Contact us today to connect with our cybersecurity experts. Learn how the Illumio Zero Trust Segmentation Platform can help you build cyber resilience and reduce your security risk.

Related topics

No items found.

Related articles

It's a Bird, It's a Plane, It's...Supercluster!
Zero Trust Segmentation

It's a Bird, It's a Plane, It's...Supercluster!

Large organizations often have data centers located in different geographic regions. Distributed data centers allow these organizations to locate their applications close to their customers and employees, comply with data residency requirements, and provide disaster recovery for their critical business applications.

5 Reasons Your Cloud Architect Will Love Microsegmentation
Zero Trust Segmentation

5 Reasons Your Cloud Architect Will Love Microsegmentation

For a cloud architect, going to the cloud is more than just a change in location.

5 Zero Trust Takeaways from Higher Ed CSO George Finney
Zero Trust Segmentation

5 Zero Trust Takeaways from Higher Ed CSO George Finney

Higher Ed CSO cybersecurity challenges are unique. SMU’s CSO George Finney discusses implementing Zero Trust segmentation in the university environment.

Illumio and WWT Partner to Guide Your Zero Trust Journey
Partners & Integrations

Illumio and WWT Partner to Guide Your Zero Trust Journey

Learn how the Illumio and WWT partnership makes it easy to gain the benefits of a Zero Trust architecture with Zero Trust Segmentation at its core.

Illumio and Wiz: Automatically See, Detect, and Contain Cloud Attacks
Partners & Integrations

Illumio and Wiz: Automatically See, Detect, and Contain Cloud Attacks

Learn how the Wiz Cloud Security Platform and Illumio CloudSecure integration combines threat detection with Zero Trust Segmentation to automatically close security gaps.

Illumio Simplifies Zero Trust Segmentation with Flexible Licensing
Illumio Products

Illumio Simplifies Zero Trust Segmentation with Flexible Licensing

New Illumio ZTS Platform licensing options mean your organization is even better positioned to meet the security needs of today’s ever-changing cloud, endpoint, and data center environments.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?