.png)
RSAC 2024: 3 Conversations You Might’ve Missed
The halls of San Francisco’s Moscone Center have calmed after another busy RSA Conference. Now, it's time to reflect on the insights we gained.
Amid the workshops, speaking sessions, booth visits, and after parties, you might've missed some conversations. But, they hold key insights for cybersecurity pros.
In this post, I'll recap three of the most common topics we heard around RSAC this year.
1. Cloud security challenges and needs
Over the past few years, the cloud has experienced exponential growth and transformation. Many organizations in every industry, location, and size now widely adopt cloud services for its scalability, flexibility, cost savings, and accessibility.
There were three main themes surrounding discussions about cloud security.
Complex hybrid, multi-cloud environments
RSAC 2024 was filled with conversations about the cloud. Cybersecurity professionals and experts alike highlighted the challenges posed by the dynamic nature of cloud environments.
Tony Bailey, Product Marketing Director at Illumio, called the cloud the “Wild West” at this year’s conference. He discussed the complexity cloud resources spinning-up and spinning-down rapidly, every cloud vendor having their own security offerings, and the difficulty getting end-to-end visibility into cloud environments.
For many RSAC attendees, this complexity makes it hard to contain attacks. It also makes it hard to stop attacks from spreading through the network. They explored solutions like the Illumio Zero Trust Segmentation Platform. It provides visibility into the public cloud and builds granular segmentation. This helps them see and secure their hybrid, multi-cloud environments amidst the chaos.
Speed and agility
In the last few years, organizations have faced rapid digital change. This has been especially true in the cloud. It makes sense that attendees were talking a lot about speed – both cloud security deployments and AI technology in the cloud.
Many organizations are struggling to manage the cloud's unpredictability. Traditional security methods that worked in the data center aren’t working in the cloud. Security teams are finding that relying totally on a cloud vendor for cybersecurity creates security silos and gaps.
At RSAC, attendees were seeking solutions that offered full visibility and policy control across many cloud platforms. They also looked for solutions with AI tech. These include Illumio’s auto-labeling and AI-driven Zero Trust Segmentation that can help InfoSec teams speed up.
Consistent, comprehensive cloud security
Attendees also highlighted the difficulty of fully understanding and managing their clouds. Unclear connections between resources and the unauthorized access it allows create a severe security risk.
Recent research by Illumio and Vanson Bourne shows that 46 percent of all breaches start in the cloud. RSAC attendees are feeling the pressure of cloud attacks, and they wanted to ensure the integrity and security of their cloud infrastructures.
This dialogue emphasized the need for solutions that can extend consistent security across the entire network, including cloud, endpoint, and data center environments. The Illumio platform makes it possible to not only see every environment but also provide consistent security across them.
2. Strategic cyber planning and risk management
Many attendees this year were thinking about growing their team. They want to add more people and skills as their organization continues to grow.
Among these discussions, Gary Barlet, Federal Field CTO at Illumio, spoke with other attendees about what he sees as a systemic flaw in the current approach to cybersecurity talent recruitment. He believes there’s an overreliance on academic degrees compared to practical skills. He advocates for a shift to nurturing talent and skill development. This would come through opportunities like work-study or internships.
This conversation also converged into strategic planning and risk management. Cybersecurity experts at RSAC said organizations should focus on more than quick fixes. They need to take a proactive approach. This means understanding the threat landscape and using comprehensive strategies.
“Rather than just trying to fix the problem that's in front of you, you need to take a step back and actually understand the problems you're facing,” said Trevor Dearing, Director of Industry Solutions Marketing at Illumio. “Try to build the most sensible, lowest-cost, lowest-resource approach around Zero Trust.”
3. How to balance ROI and security
Many organizations feel pressure to scrutinize budgets. CISOs and their teams are trying to balance their needs while ensuring they see strong cybersecurity ROI.
Many attendees were thinking about ROI in security, but others challenged that by also considering the ROI of efficiency. “Strong protection is important, but you have to think about the people running the tools,” explained Keith Do, Product Marketing Manager at Illumio. “How can you make your team more efficient operationally and potentially replace ineffective or old tools they’ve been using?”
Part of ROI should be ensuring your cybersecurity investments yield tangible security benefits. There are a few different ways to achieve this. I recommend using this three-step process:
- Confirm that new technology will bring real security benefits. This includes reducing security risks and boosting cyber resilience.
- Check to see if you can retire any existing tools.
- Review operational processes. Will new tech simplify the infrastructure? Will it require fewer changes or take less time?
If you can mark off at least two of these steps with any new investment, you have a compelling story for how the technology will deliver real ROI.
RSAC 2024 recap: Let’s keep the conversations going
To all the security professionals we met at RSAC, it was great to connect and collaborate with you. The conference may be over for the year, but we'd love to continue these conversations with you.
Contact us today to connect with our cybersecurity experts. Learn how the Illumio Zero Trust Segmentation Platform can help you build cyber resilience and reduce your security risk.
