What is hot, what is not? Trends from the RSA show floor
Forty thousand RSA attendees are experiencing an advertising blitzkrieg from all the security vendors — big and small. San Francisco during spring is very captivating, but the show floor is nothing short of a Vegas-style extravaganza drawing the crowds in and kicking up the excitement.
Here is the hot stuff that vendors, customers, and IT professionals are talking about:
By far, Insider threat is the hottest topic; every vendor seems to have an angle or story on how they can protect against insider menace. Some are even spending hundreds of thousands of dollars in hosting over-the-top parties in hip clubs in San Francisco to get their message heard. The SIEM vendors talk about how their big data platform is best suited to handle the insider. The UEBA folks tout their machine learning algorithms are the best on the planet to highlight anomalies.
Sadly, most of the vendors missed the mark. “None of them are taking about solving real world use cases in a cost-effective manner.”
Here is what the vendors think is hot:
Clearly the end-point security vendors have yet to read the memo “End-point security is dead.” Read the full 2016 Cyberthreat Defense Report here. Microsoft finally acknowledged that many end-point security solutions are collecting the same data, remain ineffective and cause serious inconvenience. Windows 10 takes a step in the right direction with the integration of native end-point solutions with crowdsourced threat intelligence platforms running in the Microsoft cloud.
Here is what you really need:
A solution for your insider threat should address real-world scenarios, be cost-effective, easy to deploy and manage and have no false alerts.
Any of these insider threats strike a chord?
- A malicious user copying large amounts of data during a weekend over VPN
- A negligent user plugging in a thumb drive into a corporate laptop she won at a trade show (hopefully not at RSA)
- A compromised end-point being used as a foothold by a hacker to access files in a common share
When you are ready to have a serious conversation about solving insider threats without being bombarded with machine learning jargon, visit Imperva at booth #1315. Just say the magic word “insider threat” to any of the friendly folks from Imperva and they will take it from there. We may not have fancy exotic cars to raffle off, but we can definitely help secure your data and applications from insider threats, data breaches and business logic attacks on your web applications and volumetric DDoS attacks.