As we gear up for RSA Conference 2015, PAN connected with Dark Reading Editor-in-Chief Tim Wilson to hear his thoughts about this year’s event. Thank you, Tim, for sharing your insights with the PAN team! We look forward to seeing you, and all our security industry friends, next month at the show.
Tim Wilson: Enterprises spent a record amount of money in 2014 – I think Gartner estimated it at over $70 billion – yet cyber attacks and security breaches remained at an all-time high. I think businesses are getting tired of spending tons of money for technology that only solves part of the problem, so they will be going to RSA to look for ways to build a better, less haphazard defense. The vendors are obviously going to RSA to promote their own solutions, but they aren’t doing anyone any favors by telling everyone that their product is going to solve everything. The vendors need to start aligning their products in a way that helps enterprises build a comprehensive defense. Enterprises don’t use single security products in a vacuum – vendors should stop selling them that way.
Security is rapidly becoming a question of managing resources that the enterprise doesn’t control – cloud networks and applications, personal mobile devices, supply chains. As with the vendors, I think enterprises are beginning to recognize that they can’t manage security in a vacuum, focusing only on the things that are within their walls and networks. I think the hot topics and discussions will be around finding ways to secure data no matter where it is – in the cloud, in a wireless network, at the partner’s site. And there will be more discussion around incident response and risk management, rather than traditional perimeter security.
The good news is that there will be literally hundreds of vendors coming out with new technologies at RSA.The bad news is that there will be literally hundreds of vendors coming out with new technologies at RSA.
Even with four or five writers on site, there is no way that Dark Reading can cover all the announcements at the show. We are going to link to the feed of vendor announcements that the RSA Conference media team manages, and we will actually put some extra help on the production team so that we can post as many releases as possible. That said, our reporters will be focusing the majority of time on issues, not products. We’re looking for news that identifies new threats, or trends in attacks. We’re also looking for new data that shows that a particular type of defense is really working. Again, our goal is to talk about security problems outside of the vacuum of a single vendor or a single enterprise perimeter. We’re trying to help readers who are swimming in so-called “solutions” but still haven’t nailed down their problems.
Again, we will try to post and re-post as many announcements as we can, but we really don’t have enough reporting resources to devote a lot of time to single-product announcements. We will be looking for new data that shines a light on emerging threats. We will also be looking for strategies that help enterprises harness the technologies that they already have to build a more comprehensive defense. And we’re interested in technologies that help enterprises manage the things they don’t control, such as cloud, mobile, and supply chain environments.
RSA is an opportunity to learn more about technologies and vendors – I and my team will meet with dozens of vendors during the show, though we probably won’t have a chance to meet with more than a third of the vendors we would like to. There just aren’t enough hours in those days. I think what I look forward to most are the social times, the chances to meet people at the W bar or at receptions and parties where you actually get to know the people behind the research and the technology. Many of my best contacts are people that I’ve gotten to know and trust outside of an interview setting or a product pitch. I think the security community is driven by smart people, not technology.