People come from all over the world to attend this highlight of the season. It’s been a tradition for decades. Hotels book months in advance. Traffic is horrendous in the city center. The coveted tickets can cost thousands of dollars, but tens of thousands of people are lucky enough to score them. In addition to the main event, which showcases the premier players in the game, there will be an all-star line-up of vendors and entertainment. It is a unique, intense and inspirational experience.
No, it’s not the Super Bowl. I’m talking about RSA Conference 2017, of course.
The world’s leading information security conference and expo takes over San Francisco’s Moscone Center and the downtown Marriott Marquis from February 13-17, 2017. The conference brings together the top information security professionals and business leaders to discuss emerging cybersecurity trends and formulate game plans for tackling current and future threats.
To say this event is big would be an understatement. Last year, nearly 40,000 attendees experienced keynotes, peer-to-peer sessions, track sessions, tutorials and seminars. That was a record number. But, given this year's expansion to the Marriott, it looks like the organizers are expecting an even bigger crowd. For the first time, you can reserve a seat online for almost any session – definitely recommended for popular sessions or those with limited seating.
SAS will be there of course, presenting our security analytics platform. We won’t be alone. In fact, security analytics is really taking center stage, moving from trend to mainstream. More organizations are realizing the need to get more out of their security data.
What does the term, "security analytics," really entail?
At last year’s RSA Conference, you couldn’t walk more than a few feet without seeing “security analytics” on a vendor’s booth. What does that really mean? Most talked about a niche solution and the algorithms within it.
Yes, we talk about analytics too. SAS security analytics solutions provide layered analytics and machine learning techniques to deliver the right analytic approach at the right time. But to me, the math is just one part of the equation. To put those analytics into action – and get it right – you also need integrated:
- Data management capabilities that can ensure the data is fit for purpose. Data may be in multiple formats, of poor quality, arrive too fast or be too big. Your ultimate results are only as good as the data inputs.
- Governance that ensures consistency in how analytic models are being managed – the means to track the evolution of models and ensure that model performance does not degrade over time. Who is tinkering with the models, what are they doing, and are the models being used correctly?
These bookends of the big picture are not getting the attention they should. If they are ignored, they can hinder an organization's successful use of security analytics.
When a headline-making breach occurs, and the CEO and board are asking how it happened, will the security team be able to answer with confidence? Not if security analytics has been treated as just another piece of a patchwork.
So while “security analytics” will no doubt remain a hot buzzword at this year’s conference, I don’t foresee it being discussed as part of an end-to-end concept – at least not to extent that it warrants.
I’ll be following up after the conference with my thoughts on this year’s RSA Conference. We'll see whether my predictions about cybersecurity discussions were on the mark. In the meantime, if you are going to the conference, please stop by Booth N4308 to say hi!
2 Comments
Security analytics in their current context have very little to do withy anything of consequential value pertaining to a company's survival, or even the management of net profits. Security analytics are employed in the classical Security model as an aspect of Cybersecurity fighting. The current Security model is broken as evidenced by the inability to matter when it comes to protecting companies and the current consolidation, diminishing, market value of most of the companies in this economic sector. They are in decline and they should be. Hopefully, the model will go the way of the digital certificate business and vanish from the landscape because most companies are seeking new service offering, solutions, that work. It is amazing what heights of incompetent, ineffective solutions like SET, the Digital Certificate model, soon PCI, possibly the current Cloud model, SaaS model, reach before their demise. Cybersecurity is the greatest business risk of our time and we aren't close to handling it.
Hi Mitchell - Thanks for your comments. I agree that cybersecurity is the greatest business risk of our time. However, I disagree about the role of security analytics. Organizations do not always have visibility into what network-connected devices are doing. This is where security analytics is essential. Security analytics provides organizations visibility into their cyber landscapes so proper discovery and measurement can occur for quantification of cyber risks. With that, organizations can then determine where best to allocate resources to improve security postures and operational efficiency—ultimately driving improved profitability.
It sounds like you have a very interesting viewpoint about the future of the cybersecurity industry. I'd be interested in having an offline discussion about your market vision. Let me know if you're interested in chatting.