People come from all over the world to attend this highlight of the season. It’s been a tradition for decades. Hotels book months in advance. Traffic is horrendous in the city center. The coveted tickets can cost thousands of dollars, but tens of thousands of people are lucky enough to score them. In addition to the main event, which showcases the premier players in the game, there will be an all-star line-up of vendors and entertainment. It is a unique, intense and inspirational experience.
No, it’s not the Super Bowl. I’m talking about RSA Conference 2017, of course.
The world’s leading information security conference and expo takes over San Francisco’s Moscone Center and the downtown Marriott Marquis from February 13-17, 2017. The conference brings together the top information security professionals and business leaders to discuss emerging cybersecurity trends and formulate game plans for tackling current and future threats.
To say this event is big would be an understatement. Last year, nearly 40,000 attendees experienced keynotes, peer-to-peer sessions, track sessions, tutorials and seminars. That was a record number. But, given this year's expansion to the Marriott, it looks like the organizers are expecting an even bigger crowd. For the first time, you can reserve a seat online for almost any session – definitely recommended for popular sessions or those with limited seating.
SAS will be there of course, presenting our security analytics platform. We won’t be alone. In fact, security analytics is really taking center stage, moving from trend to mainstream. More organizations are realizing the need to get more out of their security data.
What does the term, "security analytics," really entail?
At last year’s RSA Conference, you couldn’t walk more than a few feet without seeing “security analytics” on a vendor’s booth. What does that really mean? Most talked about a niche solution and the algorithms within it.
Yes, we talk about analytics too. SAS security analytics solutions provide layered analytics and machine learning techniques to deliver the right analytic approach at the right time. But to me, the math is just one part of the equation. To put those analytics into action – and get it right – you also need integrated:
- Data management capabilities that can ensure the data is fit for purpose. Data may be in multiple formats, of poor quality, arrive too fast or be too big. Your ultimate results are only as good as the data inputs.
- Governance that ensures consistency in how analytic models are being managed – the means to track the evolution of models and ensure that model performance does not degrade over time. Who is tinkering with the models, what are they doing, and are the models being used correctly?
These bookends of the big picture are not getting the attention they should. If they are ignored, they can hinder an organization's successful use of security analytics.
When a headline-making breach occurs, and the CEO and board are asking how it happened, will the security team be able to answer with confidence? Not if security analytics has been treated as just another piece of a patchwork.
So while “security analytics” will no doubt remain a hot buzzword at this year’s conference, I don’t foresee it being discussed as part of an end-to-end concept – at least not to extent that it warrants.
I’ll be following up after the conference with my thoughts on this year’s RSA Conference. We'll see whether my predictions about cybersecurity discussions were on the mark. In the meantime, if you are going to the conference, please stop by Booth N4308 to say hi!