I decided to take a break from my Cybersecurity Architecture series and CISO’s View series to give my thoughts on this year’s RSA conference while things are still fresh. First off, I enjoyed meeting with old colleagues and many security people that I respect which justified the trip as far as I’m concerned. I’m really amazed by some of the out of the box thinking and frankly transformative approach many companies are taking to address their core cyber security problems. Clearly, the cybersecurity industry is clearly vibrant and growing, with a record attendance of 43,000, two main exhibit halls and an expo showcase for young infosec companies. (This is actually a theme at every RSA – Just when you think it couldn’t get any bigger it seems to double in size.)
I stepped into the expo hall and spent a good chunk of two days looking at the sea of booths and product offerings. If Juvenal was alive today and attending RSA, I think he’d repurpose his saying “…everything, now restrains itself and anxiously hopes for just two things: bread and circuses” because, honestly, if the RSA expo hall this year had a theme it would be hype and cheap gimmicks set to max, hide any actual details on products. Carnival tricks? Check. In-booth movie theater? Check. Solutions to actual problems…
The discrepancy between what the security professionals were talking about and asking for and what was being shown on the expo floor couldn’t be any wider. Companies are trying to solve hard business problems:
At the same time, the expo floor was filled with magic black boxes that can slice, dice, julienne, and solve all the world’s ills – just don’t ask what’s inside the box.
I’m not the only one, or even the first, to point out this discrepancy. I hope everyone saw Mark McLaughlin’s keynote talk “The Coming Disruption in Security” where it went at length at this core issue plaguing our industry and what he believes the solution is. Listening to Mark talk was an affirmation of the last four years of my life. The “Security as a Platform” concept Mark describes is what I and others have been living over the last four years culminating in the open source platform Apache Metron.
Every wish list item Mark describes aligns to our core design principles. From the high level requirements of Visibility, Analysis, and Enforcement, to the design architecture of Sensors, Users, Big Data, and Machine Learning; Mark was essentially describing Apache Metron. Even Mark’s wish for security researchers to rapidly develop new capability by writing against the security platform’s API were requirements we addressed with the Stellar scripting language and for rapid plug and play analytical model extensibility.
To learn more about Apache Metron, join our upcoming webinar with myself, Michael Schiebel, General Manager Cybersecurity, and James Sirota, Apache Metron committer and Director of Security Solutions on March 14, 2017.