Get fresh updates from Hortonworks by email

Once a month, receive latest insights, trends, analytics, offering information and knowledge of the Big Data.

cta

Get Started

cloud

Ready to Get Started?

Download sandbox

How can we help you?

closeClose button
February 23, 2017
prev slideNext slide

RSA 2017: A Sea of Solutions needing Big Data

I decided to take a break from my Cybersecurity Architecture series and CISO’s View series to give my thoughts on this year’s RSA conference while things are still fresh.  First off, I enjoyed meeting with old colleagues and many security people that I respect which justified the trip as far as I’m concerned.  I’m really amazed by some of the out of the box thinking and frankly transformative approach many companies are taking to address their core cyber security problems. Clearly, the cybersecurity industry is clearly vibrant and growing, with a record attendance of 43,000, two main exhibit halls and an expo showcase for young infosec companies. (This is actually a theme at every RSA  – Just when you think it couldn’t get any bigger it seems to double in size.)

RSA: A Sea of Booths and Product Offerings

I stepped into the expo hall and spent a good chunk of two days looking at the sea of booths and product offerings.  If Juvenal was alive today and attending RSA, I think he’d repurpose his saying “…everything, now restrains itself and anxiously hopes for just two things: bread and circuses  because, honestly, if the RSA expo hall this year had a theme it would be hype and cheap gimmicks set to max, hide any actual details on products. Carnival tricks? Check.  In-booth movie theater? Check. Solutions to actual problems…

What Security Professionals Need

The discrepancy between what the security professionals were talking about and asking for and what was being shown on the expo floor couldn’t be any wider.  Companies are trying to solve hard business problems:

  • How do we address the critical shortage of talent?
  • How do we make our security processes more efficient since we have a talent shortage?
  • How do we transform our security program in lock step to the IT transformation taking plan in our companies?

At the same time, the expo floor was filled with magic black boxes that can slice, dice, julienne, and solve all the world’s ills – just don’t ask what’s inside the box.

Security as a Platform

I’m not the only one, or even the first, to point out this discrepancy.  I hope everyone saw Mark McLaughlin’s keynote talk “The Coming Disruption in Security” where it went at length at this core issue plaguing our industry and what he believes the solution is.  Listening to Mark talk was an affirmation of the last four years of my life. The “Security as a Platform” concept Mark describes is what I and others have been living over the last four years culminating in the open source platform Apache Metron.

Apache Metron

Every wish list item Mark describes aligns to our core design principles.  From the high level requirements of Visibility, Analysis, and Enforcement, to the design architecture of Sensors, Users, Big Data, and Machine Learning; Mark was essentially describing Apache Metron. Even Mark’s wish for security researchers to rapidly develop new capability by writing against the security platform’s API were requirements we addressed with the Stellar scripting language and for rapid plug and play analytical model extensibility.

To learn more about Apache Metron, join our upcoming webinar with myself, Michael Schiebel, General Manager Cybersecurity, and James Sirota, Apache Metron committer and Director of Security Solutions on March 14, 2017.

Leave a Reply

Your email address will not be published. Required fields are marked *