RSA 2022 in review: Cybersecurity trends to watch
Last week I had the pleasure of being back in San Francisco again, after a 2-year absence, to attend cybersecurity’s annual high school reunion, the RSA Conference. I think many of us were unsure as to how the show would be after so many virtual events, zoom calls and lockdowns but I was pleasantly surprised to see how busy it was. Despite the ongoing challenges with COVID, the organizers reported a crowd of over 26,000 – so it can’t just be vendors speaking to vendors.
From my own previous experiences, although it was quieter than 2020, there were still many good conversations to be had, and a familiar buzz on the show floor on Tuesday and Wednesday at least. For Noetic, this was a first appearance at RSA, and a chance for us to have valuable F2F conversations with CISOs, analysts, technology partners and investors. Our CEO and the sales team were holed up in the meeting suite for most of the week, but I was able to attend some of the sessions and networking events, and here are some of my thoughts from last week.
Despite challenges, the Cybersecurity industry continues to thrive
Macro-economic and geo-political trends worldwide have massively impacted on the technology sector this year, with falling stock prices, layoffs and canceled IPOs. But for several reasons, the cybersecurity sector remains robust. The problems that we are addressing have not gone away, the number of exploitable vulnerabilities continues to rise, ransomware gangs remain a huge challenge as are state-based attacks such as the recent Follina phishing campaign. In speaking to peers and investors at events around RSA, they remain confident that funding in new and innovation cybersecurity companies will continue, but the level of oversight and accountability will grow as well, something that the industry should embrace to ensure that our fiscal discipline is where it needs to be to build healthy companies for the long-term.
Exposure & Attack Surface Management are high on the agenda
From conversations with our advisors, CISOs and industry analysts, as well as on my visits to the show floor, it feels like the industry is seeing a point of inflection. Security investment shifts from an emphasis on ‘Prevention’ to ‘Detection & Response’ in waves as we look for new technology approaches to improve our cybersecurity posture or reduce the number of attacks, and that focus is currently on the move again. In the past few years we’ve seen significant investment in next-gen tooling for the SOC, first with SOAR and Threat Intelligence automation, more recently with the growth of XDR.
We are now seeing a renewed interest in prevention, or ‘Threat & Exposure Management’ as Gartner referred to it their Security Operations Primer for 2022 (subscription required) back in February. CISOs know they need to better understand and manage their attack surface if they want to reduce the number of incidents and burden on their team. We can see this interest reflected in IBM’s acquisition of Randori, a leader in External Attack Surface Management (EASM), which was announced just before the show.
The growth of interest in Attack Surface and Cyber Asset Management shows that security leaders have recognized that we need a better understanding of our environment and its security posture if we are to reduce cyber risk. This doesn’t mean that investment in XDR and Response solutions isn’t still critical but it is complementary with exposure management, as our integration with Sentinel One Singularity XDR which we demonstrated on Sentinel One RSA booth shows.
Continued Innovation is critical to keeping up with Attackers
We all understand that to some extent we are in an arms race. As attacks on supply chain, cloud infrastructure and IoT networks continue to grow, CISOs must consider how to do the daily job of managing cloud configurations, vulnerability prioritization and overall cybersecurity hygiene. We exhibited in the Early Stage Expo at RSA this year, an area of the show limited to 35 vendors newer to the market with their technology. What’s exciting about participating here is the focus on innovation, as we look to solve new problems or develop a new approach to existing challenges.
For Noetic, that focus is on asset discovery and management, using data science and automation to deliver a new kind of cyber asset intelligence that gives them the confidence to make quicker decisions. It is critical that, as an industry, we continue to embrace innovation and look to other technology sectors where their approaches could be applicable to cybersecurity use cases. The energy in the Early Stage Expo from attendees, vendors and partners was exciting and Noetic was proud to be a part of it.
So what’s next?
As we recover from a long week in San Francisco, we are already looking forward to Infosecurity Europe in London next week, where we will have the opportunity to discuss many of the same issues with CISOs and security leaders who have a slightly different perspective. I hope to see many of you there and look forward to catching up with old friends and making new ones.
June 2022 is turning out to be an especially busy month for the cybersecurity industry, but these events do give us valuable time to re-connect and learn from each other, I hope to see you at Infosec!