RSA CONFERENCE 2022 — San Francisco — The tag line for RSA Conference is “Where the world talks security,” and security leaders covered a whole gamut of topics at Dark Reading’s News Desk last week. From new security frameworks and technologies such as secure service edge, extended detection and response (XDR), and confidential computing; to security best practices such as resilience and risk-based prioritization, these News Desk segments covered a lot of ground. There were conversations about automation and the cloud, as well. Check out the YouTube playlist of all the topics that came out of Dark Reading News Desk during RSA Conference 2022 in San Francisco.
Lookout on Getting It Right at the Secure Service Edge
By implementing Secure Service Edge technology, security pros can consolidate their cloud access security broker, secure Web gateway, and zero-trust offerings on to a single platform, according to Jim Dolce, CEO and chairman of Lookout Security.
Concentric AI on How To Maximize Your AI Returns, In and Out of the SOC
Artificial intelligence has transformed the security landscape and given security professionals powerful tools to do their jobs more efficiently, says Karthik Krishnan, CEO and founder of Concentric AI.
DeepSurface’s CTO Tim Morgan talks about how context awareness and risk-based prioritization can fortify vulnerability management. Morgan also encourages security pros to look beyond CVSS scores when performing risk assessments.
Anjuna Security on Tapping ‘Confidential Computing’ to Secure Data, Users, and Organizations
Ayal Yogev, CEO and co-founder of Anjuna Security, describes the emerging model of Confidential Computing, as well as how it leverages enclaves and creates Trusted Execution Environments, which isolates data from unauthorized access.
Seemplicity on Security Security & Productivity: The New Power Couple
Scanning and remediation are handicapped without some robust automation to power them, says Ravid Circus, co-founder and Chief Product Officer of Seemplicity, who’s looking to accelerate time-to-remediation and reducing risk.
Customers consistently struggle to get from reactivity to a proactive security strategy, but combining extended detection response (XDR) with threat intelligence is a big step in that direction, says ReliaQuest CTO Joe Partlow.
Patching and patch management remain among security pros’ biggest pain points; Paul Zimski, VP of product strategy for Automox, believes adding automation to the mix can make a serious dent in the patching equation for most organizations.
Uptycs on Observability Is Key to Cloud Security
Transformation is a key theme at RSAC 2022, and Uptycs founder Ganesh Pai weighs in on how cloud security teams can reduce risk and lock things down more tightly. He also talks about how security observability can drive innovation for organizations.
Artificial intelligence is essential for endowing multicloud environments with greater visibility, insights and actions, according to Mark Nunnikhoven, distinguished cloud strategist for Lacework.
BAE Systems on Want Better Security? Up Your Collaboration Game
“Information sharing and collaboration are essential to good security, says Peder Jungck, VP and general manager of BAE Systems Inc.’s Intelligence Solutions. That effect is compounded when info is shared across companies and industries, he adds.
John Shier, senior security advisor for Sophos, shares original research data on adversaries and the ongoing scourge of ransomware. Spoiler alert: Things aren’t getting better, as bad actors pivot to more sophisticated tactics to avoid detection.
RSA keynoter and Cisco executive Jeetu Patel talks to the Dark Reading News Desk about the power of information sharing, an integrated approach to security, and how to give users controlled, trusted access to applications and services.
Okta’s Marc Rogers and Auth0’s Jameeka Aaron discuss the biggest threats connected to identity, as well as how the move to hybrid work compounds the challenge of keeping users — and their data — secure.
Darktrace on Prevent Breaches and Malware With Proactive Defenses
Pressure to reduce and manage risk — internally and externally — is more urgent than ever, according to Mike Beck, global CISO for Darktrace. That’s why organizations require more sophistication and integration in their security management platforms.
Software code has come under attack in innovative and deeply troubling ways, says Noname Security’s Shay Levi. These attacks have altered the security landscape for developers and their organizations, as well as suppliers, partners, and customers.
Cloud security can challenge security pros like nothing else, including workload security issues arising from app design patterns or DevOps practices, says Sysdig’s VP of research and development Omer Azaria.
It was already tough to find good, experienced security professionals, then along the came the Great Resignation to make hiring even tougher, notes Jon Check, executive director of cyber protection solutions for Raytheon Intelligence and Space.
Panther Labs on Mitigating the Security Skills Shortage
Migrating apps to the cloud has set off a hiring frenzy for security pros with expertise related to data analysis and monitoring, observes Jack Naglieri of Panther Labs. It’s also created a big need to make workloads more manageable, he adds.
Software developers and security pros alike struggle with application security, and Arabella Hallawell, CMO of Mend, breaks down how automated remediation can improve software composition analysis and application security testing.
Whether you’re locking down a network or facing fourth down with mere inches, resilience is key, according to Cisco’s TK Keanini and Tomás Maldonado, CISO for the National Football League. In both cases, protection isn’t optional.
COVID’s had some company in the last couple years with another mutating scourge: Ransomware. Thanks to the Dark Web, ransomware has scaled up and become more heavily monetized, says Halcyon CEO and co-founder Jon Miller.