This year’s RSA Conference in the U.S. takes place March 4 to 8 in San Francisco. The event will bring thousands of cybersecurity professionals together to talk security and share new ideas. So, which security-related issues will be top of mind at this year’s conference? Here are three items that you’re sure to hear about at the event:
1. Patch management
It isn’t a new problem, but patch management remains a major headache for security professionals around the world. Everyone is looking for a way to create a process that allows them to deploy patches at their own pace while minimizing risk exposure.
It’s a significant issue because keeping up to date on security patches can consume a lot of resources, and that can throw the entire security organization off schedule. In lean security operations (aren’t they all?), a hitch in the schedule can create major downstream problems.
Cybercriminals routinely exploit known vulnerabilities [PDF], so it’s critical to manage patches in a timely way. But finding a balance between speed and resource commitment seems to elude many CISOs, primarily because their security strategy is reactive by nature rather than proactive.
The question of who takes ownership and accountability for patch management also keeps the patch management issue top of mind. Security experts are rightly concerned about deploying a patch that fixes several vulnerabilities while introducing new ones. It’s a perennial topic.
2. Cybersecurity stack vulnerabilities
Virtually all mature companies have a complex cybersecurity stack. The stack typically includes antimalware, antivirus, AI-machine learning solutions, scanning and compliance components.
Stacks become complex when CISOs spot a hole in their security and add solutions to address that vulnerability. After a while, it’s like stacking slices of Swiss cheese to form a solid barrier. But the danger is that eventually the holes will align, and a bad actor will slip through.
Stack maintenance is expensive both in terms of direct costs, plus system performance degradation. A more insidious cost is that we accept a small but significant amount of risk; typical cybersecurity stacks don’t offer 100% protection, but we tell ourselves that 90% or 95% is enough.
But is it enough? Should we really be satisfied with a small amount of exposure, knowing that the cost of a typical breach is so devastating — not just in terms of dollars but in reputational damage? Still, most operate as if the risk is unavoidable. Maybe it’s time to question that.
3. Buzzwords and BS
As risks increase, so does opportunity in the cybersecurity product space. Entrants have flooded the marketplace, making it difficult for cybersecurity professionals to sort through all the competing claims and figure out what unique features vendors actually offer.
Big-budget marketing campaigns can imprint logos in potential buyers’ minds, compete for analyst attention and make it hard to sort out what’s important. And the stakes are so high, given the risk of a breach. CISOs can’t point to a metric, claiming XYZ software reduces risks by X%.
So, buzzwords and BS will be on the minds of RSA attendees. They’ll wonder about the signal to noise ratio in vendor claims. And many will try to sift through the hype to find an endpoint solution to help them identify and counter the bad guys more quickly so they can stay safe.
On that last point, AppGuard has a recommendation: Stop looking for the bad actors and assume ALL apps can cause harm. Find a solution that prevents malicious code from running, whether it’s a known or unknown threat. Add a solution to your cybersecurity stack that has never been breached.
We get it — it’s tough to cut through the BS. Every cybersecurity product vendor says they’re the best. If you attend the RSA conference, you’re sure to see big, flashy logos and may hear analysts praising the next big thing in cybersecurity.
Instead of falling for the hype, look for a next-generation approach, a solution that operates under a brand-new paradigm — that a proactive strategy is better than a reactive posture. That’s AppGuard. And here’s another idea: don’t take our word for it: try it, and you’ll see that it works.
So, if you’re heading to the RSA conference, expect to hear a lot about patch management and cybersecurity stack vulnerabilities. And when you’re tired of the buzzwords and BS, head over to our booth at South Expo #2467 or set up a meeting with our team and find out about the future of endpoint security.
How to Find Us at RSA
To set up a one-on-one meeting with a member of the AppGuard team, visit: https://www.appguard.us/rsa-2019
Stop by Booth #2467 in the South Hall to:
- See live product demonstrations
- Speak with AppGuard Engineers
- See how Appguard fits in your Cybersecurity stack
Don’t Miss the AppGuard After Party with a Live Reggae Band!
When: March 7th 10pm to 2am
Where: F8 Nighclub & Bar, 1192 Folsom St, San Francisco, CA
Stop by the booth for an exclusive invitation bracelet or email us at RSVP@appguard.us