informa
/
Operations
Commentary

Security Providers Describe New Solutions (& Growing Threats) at RSAC

SPONSORED CONTENT: Watch now -- Leading security companies meet Dark Reading in the RSA Conference Broadcast Alley to talk about tackling insider threat, SOC complexity, cyber resilience, mobile security, attacker evasion, supply chain threats, ransomware, and more.

Watch Now: Work from Home Modifies the Endpoint Security Equation, Cisco Says

The work-from-home trend is here to stay and has forever altered how enterprises handle endpoint security, says Cisco Secure's Al Huger. It's also created new challenges for operations and security management, he adds. And as customers get to grips with this new reality, they'll need to simplify their implementations and make more use of automation.

 

Watch Now: Cisco: Reduced Complexity in the SOC Improves Enterprise Security

All it took was a global pandemic and a shift to working from home to expose security operations centers' open secret: Too much software, systems, and data to filter. Dug Song, chief strategy officer of Cisco Secure, makes a strong case for why reducing that complexity is the only tenable way forward for security professionals.

 

Watch Now: Sophos Research Uncovers Widespread Use of TLS By Cybercriminals

Nearly half of all malware is being disseminated via Transport Layer Security, an encryption protocol, which in this instance is being used to conceal nefarious activity, says Dan Schiappa, executive VP and chief product officer for Sophos. He also discusses how the vendor's new XGS Series appliances handle TLS inspection to keep customers safe.

Watch Now: Acronis: Pandemic Hastened Cloud Migration, Prompting New Security Issues

DEK: The COVID-19 pandemic has accelerated an ongoing shift in data away from business data centers to home offices and the cloud, explains Candid Wuëst, VP of cyber protection research for Acronis. Wuëst also discusses the huge uptick in data breaches and credential theft, as well as the potential use of AI-fueled automation by cybercriminals.

 

Watch Now: Axis Fosters Work-From-Home Momentum with Zero Trust Network Access

Virtual private networking and virtual desktop infrastructure, while still useful, lack the hardened security required to keep users secure. That's created an opening for Zero Trust network access, according to Dor Knafo, co-founder and CEO of Axis Security. He discusses why Zero Trust is more secure than VPNs or VDI, and how it works with SASE.

 

Watch Now: How Menlo Uses Isolation to Secure Mobile Devices in the Cloud

Mobile devices like smartphones and tablets have emerged as popular targets for bad actors looking to break into to cloud-based networks, according to Poornima DeBolle, chief product officer for Menlo Security. Consequently, the vendor has created new mobile isolation features to keep devices secure – without any performance hit on the device.

Watch Now: Raytheon: Supply Chain, Ransomware, Zero Trust Biggest Security Priorities

While organizations may be more vulnerable than ever to supply chain hacks and ransomware, they can look to Zero Trust frameworks to keep their users and data safe, said Jon Check, a senior director in Raytheon's cyber protection solutions business unit. Check also foresees wider use of automation to handle tasks humans in the SOC can't get to.

 

Watch Now: Orange: Your Leaky Security is Coming from Inside the House!

Your home WiFi router may be streaming fast, but it's also a major point of vulnerability in this work-from-home era, says Charl van der Walt, head of security research at Orange Cyberdefense. And while Zero Trust offers some relief, he offers up some how-to advice to ensure it's properly deployed.

 

Watch Now: ExtraHop Explains How Advanced Threats Dominate Threat Landscape

How do SOC professionals build a strategy when they lack basic information about how such threats operate? Advanced threats by their very nature create plenty of uncertainty, according to Matt Cauthorn, VP of cloud security for ExtraHop. He discusses how to handle mitigation and encourages post-incident learning to improve resilience.

 

Watch Now: Devo: SIEM Continues to Evolve with Tech Trends and Emerging Threats

Security information and event management (SIEM) started as technology for the SOC and evolved to embrace the cloud. Some organizations split the difference with a hybrid of premises- and cloud-based SIEM, says Ted Julian, senior VP of product at Devo. As security data volumes continue to increase, SIEM's evolution will only continue, he adds.

 

Watch Now: Uptycs Offers Resilience Formula to Boost Business Continuity

Breaches and data loss are inevitable, but customers can bounce back more readily with some planning and foresight, says Ganesh Pai, CEO and founder of Uptycs. He suggests a trajectory for customers looking to improve their own resilience, starting with proactiveness, followed by reactivity, then predictive capabilities and better protection.

 

Watch Now: Turn the Tables: Supply Chain Defense Needs Some Offense, Fortinet Says

While the SolarWinds hack put fresh attention supply chain vulnerability, Derek Manky of Fortinet's Fortiguard Labs suggests dismantling cybercriminals' own supply chains to blunt their effectiveness and keep organizations safer. Manky discusses how defenders have dismantled criminal supply chains and what security pros can do.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5