RSA Conference 2021, appropriately themed "Resilience" in this post-pandemic year, is upon us as an immersive virtual event. As an American-Israeli VC firm exclusively focused on early-stage cybersecurity investments in Israeli startups, we are on top of industry trends, and each year we compile a list of must-attend sessions.
In the face of current challenges, the cybersecurity industry has responded by searching deeper to create solutions that can withstand and quickly recover from whatever adversity is thrown at the world. With that in mind, here are three key categories of sessions that provide an inside look at some of the most interesting trends today in the cybersecurity industry.
1. Supply Chain Attacks
In 2020, the SolarWinds SUNBURST attack and data breach was reported to be among the worst cyber-espionage incidents ever suffered by the US, due to the sensitivity and high profile of the targets and its long dwell time. This attack was a harsh reminder that our ecosystems and risks are intertwined. As the world continues to adapt to digital and cloud transformation, our reliance on third-party vendors continues to increase. The SolarWinds attack proved again that the chain is only as strong as its weakest link. When just one of an organization's third-party vendors is exposed or vulnerable, it can affect the entire organization directly. Supply chain attacks and third-party security are highlighted at this year's conference.
One of the most exciting sessions will be led by Sudhakar Ramakrishna, president and CEO of SolarWinds, the IT services and remote monitoring services company whose Orion products were the focal point of the SUNBURST attack. This will be a rare opportunity to hear the inside story and lessons learned as well as remediation actions taken post-attack. Most important, Ramakrishna will share insights on what can help the industry better defend against these kinds of attacks in the future.
Our session picks:
- SolarWinds: What Really Happened? — Keynote — Wednesday, May 19 | 8:50 AM PT
- Wrangling Supply Chain Risk and Response — Wednesday, May 19 | 11:35 AM PT
- Assessing the Security of Suppliers —Tuesday, May 18 | 10:05 AM PT
2. Securing the Remote Workspace
The COVID-19 work-from-home impact not only continued into 2021, it is here to stay. Cloud migration and the digital transformation expanded the organization's perimeter, continually increasing the challenges for security teams and compressing the time to act.
For example, research conducted among our community of CISOs and security executives in mid-2020, published in our "CISO Circuit" report, showed that in the wake of COVID-19, cybersecurity executives were primarily preoccupied with the threat of data exfiltration. This was due to a significant rise in phishing attempts, insider threats, use of bring-your-own-device policies, and third-party security threats in combination with security control downgrades.
Our session picks:
- Hackers Paradise: Top 10 Biggest Threats When Working From Home — Monday, May 17 | 12:05 PM PT
- Lessons Learned From Taking Justice Remote During the COVID Pandemic — Monday, May 17 | 11:20 AM PT
In the past, the role of security teams in securing development environments didn't come into effect until the final stage of development. Development cycles lasted months or even years, but those days ended when agile development entered the industry a few years ago. Effective DevOps ensures rapid and frequent development cycles. Enter the shift-left mentality, which requires organizations to bridge the gap that usually exists between development and security teams to the point where many of the security processes are automated and handled by the development team itself.
An additional interesting trend in this space is "security as code" — a tool set of resources that helps DevOps professionals secure and protect the software development life cycle throughout the process of development. This requires an enterprise cultural shift that prioritizes security with requirements, encouraging further opportunities to automate security into the process. The paradigm shift is the hard part and the main challenge of adopting a security-as-code approach. For that reason, there are excellent sessions on making the jump to this mindset.
Our session picks:
- The State of the Union of DevSecOps — Tuesday, May 18 | 09:20 AM PT
- Security-as-Code to Accelerate DevSecOps, a Practical Guide to Get Started — Thursday, May 20 | 01:55 PM PT
- Attack & Defend: Protecting Modern Distributed Applications and Components — Monday, May 17 | 09:50 AM PT
Lastly, we recommend the prestigious RSAC Innovation Sandbox competition, now in its 16th year. Each year, the highly competitive event presents the cybersecurity industry's 10 boldest new innovators, showcasing their game-changing technologies to a panel of luminary judges. Past winners include BigID, Phantom (now part of Splunk), Axonius,* and, most recently, SECURITI.ai. Among the finalists, Abnormal Security, a cloud-native email security platform that uses behavioral data science to protect enterprises from sophisticated email attacks undetectable by secure email gateways, and Satori,* a DataSecOps company that provides data access, security, and privacy for the modern data infrastructure, are particularly noteworthy.
*Note: YL Ventures has invested in Axonius and Satori.