I have attended many of the large-scale security industry trade shows, RSA, Gartner, BlackHat, etc. and am currently at the Gartner Security Summit in National Harbor MD. Having spent the past 2 days on the exhibit floor, and attending some of the sessions, I find it challenging for any security practitioner to identify, select, and investigate the top 3 or so security solutions that may be the most relevant to today’s challenges.
With over 200 solution providers in attendance at this year's Gartner Summit and over 600 at this year's RSA Conference, it's a virtual quagmire of security solutions that all seem to blend together in one way or another. Walking the floor in the exhibit hall, it seems many of the messaging is the same, and value propositions are not very clear.
Putting myself in the position of a CISO, I would look for solutions that have a clear focus that addresses the most prevalent security concerns of today and in the future. Understanding what my objectives are is another important element to ensure I stay focused and prioritize accordingly. Am I looking to Reduce Risk Tolerance, Improve on Time to Detect an APT, or establish a Post Breach Strategy assuming a breach will occur at some point as examples? Having specific goals in mind will assist in keeping distractions of “shiny new toys” away from consideration.
When speaking with several CISO’s this week, they have complimented our presentations given by our CEO and Founder, Ofer Israeli – and really enjoyed the analogy to the most famous jewel heist in history. The Keynote hosted by Neil Macdonald was interesting in that one of the top areas of concern is still time to detect an APT. As was described in the illusive networks® session, if the Italian gang that targeted the Antwerp Diamond vaults were faced with many buildings, many security systems, many vaults, etc. chances are they would have never succeeded and would have been caught very early in their 2-4 year mission.
When the fire alarm here at the Gaylord went off, I found it interesting that the reaction from everyone was basically to ignore it, myself included. After all, waiting for 15 minutes in the coffee line, I was not willing to give up my place in line as I was next to order (seems like no one was willing to give up their place in line!). Fortunately, as we all suspected it was a false alarm and the all-clear was given within a few minutes. If only security operations centers could operate that quickly on false alarms - and give an all-clear on the many false positives they see daily.
If one of your top security concerns are to detect advanced attackers engaged in lateral movement or an APT very early in the game and catch them before they have a chance at getting to the diamonds, check out illusive networks. We proactively defend against advanced adversaries from navigating inside your environment, with near-0 false positives!