Recap of RSAC 2020 – Oregon Cybersecurity Leaders in Action
Note: I am proud to serve as the Vice Chair of the Oregon Cybersecurity Advisory Council. This year, as I have done in previous years, I walked through the show to visit Oregon-based cybersecurity companies to see their latest products and offerings, and of course, to catch up with friends and associates. The following post also appeared on the Cyber Oregon website here.
Another RSA Conference is in the books! Big topics ranged from supply chain security, AI for Good, U.S. election security, and the coronavirus. With more than 40,000 people attending the world’s leading information security conference in San Francisco this year, what were Cyber Oregon sponsors and Oregon companies up to? In our Cyber News Roundup RSAC 2020 Preview, we highlighted those companies that had a presence at last week’s mega conference.
Our own Charlie Kawasaki, vice chair of the Oregon Cybersecurity Advisory Council, and PacStar’s CTO, was onsite at RSAC 2020 to provide highlights:
At RSAC 2020, Crowdstrike won SC Media Excellence Award for best security company. SC Media states that the primary reason for this honor “is the company’s latest outstanding efforts at protecting the user community The solution defends customer workloads across on-premises, virtualized and cloud-based environments running on a variety of endpoints, on- or off-network.” For a complete list of the company’s product and service announcements, please read this Crowdstrike blog post.
Eclypsium was onsite to showcase its enterprise firmware protection platform. At the conference, it was named a winner in the Info Security Products Guide’s 2020 Global Excellence Awards, recognized as Best Security Startup for delivering the industry’s first enterprise firmware protection platform. Read the announcement here. In recent Wired coverage, Hundreds of Millions of PC Components Still Have Hackable Firmware, Eclypsium’s research was featured. “When I look at the industry at large, the PCs and servers being shipped, there isn’t a single device in the market that is entirely secured,” says Rick Altherr, principal engineer at Eclypsium. “If you look at any laptop, I guarantee there will be some unsigned component inside of it.”
Ahead of RSAC 2020, Fidelis announced significant enhancements to its Elevate Platform to help organizations proactively defend their cyber terrain. Read the press release here. At RSAC 2020, Fidelis was named one of the 25 Hot Risk, Operations and Threat Intelligence Platforms. In CRN’s coverage, “Fidelis extends the platform’s capabilities to enable security operations teams to move quickly and accurately detect threats and anomalous behavior while also allowing incident responders to remotely bring an endpoint to their fingertips.”
Fortinet showcased its Fortinet Secure SD-WAN, deployed by more than 21,000 customers globally. According to the company, “the ongoing creation and refinement of a WAN solution designed to support Fortinet’s rapidly expanding internal network of data centers, branch offices, and later, cloud-based services led to the development of a sophisticated, purpose-built SD-WAN solution built on the back of Fortinet’s market-leading FortiGate appliances for ultimate security.” It’s designed to maintain high network performance demands and processing massive amounts of data, and business-critical services such as streaming video. In the CSO article, 5 standout products from RSA 2020, Fortinet’s FortiAI security appliance was included as one to look into, since it can find and identify threats in real time.
McAfee highlighted cloud managed endpoint security: defend all devices, deploy your way. McAfee’s cloud security solutions offer data and workload protection across the entire cloud spectrum: “to enable rapid collaboration and a more responsive, elastic business.” McAfee just announced that it was named a 2020 Gartner Peer Insights Customers’ Choice for Cloud Access Security Brokers for its MVISION Cloud solution. Read more here. McAfee had a plethora of theater sessions at RSAC 2020 including Improve Your Cloud Security Risk Posture in Real Time, 5 Key Considerations for Cloud Native Threats, and Cloud Security: Reimagine Your Perimeter. Read all of the sessions here.
“Secure the enterprise, secure the cloud, secure the future.” Palo Alto Networks discussed several big issues, including the role of identity access management (IAM) in cloud security. Did you know that 84% of organizations use a multi-cloud strategy, according to RightScale. For more on getting IAM security right, read here. The company also showcased how groundbreaking AI systems are being used to tackle the fast-merging threat of deepfakes. The company featured entertainment A-listers, a fireside chat with CEO and chairman Nikesh Arora and actor Jake Gyllenhaal. More here. And a concert with Sheryl Crow.
PKI Solutions’ president and founder, Mark Cooper, gave multiple presentations, including “The Secrets to Secret Management” and “Quantum Preparedness: Take Action Now Before the Crypto Sky Falls” in standing-room only partner booths. Lots of discussions generated with The PKI Guy!
Splunk was just named a leader for the seventh consecutive time in Gartner’s 2020 Magic Quadrant for Security Information and Event Management. According to Splunk, “organizations around the world are going through a time of unprecedented change, driven by an explosion of new technologies and innovations. This change creates more data than ever imagined, which in turn creates wider attack surfaces and increasing security risk for organizations of all sizes.” Read the press release here. Additionally, the company discussed SOAR technology, the Security Orchestration Automation and Response, that enables the automation of work that security analysts would typically perform manually. “Automation targets many routine tasks to free up analysts to perform more proactive, higher-order activities,” says Oliver Friedrichs, vice president of security products at Spunk via an interview by SiliconANGLE.
Zscaler was onsite with the message “eliminate your attack surface with Zscaler.” In recent research, the company shines a light on the IoT threat landscape. According to Deepen Desai, vice president of security research for Zscaler and director of ThreatLabZ, “the IoT threat landscape is continuously expanding and changing as manufacturers bring devices to market for consumers and businesses alike. With the space completely unregulated and devices being pumped out like candy, organizations are scrambling to gain an understanding of what is actually transpiring on the corporate network, what types of devices are communicating and transporting data, and how to secure the IoT ecosystem as a whole.” Desai believes that the U.S. is in a prime position to lead efforts toward improving IoT manufacturing security policies. “By creating visibility into your IoT devices, implementing sound zero trust network access policy, and helping to enact change in the way the world creates and regulates IoT devices, you can shine a light on shadow IoT to protect your organization and customers. More about this research can be found here.