RSA 2017: Business-Driven Security, Defending the IoT and a Digital Switzerland
The IT security industry responds to a growing cloud ecosystem, IoT's expanding reach and a rise in nation-state cyberattacks.
It's a wrap.
RSA 2017 concluded today, leaving in its wake alarming new vulnerabilities and dire warnings about the cybersecurity landscape amid a growing cloud market and the unstoppable spread of the Internet of Things (IoT). IT giants made some announcements, too, offering the industry a look at how they plan to tackle some of the most pressing security challenges facing IT organizations today.
RSA, now part of the Dell tech empire, announced a suite of Business-Driven Security solutions that adds business context to security incidents, enabling security teams to better focus their efforts on activities that have a significant business impact. "We believe that operationalizing business-driven security will make security teams and risk managers more effective, resulting in smarter and faster decisions around cyber risk management," blogged Grant Geyer.
That means new RSA NetWitness Suite capabilities that enable faster threat detection for enterprise environments, with a mix of public cloud (AWS and Microsoft Azure), virtualized (VMware and Gigamon) and physical IT assets. Updates to SecurID Access bring stronger multi-factor authentication and improved access management that span a wide variety of device types.
The RSA Archer Ignition Program is now generally available, helping businesses manage risk and compliance. And the company's new Risk & Cybersecurity Practice provides customers with access to RSA technologies and consulting services for security solutions that are tailored to the needs of an organization.
Hewlett Packard Enterprise (HPE) announced SecureData for Hadoop and IoT, a solutions set aimed at securing big data environments, many of them swimming in a massive amount of information gleaned from IoT devices.
"HPE SecureData for Hadoop and IoT provides maximum data protection with industry-standard, next generation HPE Format-Preserving Encryption (FPE), and HPE Secure Stateless Tokenization (SST) technologies," stated the company in an online fact sheet. "With HPE FPE and SST, protection is applied at the data field and sub-field level, preserves characteristics of the original data, including numbers, symbols, letters and numeric relationships such as date and salary ranges, and maintains referential integrity across distributed data sets so joined data tables continue to operate properly. HPE FPE and SST provide high-strength encryption and tokenization of data without altering the original data format."
Microsoft, meanwhile, called for a "Digital Geneva Convention" to protect businesses and citizens from nation-state cyberattacks. Brad Smith, president and chief legal officer of Microsoft, proposed a "Digital Switzerland," where the tech industry works to collectively assist and protect customers from foreign government hackers.
"We suddenly find ourselves living in a world where nothing seems off limits to nation-state attacks," said Smith in a Feb. 14 announcement. "Conflicts between nations are no longer confined to the ground, sea and air, as cyberspace has become a potential new and global battleground. There are increasing risks of governments attempting to exploit or even weaponize software to achieve national security objectives, and governmental investments in cyber offense are continuing to grow."