Reimagining agile security for multicloud at RSA Conference 2019
Cybersecurity has historically been a point of hesitation when migrating data to cloud computing environments, and the concern is not without merit.
Traditional data protection is rooted in firewalls and hardened perimeters, with a primary objective of keeping bad actors out. But the proliferation of multiple cloud platforms and microservices from major players such as Amazon Web Services Inc. and Microsoft Corp.’s Azure, along with the rise of digital endpoints for smartphones and sensors means data no longer lives in one central, protected space — and cybercriminals have a wider, more vulnerable playing field.
Sophisticated malware and attack strategies coupled with unwieldy enterprise scale are a combination that can easily compromise an entire data infrastructure, a devastating prospect for companies moving to cloud. But could the new technologies emerging from digital transformation actually support an infrastructure more secure than ever before?
Looking to answer these and other questions, SiliconANGLE Media Inc. is at RSA Conference 2019 in San Francisco with exclusive commentary and interviews from our roving news desk, theCUBE. TheCUBE coverage will begin on Wednesday, March 6, at 10 a.m. PST, and end at 5:30 p.m. (* Disclosure below.)
Data: a moving target
Today cloud participation is a virtual necessity for competitive business, and the facilitation for hybrid computing environments is enabling even legacy enterprises to leverage cloud tech. But for all its innovation opportunity, the cloud poses risks to the data ecosystem, transforming business security needs.
Leading network security challenges include complexities around infrastructure and new tool interoperability, unmanageable shadow information technology and a lack of visibility into cloud environments. Phishing remains a prominent method of breach, with overall attack volume increasing 12 percent over the past year.
The scheme has seen a recent proliferation in fraudulent mobile applications that play on consumer trust by masquerading as familiar banking apps to easily gain comprehensive permissions within a user’s phone. More than one in four instances of cyberattacks stemmed from rogue mobile applications in 2018, with fraudulent mobile transactions rising 600 percent over the past three years.
Cyberfraud has seen a rise across the spectrum of digital environments. Trojan attacks are up 8 percent from 2017, and RSA Security LLC — acquired by Dell Technologies Inc. in 2016 — found more than 10.7 million compromised cards in the fourth quarter of 2018, almost double a year ago. The risks of cyberwarfare extend past business and into the digital infrastructures of the public sector.
“Hacktivists have moved into organized crime — stealing identities and credit card information,” said Dave Vellante, an analyst with Wikibon Inc., owned by SiliconANGLE Media Inc. “There are also Russia hacking elections, Stuxnet in Israel and Iran’s nuclear facilities being hacked. It’s nation-states increasingly using cyber as a weapon.”
A recent IDC Research Inc. report found roughly one-third of information technology transformation budgets were dedicated to data protection but that cross-cloud security remained insufficient. “Everybody wants to be cloud native,” Vellante said. “I can spin up a container, write code once and deploy anywhere. The question becomes: How do I make this process enterprise-grade for security?”
Leading IT support providers are integrating cybersecurity into their new multicloud solutions to that end. Last year RSA acquired Fortscale Security Inc., a leader in behavioral analytics, to provide users new reactive capabilities through the RSA NetWitness Platform. RSA was recently recognized as a leader in Gartner Inc.’s 2018 Magic Quadrant for Security Information and Event Management for its evolved NetWitness Platform, which offers comprehensive visibility across all environments and enables a more rapid security response.
Dell EMC recently debuted a new line of protective capabilities in its data portfolio, including priority attention to the multicloud support currently driving enterprise strategy. The company’s Data Domain and Integrated Data Protection Appliance offering will now provide integrated support for all major cloud providers, as well as native cloud disaster recovery.
As the market aims to outinnovate cybercriminals, it also faces an internal threat: a lack of cybersecurity workers. The industry is projected to see a of shortage of 3.5 million qualified workers in the field by 2022. To keep pace with the scale of both enterprise infrastructure and cyberattack, many are leveraging the labor-saving powers of artificial intelligence to identify and even preemptively defend against breach.
In February, both Microsoft Corp. and Palo Alto Networks Inc. announced new AI-based solutions as a piece of their data management portfolios. Microsoft’s Azure Sentinel is promised as the market’s first security information and event management, or SIEM, tool built natively within a leading cloud platform. Palo Alto Networks Inc.’s Cortex offers users continuous, automated security with full integration capabilities.
Cloud’s access and agility are a major benefit in application development and deployment but can also leave data vulnerable as cybercrime continues to innovate around new technologies. “The game is, from a security standpoint, to lower the return on investment,” Vellante said. “Make it so hard for the bad guys to hack that it’s not worth it. That’s the new challenge.”
How will the market meet the multifaceted data security challenge in a hybrid cloud world? All this and more will be explored at this year’s RSA Conference.
Speakers at RSA Conference
Speakers at this year’s conference include Dmitri Alperovitch, co-founder and chief technology officer, CrowdStrike; Nikesh Arora, chief executive officer and chairman, Palo Alto Networks; Caleb Barlow, vice president, IBM Security, X-Force Threat Intelligence; Liz Centoni, senior vice president, general manager, Cisco IoT; and John T. Chambers, founder and chief executive officer, JC2 Ventures, and former chairman and chief executive officer, Cisco.
Other event speakers include Josh Corman, chief security officer, PTC; Whitfield Diffie, cryptographer and security expert, Cryptomathic; Keren Elazari, analyst and researcher, K3r3n3.com; Amit Elazari, director, global cybersecurity policy at Intel; Dr. Celeste Fralick, chief data scientist, McAfee; Suzanne Frey, vice president, engineering, Google Cloud; Pat Gelsinger, chief executive officer, VMware; Rohit Ghai, president, RSA; and Del Harvey, vice president, Trust and Safety, Twitter.
How to watch theCUBE interviews
We offer you various ways to watch all of theCUBE interviews that will be taking place at RSA 2019, including theCUBE’s dedicated website and YouTube. You can also get all the coverage from this year’s event on SiliconANGLE.
TheCUBE’s dedicated website and Ustream
All of theCUBE’s exclusive interviews from the RSA Conference will be available on theCUBE’s dedicated website.
You can also watch all the interviews on the dedicated Ustream channel.
Watch on the SiliconANGLE YouTube channel
All of theCUBE interviews from RSA 2019, which runs March 4-8, will also be loaded onto SiliconANGLE’s dedicated YouTube channel.
TheCUBE Insights podcast
SiliconANGLE also has podcasts available of archived interview sessions, available on both iTunes, Stitcher and Spotify, which you can enjoy while on the go.
Guests who will be interviewed on theCUBE at RSA Conference 2019
Speakers who will be interviewed on theCUBE include RSA’s Rohit Ghai; Michael DeCesare, chief executive officer and president, Forescout; Dan Burns, chief executive officer, Optiv; Russell L. Jones, certified information systems security professional, partner, Cyber Risk Services, Deloitte; Elisa Costante, security researcher, Forescout; Joe Cardamone, senior information security analyst and NA privacy officer, Haworth; and Doug Merritt, chief executive officer, Splunk.
Other guests include Sean Convery, vice president and general manager, security and risk business unit, ServiceNow; Brad Medairy, senior vice president, Booz Allen Hamilton; Charlotte Wylie, chief of staff, Symantec; Chase Cunningham, cyber security leader, Forrester; and Scott Stevens, senior vice president, worldwide systems engineering, Palo Alto Networks
RSAC onDemand
If you are unable to attend the RSA Conference in San Francisco, you can watch RSAC onDemand here.
(* Disclosure: Forescout Technologies Inc. sponsors theCUBE’s coverage of the RSA Conference. Neither Forescout nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Image: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU