I have been a public relations and social media consultant representing cybersecurity companies since 2001 and can tell you that one theme hasn’t changed – what’s new? Journalists want to hear what they haven’t heard before. That’s tough these days. Maybe there will be a “surprise” from a vendor at the show? The splash doesn’t even have to be that big. A new approach or twist on a tool would do. Here’s what I hope to see at RSA this year.
Placing a Good Bet on Defense
Threat intelligence is booming. Where to place the bet on defense is most critical especially in the heat of a constant stream of attacks facing a limited set of resources. And, while this effort may be viewed as a big ticket item, the bigger price to pay is when organizations don’t have such insight and lose critical information assets. And, not only must CISOs identify the threat and implement the solution, but communicate the intelligence to consumers, executives, and the board.
If I was the CEO of a Fortune company I would set aside a rather large budget and purchase a ginormous number of vendor licenses to protect critical assets. But, who has that cash lying around? Security needs to be democratized. While many threat intelligence sharing initiatives have sprung up, more vendors need to partner and offer solutions for the masses. It’s the “Group-On” of security. If many companies are purchasing the same solution, then a discount must be applied to large numbers seeking the same remedies. This – much akin to an open source model – may also lead to cybersecurity information sharing to help combat attacks across companies and industries.
More Holistic Approach for Cybersecurity
Organizations seem limited in seeing the big picture when it comes to narrowing the attack spectrum and lessening incidents. It’s baffling that after all these years of announcing endpoint products and patch management solutions that many can’t make the last mile because they cannot simply make the distance. Information has been partial, sporadic, and siloed. CISOs need a more holistic and constant view of their attack surface with consistent classification of its current holes.