RSA Conference: CISOs’ top 4 cybersecurity priorities>
CSO, from IDG – Jon Oltsik
When cybersecurity executives head to the RSA Conference, they will be looking for information about threat intelligence, SOAPA, business risk, and changing security perimeters. As business executives gain a better understanding about cyber risk, CISOs have been tasked with learning more about cyber adversaries and reporting what they learned to the board. Every CISO I spoke with said their current security technology infrastructure is overwhelming, so they have ongoing projects to consolidate and integrate security technologies. That means CISOs wonât be looking for individual products, but rather integrated security platforms they can implement over time. CISOs are kicking the tires on security operations and analytics platform architectures (SOAPA) that brings together disparate operations tools like SIEM, UEBA, EDR, security automation and orchestration tools, etc. IBM, Splunk, and others have a story to tell here, but vendors should beware of proprietary agendas. T CISOs are getting more involved with business planning and strategy so they can assess risks, implement controls, and manage risk over time. Just about every CISO talked about the fact that mobility and cloud have obliterated the old network perimeter. While CISOs are prioritizing identity and data security, these topics get little more than lip service at RSA (although they may be jammed into GDPR-specific sessions). Identity discussions will center around multi-factor authentication and the software-defined perimeter (SDP, Cyxtera, Google, Zscaler, etc.), while data security chatter will focus on DLP (Digital Guardian, Forcepoint, Symantec, etc.) and encryption. Not exactly what CISOs will be looking, for but somewhat of a start.
Link: https://www.csoonline.com/article/3267965/security/rsa-conference-cisos-top-4-cybersecurity-priorities.html