Cybersecurity in this day and age is a collective effort. Its also a moving target as attack strategies, exploits and malware strains are constantly changing. To effectively protect users, data and capital investments from the bad guys, we continually enhance security strategies and tools with developing industry trends. For just as attack vectors evolve, so must we. That’s the purpose of the annual RSA conference, to bring cybersecurity professionals together and empower the collective “we” in the industry. “We” is everyone from the C-suite executive to the front line employee. Organizations must constantly improve when it comes to stopping threats, which makes a very relevant theme for this year’s conference: Better. The conference emphasized that together we must better our tools, better our strategies, and better our people and ideas.
Few have ever won a war on their own. To battle in the cybersecurity war of today, we must come together, which so many did last week in San Francisco at the RSA conference. RSA is a branded name in cybersecurity, named after not just the founders of the company, but the creators of the well-known public key cryptography algorithm. The company focuses on four main roles:
- Threat detection and response
- Fraud Detection
- Integrated Risk Management
- Identity & Access Management
The RSA Conference attracts more than 50,000 people each year. Considered to be the grandiose security event of the year, professionals – from cybersecurity to legal teams – attend for the valuable content and ideas presented by many forward-thinking leaders in the industry. More importantly, it’s the chance to network with thousands of peers, comparing stories, successes, concerns and ideas.
Attendees learned of new innovations to quantify risk on a continual basis to make better risk mitigation decisions. For those organizations who have either completed or are currently undergoing their digital transformation, this is imperative. With an increased digital environment, the number of attack opportunities into your network also increases and the level of risk to your company.
At RSA 2019, HALOCK Security Labs teamed up with Red Sky Consulting and CIS® (Center for Internet Security) to further connect professionals and industry experts with an Author Happy Hour on March 6, 2019 at the InterContinental. The evening featured two leading authorities in cybersecurity: Todd Fitzgerald and Chris Cronin.
Todd Fitzgerald, author of CISO Compass: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (one of the 2 top selling titles at the RSA Bookstore), is an industry veteran of 20 years and has led numerous Fortune 500/large company information security programs across multiple industries. On top of being a speaker at RSA 2019 and a noted author, Todd holds a number of accolades including being named Chicago CISO of the year as well as being ranked as a Top 50 Information Security Executive. Todd’s thoughts on RSA 2019:
“In talking with many CISOs this week, it is clear that the role is becoming increasingly complex with the choice of technologies, emerging regulations, and expectations of companies on the role. I also see an increased role of cyberinsurance in the mitigation of risks and more focus on the detection and response capabilities. More organizations are also becoming more focused on what assets they are attempting to protect, where they are, and reducing the number of technologies used to focus on protecting the critical assets. RSA is always a busy conference and offers something for everyone. This year, the sessions and vendor areas were laid out much better with the increased Moscone space.”
HALOCK partner, Chris Cronin, is the principal author of CIS RAM, the risk assessment method that helps organizations implement “reasonable” and “appropriate” cybersecurity safeguards against the CIS Controls™ cybersecurity best practices. This methodology helps define your acceptable risk level, achieve compliance and ensure your organization devotes the proper amount of resources to security. Chris is also the chair of The DoCRA Council, a not-for-profit (501(C)(3)) organization that authors, maintains, and distributes standards and methods for analyzing and managing risk. The organization developed the Duty of Care Risk Analysis Standard (DoCRA). DoCRA describes processes for evaluating risks and their safeguards so that the resulting analysis is easily communicated to and accepted by authorities – such as regulators and judges – and to other parties who may be harmed by those risks.
With over 50 industry leaders at the happy hour, including experts from CIS® (Center for Internet Security), professionals were able to collaborate on current challenges and discuss the informative sessions of the day. As the RSA Conference reminded us, cybersecurity is a collective effort. It requires collaboration and most of all, trust.