The overarching theme for the RSA Conference 2019 is “Better,” as in doing a better job of making the online world safe so we can all come together to make the real world a better place. At least that’s what the show organizers see as their vision for the cybersecurity industry, and who are we to argue with an aspirational vision like that?
For their part, the Oregon cybersecurity community was well represented at RSAC this year. In addition to the folks who attended the conference or shared their expertise as presenters, a broad cross section of cybersecurity firms with strong Oregon connections including a number of Cyber Oregon sponsors participated as exhibitors on the bustling show floor.
To get a lay of the land, Oregon Cybersecurity Advisory Council (OCAC) Vice Chair Charlie Kawasaki (who is also CTO at PacStar, a long-time Cyber Oregon supporter) joined forces with Ron Talwalkar, OCAC member and vice president product at Beaverton-based Eclypsium and Tom Quillin, OCAC member and senior director global security policy at Intel Corporation. Mark Cooper, president of PKI Solutions, who acted as a roving reporter for Cyber Oregon last year ended up being too busy with meetings and his company’s “Where in the World of RSA is The PKI Guy” contest at RSAC to join the group this year.
The Cyber Oregon team’s mission was to visit as many Oregon-based companies as possible in an afternoon to find out how these companies are working to make notable betterments in cybersecurity. They paid particularly close attention to those companies who are supporting cybersecurity awareness and education in Oregon through their sponsorship of the Cyber Oregon initiative and cybersecurity education programs such as NW Cyber Camp. This is the first of two posts on what they saw at RSAC this year.
As the crowded escalators in the shot below might indicate, the March 4-8 event at the Moscone Center in San Francisco was “packed, bigger than ever, with a new (underground) extension featuring what looked like 150 more booths than in previous years,” Charlie reports. With more than 50,000 attendees annually, RSAC is largest cybersecurity gathering in the industry.
Cutting through the vast array of vendors and product offerings, a few notable trends stood out. First created in 2010, the Zero Trust Architecture appears to be going mainstream, with a strong showing across the exhibition halls. Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.
To make such a task easier, as evidenced at the show, automation and orchestration technologies are continuing to be a major focus among cybersecurity vendors. If you have to check literally everything, it makes sense to have automated systems in place. A noticeable new trend, the team noted, is the ongoing move to increase the security of Internet of Things (IoT) devices along with operational technology (OT) security. Also new were native cloud-based security offerings. A good example is Portland’s own Twistlock, which offers a comprehensive cloud native security platform for protecting workloads across any environment including hosts, containers, and cloud.
To kick off the tour of the show floor, Charlie, Ron and Tom met at the Intel booth for a tour of Ecylpsium’s tools for protecting the firmware layer, that company founder Yuriy Bulygin says is “a major unaddressed source of risk for the enterprise.” Eclypsium was named a finalist in the RSAC Innovation Sandbox Contest for their groundbreaking technology.
Next up, they stopped by the booth of Cyber Oregon sponsor CrowdStrike Inc, the leader in cloud-delivered endpoint protection. Along with the booth, CrowdStrike participated in four sought-after speaking sessions including a keynote from CrowdStrike co-founders George Kurtz and Dmitri Alperovitch.
Moving on, the trio of show explorers headed over to the booth of Cyber Oregon sponsor Fortinet. The firm offered attendees live demonstrations on a wide range of Fortinet cybersecurity solutions, including its industry leading Security Fabric and showcased the latest cyberthreat research from FortiGuard Labs among other activities.
Next up, it was time to check in on McAfee, also a Cyber Oregon sponsor. With a large booth on the entrance to the North Hall, McAfee was hard to miss. The “device-to-cloud cybersecurity company” had a full slate of events at the show including a pair of keynotes.
From McAfee, it was a short walk over to Carbon Black, a leader in next-generation endpoint security, which recently opened a research and development office in Hillsboro. In addition to live product demos, Carbon Black’s Eric O’Neil was on hand to sign and hand out copies of his upcoming book Gray Day: My Undercover Mission to Expose America’s First Cyber Spy. O’Neill is Carbon Black’s national security strategist and former FBI “ghost” who helped take down notorious FBI mole Robert Hanssen.
Next up was a demo of Zero-trust Security solutions by Symantec, another proud sponsor of Cyber Oregon. As a major long-time leader in the cybersecurity industry, Symantec had a large booth presence and its experts delivered sessions such as “How to Apply a Zero Trust Model to Cloud, Data & Identity” and “Democratizing cloud security – Journey to secure the public cloud.” The company also keynoted the Cloud Security Alliance Summit, a one-day event that ran in conjunction with RSA.
With the heightened awareness of cybersecurity, companies often must respond to detailed security questionnaires and RFPs – no easy task. New Cyber Oregon sponsor Beaverton-based RFPIO was on hand at RSA for the first time to demonstrate how its response management platform helps companies respond to even the most rigorous security questionnaire with greater efficiency and effectiveness.
Another Oregon-headquartered company, Tripwire, made news with the expansion of its ExpertOps to include vulnerability management as a managed service. According to the company, with this addition, organizations with limited in-house cybersecurity resources can take advantage of the Tripwire ExpertOps service to maintain a strong foundation of security, from vulnerability management (VM) to security configuration management (SCM) and file integrity monitoring (FIM).
This wraps up part one of our RSA show report. Be sure to check this space on Monday (March 11) for Part 2 where you’ll find more eye-catching snapshots and updates.