RSA Conference 2013: New Threats, New Solutions
The keynote speakers have gone home, the parties have ended, and another RSA Conference 2013 is over. By all reports, this year set records for attendance and business conducted. With a complex and evolving threat landscape and the accelerating adoption of disruptive technologies, exhibitors had a field day on the show floor with sophisticated releases that vied to differentiate in the burgeoning security markets.
The themes of the conference – and the multitude of product releases -- fell into two distinct camps. Here is a quick overview:
Advanced Persistent Threats
It’s safe to say that advanced persistent threats (APTs) were all the rage in terms of discoveries and products.
APTs – defined as stealthy, sophisticated, targeted attacks sourced to well-funded cybercrime operations or governments–are more prolific than ever. Much of the buzz around the conference was over the release of a Mandiant report linking a multi-year, multi-industry, enterprise-scale malware campaign imposed by cyber espionage group APT1 to Chinese government agencies.
And if the numbers are any indication, this is a phenomenon that’s here to stay. Conference vendors pulled out all the stops with everything from research to services and solutions aimed at detecting, blocking and eradicating APTs.
Fortinet released a cloud-based sandboxing and IP reputation service to help organizations better detect threat and pull the plug on APTs.
Other vendors – including Trend Micro, Sourcefire, McAfee, FireEye and Damballa–emerged with launches that also capitalized on the growing threat. The techniques varied from enhancing the Command/Control response to integrating threat intelligence and Big Data analytics, sandboxing, heuristics, threat emulation and methods attempting to send APTs into extinction.
Looking ahead, the advanced threat detection race is only expected to become more fierce and competitive.
While APTs hog to media spotlight, mobility trends are the day-to-day reality for most users. Most organizations are allowing the use of personal mobile devices as business enablers and are facing mounting security issues that come with wide-open threat vectors and new variables.
The biggest variables are related to the proliferation of Android malware, which, according to numerous reports, experienced a sharp upward spike in 2012 and will continue on the upward trajectory.
The disruptive trend has touched almost all market segments and verticals. Securing these bring-your-own-device (BYOD) environments was a hot topic this year at the conference, and vendors rose to the occasion with new ways to secure and manage the devices.
Earlier in the year, Fortinet partnered with Bradford Networks to better enable mobile device management.
The explosion of mobile security launches during the RSA Conference 2013 included a wide array of MDM and mobile security solutions from Webroot, F5 Networks, Lumension, Sophos and Citrix. As mobility trends rapidly evolve, more organizations are also including mobile application management and related mobile app security solutions in their comprehensive mobility packages.
As the Android threat landscape continues to become more treacherous, organizations are leveraging threat intelligence and more sophisticated authentication technologies to combat the proliferation of mobile malware. And, as the mobile threat landscape grows more complex, it’s likely users will see an uptick in partnerships that leverage their flagship technologies in more comprehensive mobile solutions. BYOD is far from a static trend.