RSA: The evolution of security in 2019

Reimagining cybersecurity

by Shira Rubinoff, Co-founder and President, SecureMySocial

What do more than 40,000 cybersecurity experts discuss when they get together to explore emerging technologies at the year’s premiere business-focused cyber-security gathering? Themselves, or rather, other people – The Human Factor.

While the recent RSA convention in San Francisco offered up an impressive variety of technological innovations, along with an array of cybersecurity solutions, booth after booth and speaker after speaker concentrated on how people affect cybersecurity more than anything.

I spent some time at the two AT&T Cybersecurity booths, and it became apparent that cloud computing is not only about technology, but rather about business models and people as well. People have to understand what they are doing and why. Since most cyber intrusions are caused by humans, it is critical that businesses focus on humans. AT&T Cybersecurity’s south booth presented and promoted their security consulting services, which focus on education and utilizing security networks – all based upon humans.

Indeed, while technology itself is a core area of focus around cybersecurity, the other two primary pillars of concern in an appropriate tri-pillar approach are processes and people - both aspects of The Human Factor. The human being is the weakest link, and therefore people must become part of the solution, and not just part of the problem.

With that in mind, as I expected, AT&T Alien Vault USM Anywhere took center stage and was recognized with the “Best SME Security Solution” award. Encompassing the best and most efficient technology and security capabilities, this solution is unparalleled and is positioned to lead in every aspect of cloud security.

This solution enhances AT&T threat detection capabilities by miles ahead of any competitor. It also increases their customers’ threat detection capabilities and their ability to respond effectively to threats. I view this as the appropriate and effective approach to what I think of as the “cyber ecosystem.”

I had the opportunity to meet and interview Barmak Meftah, President of AT&T Cybersecurity, who was the former CEO of AlienVault, before its acquisition by AT&T last summer. We discussed the evolution of cybersecurity over the past few decades and how it must continue to evolve with the embrace of cloud computing in today’s world.

Meftah outlined how in the early years of computer use, threats were really only posed by internal employees since what he calls the “attack surface” was limited and contained within the computer itself.

With the advent of the World Wide Web in the nineties, suddenly that attack surface increased exponentially, and anyone with a web browser could potentially find a way through virtual entry points to try to steal data or leverage access for some form of money-making scheme.

Today, with the explosion of cloud-based storage and computing, and the gradual moving away from premises-based assets to cloud-based assets, coupled with the introduction of Internet of Things (IoT) technology, almost any IP-enabled end-point can potentially be an attack surface that, as Meftah described it, “creates an explosive environment for hackers to take advantage of.”

Luckily, AT&T Cybersecurity is covering all the bases. With their managed security solutions and services, AT&T Cybersecurity knows how to guide organizations through their digital transformations and moves to cloud computing, which is key for proper cybersecurity.

Over the course of the conference, I met scores of leading military, security, and tech leaders, all of whom offered their insights into not just how to best deal with the security challenges before us today but what the future might hold. As Thaddeus Arroyo, CEO of AT&T Business, discussed in dealing with the paradigm shift in cybersecurity, “It's going to take a new level of collaboration, (and) learning from others collectively, to form a greater force than those forming an offensive capability.”

According to Meftah, “We’ve been thinking about cybersecurity the same way for the past 15 to 20 years, all the while these changes have been taking place. At AT&T Cybersecurity, we think it’s time to rethink and reimagine how we do cybersecurity going forward.” If the AlienVault acquisition is any indication, that is exactly what they are doing. RSA was the perfect platform to showcase the approach by AT&T Cybersecurity to the evolving needs, challenges, and realities of security in 2019.