RSA 2017 has come and gone again, and as always what it leaves behind are changes and challenges. Many point to 2017 as a Fermi-esque Great Filter for new security techniques—a year where a plethora of newcomers must either demonstrate their usefulness or fall into obscurity. The survivors will of necessity be pathbreakers, distinct and competitive both from their peers and from their larger rivals. With this in mind, here are a few highlights from the 2017 RSA conference.
AI and Machine Learning Gain Prominence
At RSA 2017, we found that the floor was packed with companies that leverage the power of AI and machine learning to wage the fight against malware. While there are definitely enough new vendors for companies to choose from, this plethora of options may actually work against this bourgeoning sector. According to Bill Phelps, an analyst at Booz Allen Hamilton, a great many of these new companies aren’t doing enough to differentiate themselves, which could spell problems down the line.
Problems for Large Incumbent Vendors
Much older and more established security vendors are going to have a harder time in the marketplace than their more youthful competitors. Phelps says that a wave of startup acquisitions have led poorly-integrated security platform offerings.
This vulnerability is concerning, especially in light of the RSA keynote session moderated by Allan Paller, Director of the SANS Institute, which ran down a list of deadly new attacks. Fittingly for a conference focused on cryptography, the keynote focused on ransomware as the largest threat—not just in its pure form, but also in combination with the IoT. Will incumbent security vendors succeed in testing themselves against these rising threats?
Does Defense in Depth Need to be That Deep?
Consolidating and winnowing security products became an active theme at RSA 2017. Fear is very good at selling information security products—but it’s not good at making them work well. RSA CSO Zulfikar Ramzan related an anecdote in which a single company had invested in no fewer than 84 individual security products. Did this investment make it 84 times safer than a company with only one product?
According to Ramzan, it did not. Complexity makes companies less secure, in his view. In any event, even if companies won’t let these concerns force them to divest themselves of unnecessary tools, it seems apparent that the marketplace will do it for them. Cloud computing may eventually make many current in-depth security strategies redundant.
NSS “Recommended” Test Results
One final highlight of RSA 2017 was the release of the first ever public tests from NSS labs—tests which SentinelOne passed with flying colors. Our security product achieved the coveted “Recommended” rating, and was 99.79% effective against everything that NSS could throw at it.
We recommend SentinelOne for any company that wishes to protect themselves against the worst the internet can offer—and we’re prepared to stand by our word. If your company gets struck by ransomware while SentinelOne is protecting your systems, we’ll be happy to pay the ransom or remediate the damage up to one million dollars. Our ransomware cyber warranty is like another layer of defense in depth.
In a world of complex security strategies, undifferentiated security products, and constantly evolving threats, SentinelOne offers simple and effective security. For more information on how our platform can protect against advanced threats while replacing a defense in depth strategy, sign up for a demo today.