RSA conference shines spotlight on cyber trends

This week’s RSA Conference in San Francisco will be one of the most important cybersecurity conferences ever, bringing together nearly 50,000 people in the industry to discuss new trends and emerging solutions.


Attending the event will be Scott Raynovich, Principal Analyst and Founder of Futuriom, and he offered NetReporter a taste of some of those topics.


“The cybersecurity industry has been a large beneficiary of private equity’s largesse – drawing $18.5 billion in 2022,” he pointed out. “Cybersecurity technology has represented a consistent and rising share of IT spending.”


The big themes Raynovich is anticipating include:


Application Programming Interface (API) security and shift-left security. “Shift left is a term used by IT staff, developers, and DevOps professionals to describe the shift of testing, security, and configuration automation into the development cycle, to address the needs of continuous integration/continuous deployment (CI/CD),” he said. “Because many modern applications are driven by APIs, there is also an important need to assess and monitor the threats posed in code with APIs. This is a hot emerging area we will be watching. Vendors to watch include Akamai, Noname Security, Neosec, Orca Security, Salt Security and Wib.”


Secure Access Service Edge (SASE) vs. Secure Service Edge (SSE): “There is a religious war brewing for networking security at the edge,” commented Raynovich. “The idea of blending security functions with SD-WAN eventually merged into SASE, a concept created by the research gods at Gartner. But apparently some vendors objected, leading Gartner to invent yet another category – SSE. The funny thing is? It’s all the same — it’s just a matter of how it’s implemented. Both SASE and SSE describe ways to integrate key security functions and acronyms into the network, at the application layer. Typical SASE and SSE functions include advanced threat protection (ATP), cloud access security broker (CASB), secure web gateway (SWG), data loss prevention (DLP), firewall-as-a-service (FWaaS), and intrusion detection system/intrusion prevention system (IDS/IPS). The differentiation between SASE and SSE comes down to how many functions are included, as well as the architecture — whether the function is delivered on premises or in the cloud. SSE proponents say most of it can happen in the cloud, while some SASE proponents advocating a hybrid architecture with on-premises hardware and software for deploying these services. Expect to see more of this battle unfold at RSA. Vendors to watch include Aryaka Networks, Cato Networks, Cisco, Fortinet, HPE (Aruba), Juniper Networks, Palo Alto Networks, Versa Networks, VMware, and Zscaler.


Cloud Security Posture Management (CSPM). “This relatively new acronym refers to ways to observe, record, and analyze the security of cloud applications and services,” said Raynovich. “The key function is to identify and automatically remediate cybersecurity risks in cloud infrastructure. Vendors to watch include Aqua Security, Crowdstrike, Microsoft, Orca Security, Trend Micro and Zscaler.”


Cloud Access Service Broker (CASB). “CASBs are evolving rapidly as they are combined with SASE, and in some cases, CSPM,” he noted. “The functionality typically operates by sending cloud traffic through a proxy to insure it’s safe. It can also be combined with other functions into larger SASE and cloud security platforms. As both SASE and SSE functionality is rapidly increasing and often includes CASB functionality, it will be interesting to see how CASB-focused vendors evolve their strategies. Vendors to watch include Cato Networks, Forcepoint (Bitglass), Microsoft, Netskope, Palo Alto Networks and Symantec.”


Extended Detection and Responses (XDR). “The marketing folks in the cybersecurity industry might have gotten bored with Endpoint Detection and Response (EDR), so they came up with XDR, which extended the functionality of scanning for viruses and malicious activity,” concluded Raynovich. “Typically XDR platforms function by ingesting large amounts of data and use AI/ML to match with risks and threats in many environments – including endpoint devices, cloud workloads, and email. Again, this is an evolution story, as XDR gets merged with cloud security. Vendors to watch include Cisco, Crowdstrike, McAfee, Rapid7, SentinelOne, Stellar Cyber, Symantec, TrendMicro, and VMware (Carbon Black).”

Call for Papers

  • About You

  • About Your Paper Submission