Confidence and Control at RSAC '16

A View of RSA from the Hall

RSAC ‘16, hit San Francisco with a record number of attendees, topping out at 40,000 a 15% increase from 2015. The security conference by the Bay, “where the world talks security” has seen steady growth in the past few years. The increase in attendance is mirroring the growth of the industry and fears around cyber crime, cyber espionage and, well, anything cyber.

The exhibition hall was no different as vendors packed in, illustrating not only on-going investment from the big guys like Fortinet, FireEye, Palo Alto and Cisco but also representing the over $4.6 billion dollars of venture capital that has been flowing into start-ups over the past two years. There are a lot of solutions out there, as organizations strive to obtain visibility into what is going on in their environments.

With all this attention, money and great parties at the W, are we any closer to achieving the very reason we are here? Not to get existential, as in the proverbial "why are we here," but where do our networks stand today? Are we any safer than we were just a few years ago? And who is managing all these shiny new boxes full of blinky lights? Isn't there a drought as big as California in the security talent pool, some million strong? California is counting on El Nino to save their day. When is the info-sec rain coming, and will it bring with it much-needed talent? The only clouds we see drive a lack of control and visibility, and create an application and access nightmare.

Before we fall into the familiar pit of pessimism, let's not forget what we are all doing here. We are keeping the connection alive. Keeping the connected workforce on the go, bringing moms closer to their children, doctors to their patients and driving unprecedented economic growth. Guarding the connection is kind of cool, and it matters.

At RSA, visibility and control reigned supreme, combined with ease of management. There are a number of "single panes of glass" solutions that aggregate your visibility at the management plane. These are great to see what is or what has happened within your network, and they even provide cool graphs. But they are doing nothing to feed the tools with the data that supplies the visibility and they provide little control.

After visibility, the underpinning issue of time to detection was everywhere. Plugging every hole and building a massive wall around our perimeter is no longer a viable form of defense in today's connected world. With every new device comes a new IP address and a point of access. Time to detection in weeks, months or years is not something we can afford in the "it's not a matter of if but when" era of security incidents.

We need to see who has entered our network, where they have gone, what they have done. We must react and deploy a response quickly. Recognizing that failures will happen while establishing a well-orchestrated response is a sign of a maturing security posture. Having the ability to respond quickly while being poised under pressure permeates confidence within our systems and the craft of securing the connected. Our security teams and systems need confidence more than anything, in response and in deployment. Because many of these expensive tools are not deployed in active blocking mode, due to fear of disrupting the connection, where is the confidence with partially implemented solutions?

The exhibitors’ hall at RSA is full of possibilities for investment. But no single pane of glass, magic bullet or high price tool is going to be effective if we do not provide the proper support. The lack of personnel and fear of automated systems are compounding a passive approach to prevention and detection. Teams are managing and deploying shiny new boxes while fighting for access to traffic and visibility. Instead of actively protecting the connected.

A wise person once said, "judge me not by the mistakes I make but by the lessons I learn." With these post-incident lessons, how do we respond not only with the right internal behavioral change but with the appropriate technology as well? The speed of deployment and confidence in implementation is an essential factor in incident response. We need to be able to provision new solutions with confidence, with all available active in-line services up and running, while reducing management and provisioning overhead. Freeing our teams from the deployment and management cycle to redeploy them to the protection cycle. This way we can not only be good, we can also be cool, until we all meet again in the City by the Bay. 

Learn more about how you can confidently deploy security in your environment and mature your security posture without disrupting the network connection.

 http://www.vssmonitoring.com/security/

Top Security Breaches of the 21st Century. Are You Next?

Facts: Top Security Breaches of the 21st Century

1. 2009 - Several US-based enterprises lose valuable intellectual property exploited by the Chinese hackers (CSO Online). 
2. 2011 - A multi-billion dollar game company loses millions while its website was down for a month after 77 million user network accounts were hacked (CSO Online). 
3. 2013 - One mass merchandise retailer's cyber-attack impacts 70+ million customers, exposing credit/debit card information, including security pin codes (The Washington Post). And recently, a high-end retailer is the latest victim (CNET). 

It is 2014. Is your organization next?

The ever-changing, complex, network security landscape makes network management and risk management a monumental task for organizations worldwide. No longer is the case of perimeter defense a de facto standard, which put into question whether or not existing design and deployment models are future-proofed. As emerging threats, both known and unknown, plague the network - enterprise as well as carrier networks - the ability to add layers of defense in real-time, accelerate response, and even better, prevent intrusion from happening in the first place is the new norm.

Defense-in-Depth Network Security - the New Norm

Achieving multi-layer defense in depth is now possible with an architecture that 1) simplifies design and deployment to scale across converged and distributed networks and 2) has carrier class performance. At the same time, threats intelligence can be optimized to accelerate incident detection and response protocols to combat a plethora of multi-dimensional challenges, such as #Next-Gen network, #BYOD, #IoT, #Big Data, #cloud and #virtualization, stress testing the security infrastructure on a day-to-day basis. 

The New Model's Must Haves

This February, learn from security experts and hear from analyst Jim Frey, VP of Research Network Management at EMA, the must haves of a defense-in-depth model powered by network visibility controller system (aka network packet broker | What is network packet broker?), which are: 

• Visibility - 100% end-to-end visibility, any packet, any where, any tool;
• Agility - accelerated security proof-of-concept with simplified deployment and lower OpEx;
• Defense-in-Depth - proactively detect and mitigate security threats AND add defense layers with minimal impact (think investment protection and operations simplicity);
• Scalability - support multiple 1G/4G/10G/100G segments with 1G/10G security tools, maximizing tool's capacity for higher ROI; and
• Service Assurance - complete protection for all security zones and PCI DSS, SOX, HIPAA and GRC requirements compliance.

Time is of the Essence. Learn More

To gain insights and in depth knowledge of the gaps in existing design and deployment models, learn more about this new model, get answers to common and emerging network pain points, and understand the benefits and successes a major global bank had achieved, join us for a two-part webinar series on BrightTALK: Optimizing Security and Performance Monitoring channel. 

1. Part 1 - Architecting Defense-in-Depth Network Security for Scalable Forensics, a 45-min webinar with Tony Zirnoon, Sr. Director of Global Security Strategy & Alliances.  February 5, 2014 at 10am PT. [Register Now]
2. Part 2 - Network Intelligence Optimization for Security Service Assurance, a 45-min panel discussion plus 15-min Q&A session with Jim Frey, VP of Research Network Management at EMA. February 19, 2014 at 7am PT. [Register Now]

US security professionals can join us at #RSA2014 in San Francisco between February 25 and 27 at the Moscone Center, South Hall. Complimentary Explorer Expo Pass is available for those wishing to consult with our experts at Booth 301. [Sign Up] 

EMEA security professionals can also join us at #MWC in Barcelona during that same week at the Fira Gran Via, Hall 6. Complimentary Exhibit Floor Pass is available for those wishing to consult with our experts at Booth 6L50 as well. [Sign Up]

Don't Get Left Behind

Understanding the cyber security arena and the challenges surrounding network security is a top of mind agenda for most C-level executives and IT professionals of all organizations. Don't miss this golden opportunity to gain valuable insights and use cases on proven deployments for FREE. Chances are, your competitors probably already get involved. So what's it going to be? Get ahead or get left behind!