Rather than a breakdown of the latest cybersecurity news, we’re looking back this week at some of the key takeaways from RSA 2022. It’s been a month since the conference took place in San Francisco. And as an attendee, I’m sharing the trends and concepts discussed that still stand out as indicators for the future direction of the industry.
RSA 2022 Attendance
Before jumping into the more technical aspects, it is worth focusing on the presence at this year’s event. While attendance was down, there is a major factor that speaks to this other than the hinderance of lingering COVID concerns. From the 14th edition of the International Cybersecurity Forum (FIC) to the Gartner Security & Risk Management Summit, there were several other competing cybersecurity conferences occurring at the same time. These spanning convenings demonstrate the growing emphasis on cybersecurity, its evolving role and the expanding field of those joining in.
Despite more competition, there were an estimated 400 exhibitors at RSA, which is larger than pre-pandemic levels. Although they were predominately large to mid-size established cybersecurity companies, the number still highlights the widening cybersecurity space. Among them were companies from a variety of countries, including Netherlands, Germany and Korea.
RSA 2022 Concept Highlights
In general, most organizations in attendance fell under a handful of overarching categories. These major groupings consisted of cloud security providers, point solution providers and those providing integrated solutions. Integrated solutions, specifically, were a recurring focus. These developments were mainly divided into three interrelated areas – EDR, XDR and MDR.
- EDR, or endpoint detection and response, improves the capability of malware detection and remediation in endpoint systems like laptops. According to a Field Effect
- Extended Detection and Response, also known as XDR, builds on EDR in a way. It collects and correlates data across email, endpoints, servers, cloud workloads, and networks, enabling visibility and context into advanced threats.
- Managed Detection and Response (MDR) Services provide customers with remotely delivered (e.g., cloud) modern security operations center (MSOC) functions.
Another capability that many companies displayed was Zero Trust. Per Forrester, which originated the term, “Zero Trust is an information security model that denies access to applications and data by default. Threat prevention is achieved by only granting access to networks and workloads utilizing policy informed by continuous, contextual, risk-based verification across users and their associated devices.”
Additionally, there was a new concept introduced at RSA called Secure Access Service Edge (SASE). SASE is the next step in the integration of security products. According to CISCO, it “is a network architecture that combines VPN and SD-WAN capabilities with cloud-native security functions such as secure web gateways, cloud access security brokers, firewalls, and zero-trust network access. These functions are delivered from the cloud and provided as a service by the SASE vendor.” This innovation is expected by many in the industry to take off. In fact, Gartner predicts that end user spending on SASE will total $6.8 billion this year.
When considering the emphasis put on these topics, it appears that there is a general recognition that the future of cybersecurity also heavily depends on the future work environment. As we’ve come to know, that includes a large remote workforce supported by an enterprise network and an expanding use of cloud solutions for support. Therefore, the overall takeaway is that comprehensive integrated security will likely continue to dominate the industry going forward.