SAN FRANCISCO -- The RSA Security conference, which takes place here this week, is one of the most trying times of the year for many technology journalists. Why? Everything in IT touches security, and just about every IT company in the world touches -- you guessed it -- security. In short, that describes the annual logjam at Moscone Center that is RSA Security 2015.
eWEEK colleague Sean Michael Kerner and I -- as well as others from our publication -- have each received more meeting and/or product pitches than we care to count; I know there are more than 150 such pitches, mostly legitimate, in my inbox. For me, this feverish scheduling activity is on par with the Consumer Electronics Show and VMworld each year.
For those planning to attend the event, and there will be around 30,000 of you on site at various times, there will be plenty to see, discuss and take back with you. Many thousands more will watch selected events on streamed video.
Of course, the larger the turnout at a security conference, the more it indicates that the bad actors are winning most of the battles.
More Proactive Than Reactive
For once, we're going to be seeing more proactive than reactive security products and services being introduced. For the past 15 years, hackers, rogue nation-states and organized crime syndicates have substantially upped the ante in getting into the pockets of banks, financial services companies, retail leaders, and government agencies. The general reaction from enterprises was to shield themselves from future exploits -- not anticipate, redirect or capture the attackers.
The armored-car approach certainly remains an integral part of any security strategy, but the added dimension of anticipatory security using advanced data analytics to predict and deflect data breaches from the outside and inside is where it's at now. This is what is top of mind for vendors, thought leaders and entrepreneurs. At least it should be. Vendors not thinking about this are going to be left behind by the market.
There is also a lot of attention being put on monitoring the motivations of internal employees, since it's been estimated that 75 to 80 percent of all big exploits involve insiders.
"The easiest and fastest way to do a big data breach or fraud on a company is to hire somebody on the inside," a speaker at a recent SINET summit told eWEEK.
New-gen Products Will Be Shown
Predictive security, for both onsite and mobile systems, will be the biggest takeaway from this year's conference. Actual products will be demonstrated.
Meanwhile, others have a different outlook on what to expect at RSA. Forrester Research, for one, said in a blog item that "we expect this to be mostly a fashion show ... the security industry's debutante ball. We will hear far too many definitions for words like threat intelligence, platform, and integration; and we won't hear the phrases 'case study examples,' 'customer trust,' or 'customer value' nearly often enough."
Well, I'm not so sure about that last part. There will be IT case studies of this new-gen security on hand at the show. They won't be hard to find.
But Forrester also said it expects to discover some other good takeaways. For example, their analysts are looking forward to the Innovation Sandbox so they can meet the finalists -- no doubt to pitch them some business ideas.
That's the thing about any industry or vendor conference: In the end, it's all about selling products and services.
We wouldn't have it any other way, right? Right.