Few comments on Trends at RSA from Hexis Cyber Solutions.
Healthcare under fire
“Organised crime targetting the healthcare sector is on the rise – the recent ransomware attack on the Hollywood Presbyterian Medical Center in Los Angeles a case in point. Unlike the financial services industry, which has invested a lot in fraud detection technology, the healthcare industry needs to up its defences – especially as patient records move online.”
Compliance does not equal security
“Globally, critical national infrastructure is one of the the biggest risk areas, under regular attack from hackers and other criminals. The situation is not helped by heavily regulated industries being synonymous with slow adoption of new technology. Security architects are already frustrated – external threats and nation-state attacks are an everyday consideration. Governments can combat certain behaviours – through legislation and fines – but compliance does not equal security. Anthem and Home Depot – two huge organisations that suffered extensive breaches – were both in compliance. Organisations need an enlightened CISO with a line to the board who can shore up security by making the right investments early on.”
Security companies need to play well together
“The chief focus areas for buyers this year are tackling endpoint security, cloud security and insider threats. The solution to all three is vendor integration and automation, but it requires security companies to play well together. Collaboration is the only way to innovate and get ahead of the evolving threat landscape, whether through network partnerships or product integration.
“Big data analytics for security is still unproven, yet it’s still a popular topic. There has been a lot of talk in the last few years about fielding analytics at enterprise scale for cybersecurity, but few actual examples of it being put into practice.
“Managed security services is a growing requirement for the enterprise. Traditional commodity-type security has failed to address new threat vectors – ransomware, organised crime and nation-state attacks. There’s also a staff and skills shortage. Vendors need to focus on growing this area to cater for the take-up in the market.”
[su_box title=”About Chris Carlson” style=”noise” box_color=”#336588″]
Chris Carlson is the Vice President, Product Management for the HawkEye G product line at Hexis Cyber Solutions. He is responsible for product strategy, product definition and roadmap, and technical partnerships. Chris has 15 years of product management experience at high-growth start-ups and publicly-traded software companies, and more than 20 years of security experience.
Prior to joining Hexis, Chris was Director, Product Marketing for Invincea, a leader of endpoint security protection using containerization technology. Prior to Invincea, Chris was the Director, Strategic Business Development for Informatica’s Complex Event Processing business, joining the company with its acquisition of Agent Logic in 2009, where he ran Product Management and new solutions development for the company’s flagship RulePoint complex event processing product. Before that, Chris was Vice President of Product Management at Lucid Security, a provider of Intrusion Prevention Systems, subsequently acquired by Trustwave, the leading provider of security and PCI DSS compliance management solutions. Chris previously held Product Management and Chief Technology positions at network security and application performance management start-ups, was a Principal Security Consultant at Science Applications International Corporation (SAIC), and held system architecture roles at Booz Allen and Hamilton.
Chris has a B.S. in Marketing from the University of Maryland, College Park.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.