There is no doubt that a virtual RSA is not the same as catching up with colleagues and partners over great food, and of course meeting up at the W Bar. The good news is we all have or are adjusting to working remotely and we didn’t have to travel to hear what the industry luminaries think, or what our peers are saying they can do to keep the world safe. (not sure if you have caught our tagline but, we make the Everywhere Workplace possible – for us it was very comfortable to participate securely). It was pretty clear that not every organization has embraced the Everywhere Workplace and that “securing chaos” is a common need we are all trying to address.

No surprise the recent Colonial Pipeline ransomware attack that has been making headlines prompted virtually every vendor to discuss how and why we need to get ahead of ransomware attacks – spoiler alert – ransomware makes cybercriminals money, and they are not going to stop anytime soon.

Ransomware also has put the White House on notice. Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology in the Biden administration, stated on day two of the conference that, a recent executive order signed by President Biden "creates a pilot program to create an ‘energy star’ type of label so the government, and the public at large, can quickly determine whether software was developed securely,” the White House says.

In her remarks, Neuberger also stressed that the Biden administration is taking cybersecurity seriously and working internationally to combat security threats around the world. Specifically, the administration is making ransomware a top priority.

It’s about time!

The other topic that dominated the conference was trust. The main message heard from the keynote speaker and sessions was that you can’t let your guard down and although zero trust has been talked about it is time to actually start implementing a zero trust strategy. The conference was packed with multiple sessions about how we (security vendors) and the average employee needs to be more vigilant about our credentials and what we click on (who hasn’t clicked on a too good to be true product on Facebook or Instagram?).

As another RSA comes and goes a few things are clear:

  • We can stop talking about digital transformation – It has happened
  • Whether companies are moving to the cloud or not – They are
  • Consolidation on security architectures and security stacks at the organization level are increasingly important

Lastly, we need to realize the security talent shortage is still a big issue that cybercriminals are capitalizing on, and we need to take Cisco’s CEO, Chuck Robbins, resiliency message to heart.

Robbins described the challenges of the sudden shift to remote work by having the remote workforce try to connect over multiple networks and with whatever device workers could find to be productive from the Everywhere Workplace. Not only did this put an immediate strain on the IT departments to scale up and accommodate all the new remote connections, but the security threat landscape immediately expanded and kept the company’s security team and CISO up at night!

“For instance, employees, just by working 30 extra minutes on a mobile device, create 20 percent more vulnerability than you would have normally, he said. “Every individual is carrying an average of four devices, and most of us are carrying even more. And this just creates more opportunity for breaches.”

The threat surface keeps growing and will continue to expand in the future. What is your company’s plan of resiliency to protect the increasing number of mobile endpoints in the remote workforce, and how can you counter more sophisticated cyber threat actors in the wild? What is your company's journey to implement the Zero Trust security strategy?

Ivanti knows that the Everywhere Workplace is here, and it is essential to secure user identities, secure the remote user, secure their work mobile device (and laptop/desktops), and secure their access to critical work resources wherever they reside. Come see how Ivanti can help enable your company’s Everywhere Workplace.

Until next year, goodbye from RSA! I’m looking forward to seeing you in person next year!