Back in person after a two-year break due to the pandemic, the RSA Conference welcomed back cybersecurity professionals to San Francisco. In an energetic and enthusiastic environment, the insights shared among practitioners and leaders were of immense value to an industry tackling the latest security risks and concerns.
Here are the top three themes that stood out:
“Trust, but verify” has been replaced by “verify, then trust.” There is no implicit trust in any entity. This bold statement was front and center at the RSA Conference. Cloud Security Alliance shared new findings at the show, learning that 80% of C-level executives consider zero trust to be a top priority. Executives are worried that the need to implement this approach will fall short with existing institutional ethos hindering behaviors. Concerns around talent were also discussed.
Joe Payne, CEO of Code42, and his presentation created a buzz with his insights about the enemies within. Payne spoke about how internal threats inside the organization, particularly with the “great resignation,” are on the rise. Increased employee turnover and collaboration using cloud-based technologies are causing vulnerabilities. Payne stressed the need to reduce data leakage and the implementation of stricter internal protocols. The presentation concluded with a discussion on how companies must implement offboarding procedures to make former employees safely detached from company databases and networks.
Vasu Jakkal, Corporate Vice President of Microsoft Security, Compliance, and Identity, shared her views on challenges and opportunities facing the industry in her presentation on how to attract and retain talent. Jakkal noted that 1 in 3 security jobs in the US are vacant and only 24% of the global cybersecurity workforce is made up of women. The presentation highlighted the need for increased collaboration globally between education providers, governments, and private sector companies. This collaboration would improve the employee attraction rate by showcasing great career opportunities in cybersecurity for professionals of varied backgrounds. Jakkal also stated that the industry must do more to make the field more approachable and easier for unrepresented individuals to enter.
Besides these three takeaways, there were many more trends and insights shared. I am already looking forward to next year’s gathering. In the meantime, I welcome the opportunity to continue these thought-provoking conversations with leaders that I met during the week as well as sharing the solutions we can offer to assist an industry that is growing and evolving.