With the RSA 2018 just around the corner and a massive 578 technology vendor exhibits to potentially view, it could be a busy week indeed. Interestingly, this is roughly 100 less technology providers than last year, but it still makes for a daunting week if you are attempting to identify what exciting new capability to add to your security architecture.

Granted, there are many reasons to attend the RSA conference in San Francisco, listening to a number of the interesting keynote speeches, getting updates from your existing technology providers, increasing your skills in particular topics, meeting with colleagues/friends and of course to see the plethora of technology providers the cybersecurity industry has to offer. From long term established players, to up and coming providers vying for investment.

If your intention is to attend the show in order to work out where to spend your cybersecurity budget on new technology, where do you start? Well, the hard work should have already started. You need to understand what capabilities exist within your architecture and what threats you are attempting to mitigate against. Only then can you identify the next area (or areas) of investment that will drive the greatest benefits to your organisation. At NTT Security, we recommend using our Resilient Cyber Defence Architecture to accomplish this. If you wish to learn more about our approach come and see us at booth #1315

Once you have identified a small subset of capabilities you are looking to investigate, the next question is to understand how they could be delivered. This roughly falls into three categories:

  • Large established multi-capability vendor. Does one of your existing large security providers have or are they developing this capability?
  • Medium size established single-capability vendor. Is there an established vendor that I can integrate with my architecture to achieve this single capability?
  • Small start-up. Is there an early stage vendor that I can potentially work with to develop the solution that fits with my organisation's requirements for this capability?

The choice you make will depend upon the amount of time and/or money you wish to invest along with the profile of your business being an early adopter, laggard or somewhere in-between.

Still having trouble working out what to see? My five recommendations for interesting topics are listed below, in no particular order:

  • Deception
  • Isolation
  • Cloud Workload Protection Platforms
  • Endpoint Detection and Response (EDR)
  • Behavioural Analytics