The State of Security, as Seen at RSA

Every year, we look forward to the RSA Conference, the cybersecurity industry’s biggest event. No other conference lets us meet as many security professionals, or get as many different viewpoints on what’s happening in security and where the industry is heading.

Here’s a summary of the top storylines we heard as we talked with customers, industry analysts, and other folks in the security world this year.

Everyone wants to be data-centric

By now, nearly everyone has accepted the reality that motivated hackers can get through any firewall and access any network. Perimeter and device defenses are foundational components of a security strategy, not a complete solution. Companies in every industry are looking to adopt data-centric strategies—security that focuses on what files or database records contain, rather than where they’re located—because that’s the only effective way to keep sensitive information safe. Vendors are trying to jump on the bandwagon, claiming that they provide data-centric security, when in reality most of them only secure data on certain devices or in certain use cases. PKWARE, on the other hand, delivers real data-centric security, and visitors to our booth at RSA were amazed to see how completely we can address even the most complex use cases.

Business users expect consumer-like experiences at work

The days of complicated workflows and intense end-user training are over. Business users (and their IT administrators) want to get their jobs done with software that’s as easy to navigate and use as a phone app or a consumer website. It’s happened in customer relationship management, HR, and other fields, and now the trend is changing the way people think about security software, too. Security solutions have to make it easy for users to follow their employers’ security policies—or better yet, automate the security process altogether.

People are still the weakest link

It would be easy for organizations to keep their data secure, if it weren’t for the inconvenient fact that they need to let their employees and other human beings access the data. People are still (and likely always will be) the weakest link in cybersecurity. They forget and ignore their employers’ policies, put data in the wrong places, and give sensitive information to people who shouldn’t have it. That’s why we’ll continue to see new and more sophisticated variations of the social engineering, phishing, and other human-focused attacks that we’ve seen already. This, by the way, is why automated workflows are so important—the less users have to think about following security policies, the less opportunity they have to get it wrong.

Data is growing exponentially, and there's no end in sight

The amount of data being created and transmitted around the world is already nearly incomprehensible, and the numbers are growing faster every year. More data traveling to more places means a larger attack surface for hackers and anyone else who wants to get their hands on data they shouldn’t have. Companies are looking for strategies that will help them protect not only the terabytes of data they’re dealing with today, but the petabytes they’ll have five years from now.

PKWARE’s Smartcrypt is a data-centric security platform that automatically finds and protects files containing sensitive data. With Smartcrypt, you can meet your compliance obligations, simplify the user experience, and keep data safe from internal and external threats.