Putting the “Human” in Human Element at RSA
The theme of this year’s RSA conference was "Human Element." This served as a refreshing change from last year’s show, where the messaging was dominated with the promise of machine learning and artificial intelligence saving the day.
Fast forward to a year later, where the news continues to be filled with stories on devastating data breaches and ransomware attacks. It's become evident that the industry (both vendors and enterprises) are coming to the realization that you need more than just technology to keep data secure.
For anyone who attended RSA this year, you were likely thinking about the human element in one of three ways.
1. Humans Cause Breaches
The whole purpose of a show like RSA—and the cybersecurity industry itself—is to help prevent cybersecurity incidents from occurring. What the headlines don’t tell you is that many breaches don’t happen because of a technology failure: they occur because there wasn't enough focus on the needed people and processes.
According to the 14th annual Cost of a Data Breach report from the Ponemon Institute, one-quarter of all data breaches in 2019 were caused by human error.
Additionally, recent breaches like that of Wyze, a consumer security camera manufacturer, has shed light on the growing issue of “Cloud-Native Breaches” (CNB). These types of breaches come from organizations moving a greater number of their services to the cloud and how humans are accidentally misconfiguring those cloud environments. According to a recent study by McAffee, 99 percent of these configurations go unnoticed, which means there remains a high potential for similar breaches in the future.
2. Challenges in Finding Humans
The cyberthreat landscape keeps expanding and new vendors keep appearing at RSA promising solutions. But it's not quite that easy. Finding skilled cybersecurity pros is an increasing challenge for today’s organizations. That fact was underscored in a recent Dark Reading survey, which revealed this startling stat:
Only 14% of IT security managers feel there are currently enough cybersecurity professionals in the field with the needed skills to hunt down and respond to threats.
That same research (which surveyed professionals from 400 leading organizations on their IT security staffing status, plans, and challenges), revealed that 35% of IT managers believe there is a shortage of IT security professionals at every level and 54% of organizations say they have insufficiently trained security personnel.
3. How to Leverage Human Expertise
So for organizations struggling to find humans to solve cybersecurity challenges, more and more companies at RSA were touting how they had the experience to help address these issues. Managed services, in particular 24/7 security operations center (SOC) monitoring and management, is the largest segment in the growing spending on cybersecurity globally, according to IDC. One of the main drivers for the growing demand for SOC-as-a-service is the previously mentioned shortage of security staffing and skills.
SOC-as-service solves the talent gap challenge by giving an organization’s internal IT or security team 24/7 access to highly skilled analysts and incident responders. It’s a holistic solution that brings people, technology, and processes to the table. SOC-as-a-service integrates best-in-class tools with human experts who can guide you through your processes and help you close the gaps.
Overall, our team had a great time at RSA 2020. There's a lot of exciting things to look forward to in the world of cybersecurity. However, with changing technology comes a whole new world of challenges to be aware of.
To stay ahead of the latest threats and keep your organization safe today and into the future, chat with one of our team members at Arctic Wolf or check out a demo.