It is pretty common knowledge that humans are the weakest link in any cybersecurity strategy. So it makes complete sense that one of the largest events “Where the world talks security” would chose the human element as its theme for 2020.
RSA Conference 2020
Yes, it’s that time of the year again. The annual pilgrimage to San Francisco for one of the largest events on cyber security: RSA Conference 2020, also known as RSAC2020 and according to their website:
“This year’s theme – The Human Element – was inspired by the humans that make cybersecurity possible.”
This year the conference was built on 10 trends:
- Human Element: delving into the human element of security
- Secure Products: focusing on designing, developing and maintaining secure products
- IT and OT Security: discussing the convergence of the physical and cyber security worlds
- Secure Engineering: focusing on secure engineering processes
- Privacy: intertwining privacy and compliance as well as privacy and everything else
- Threat Intelligence: highlighting the value of a collective cyber defense and public-private collaboration
- Frameworks: an ongoing formalization of processes, cross-departmental efforts between divisions within organizations and across organizations, and a drive toward automation
- Security Awareness: security awareness training to directly impact the human element
- Communication: focusing on communication up, down, across and throughout the organization and the organizations that are part of the supply chain
- Professional Development: a security mindset about what individuals need to do their jobs as well as what team members need to interact with each other more productively.
Despite the focus on the human element, it seems world news and an impending pandemic became local news and quickly superseded plans.
The Coronavirus Effect On RSA's Human Element
In some cases, it was the lack of a human element that made the news for RSA 2020. IBM, AT&T, Verizon and 11 other vendors pulled out of the conference before it even started due to concerns with the Coronavirus, six of those vendors were from China. So, as you could have predicted, the overall attendance was down.
It seems the most significant impact was not just on the attendees but the vendors expecting expo floor traffic. According to a Government Technology Magazine article titled “Coronavirus: The Unexpected Human Element at RSA Conference 2020”:
“On Friday, Feb. 28, an RSAC press release reported 36,000 attendees were at the 2020 RSA Conference, but that number seems too high to me. I wonder: Did all the people who bought tickets actually show up? Also, what about attendees who came for one day or one hour and left early?
What I can tell you from the perspective of show floor exhibitors, where I spent a large percentage of my time, is that foot traffic seemed to be mostly other exhibitors with far fewer “blue-badge” attendees than last year. I heard “word-of-mouth” estimates ranging from 30 to 50 percent fewer show floor attendees; however, those numbers came from about a dozen random exhibitors.
Perhaps conference attendees did come to the presentations, but just avoided the expo booths to not shake hands or interact with solution providers?”
However you look at it, the human element is critical to cyber security.
Continuous Behavioral Authentication Protection
Coronavirus aside, the cornerstone of every cybersecurity strategy is the identity access management plan. Ensuring that only the right credentials are used by the right people to access the right resources is the core of every successful CISCO’s strategy. Balancing the amount of drag imposed on the user with multi-factor authentication with the improvement in risk mitigation is a delicate dance that requires careful though on which technologies to adopt for authentication.
Acceptto's Continuous Behavioral Authentication monitors user behavior, transactions and applicational behavior in real-time, our risk engine creates an enriched profile of your user and application landscape that is used to attest if we are in the presence of legitimate or threat actor.
By tracking the user and device posture pre-authentication, our risk engine can calculate if the attempt to access a resource comes from a legitimate user or application, barring threat actors before they even attempt to access the protected resource. Post-Authentication of any action or transaction that deviates from acceptable behavior is subject to step-up authentication or if the risk associated it too elevated the attempt is denied and audited.
The modularity and interoperability of Acceptto solutions integrates with existing enterprise UBA & IAM to enrich the risk profile, maximize the return of investment while reducing cost.
Download the Enterprise Management Associates’ Ten Priorities For Identity Management in 2019 today and then check out what Acceptto can do to ensure your employees, partners and customers can authenticate without passwords and still ensure security and privacy registering for a free demo today.