It’s that time of year again. The city of San Francisco is about to turn into the world’s biggest playground for security geeks and software security companies of dizzying proportions – The annual RSA conference at Moscone Center.
This past year has certainly provided the enterprise security industry with a ton of material to consider. 2018 saw an almost constant parade of attacks on major brands and corporations, targeting their users and data, using a wide variety of brute force and ‘low and slow’ attack methods. Not be outdone we also saw the CEOs of Facebook and Google hauled in front of Congress to address growing concerns over how they access, use, and protect our data, and the implications this data collection has on our privacy. At the same time, advertising APIs and SDKs run amuck inside our mobile apps with an unquenchable thirst for our personal data. IoT devices enjoyed a growing share of the breach-spotlight, and attacks on mobile apps and mobile channels have become primary targets for cyber-criminals, as those technologies have enjoyed significant mainstream penetration.
Auto-dialers and bad Bots have taken a full frontal assault at our mobile phones to virtually epidemic proportions (will someone please tell the IRS-fraudsters to use a more believable voice for their robo-dialer, for instance, Rosie the Robot or something).
Given all the sensationalism, 2018 sure felt like life as a cast-member of Black Mirror or Westworld.
Here are just a few of the major themes and topics I expect to see at RSA and learn more about:
Simple AND Secure (not Simple or Secure)
Identity, Privacy, and Security are inextricably linked when it comes to providing access to service. You cannot optimize for one of these key elements without considering all 3. Organizations who serve both enterprise and consumer use cases must do so without gravitating toward the extremes – a free for all abusing or ignoring user privacy on one end vs clamping down on data access via technologies that render the experiences unusable. This theme plays itself out in regulations such as GDPR, as well as in the marketplace. For example, I expect to see lots of new biometric authentication solutions in the RSA expo this year. Their goal will be to increase security and convenience simultaneously, by allowing users to prove their identity using their own physical biology, traits or behaviors (instead of requiring them to carry extra gadgets or remember ridiculous passwords combinations).
The Machines Among Us
Artificial Intelligence will start to play a bigger role in solving complex enterprise security problems. For example, we will see many applications of AI to solve problems in security monitoring and alerting, identity protection, fraud prevention, analytics, and more. A big reason so many threats slip through monitoring and alerting systems is that most existing tools produce too much ‘noise’ and not enough ‘signal’. We’ll also see AI play an increasingly important role in the actual software development process. This is especially critical in mobile, where development cycles progress at a breakneck pace and security tends to lag behind. To help enterprises solve this problem, Appdome built AI into the core of our flagship no-code mobile integration platform by way of a Digital Developer we call “AMI”. AMI implements mobile app security into any iOS and Android app instantly on behalf of Security, IT Ops, and Devops teams. This helps enterpsies accelerate, streamline and simplify the implementation of mobile security into any app without squandering precious mobile development resources.
Mobile is the new perimeter
Across every facet of enterprise life, more and more of the critical tasks and workflows are pushing their way down to the mobile endpoint. Why? Because mobile has become an omnipresent channel. Like it or not, most of us carry around our entire lives (personal as well as corporate) in our pockets every second of every day. Data traversing mobile channels is growing in volume, diversity, and richness – making it a juicy target for cybercriminals.
It naturally follows that the diverse collection of technologies that protect us inside the corporate network must be extended or replicated to mobile apps in order to provide comprehensive security coverage and minimize exposure. This year I expect strong authentication technologies such as MFA become more mainstream in the untethered world of mobile. MFA Everywhere is all about increasing access and convenience while also increasing security.
What Excites Me The Most About RSA
The thing that excites me most about RSA is in understanding the pressing security challenges faced by enterprise customers today. Then partnering with innovative security companies by enabling their customers to use Appdome to implement their mobile SDK in any iOS or Android app – instantly, without coding.
So if you’re a software company who offers mobile SDKs, and you want a better and faster way for customers to get it into their apps without coding, track me down at RSA. I’d love to show you how Appdome can help!