In the calm before the storm of the last day of the Infosecurity 2019 show, it seems like a good opportunity to gather some thoughts about the last few days.
Perhaps the first thought is “thankfully its nearly all over!” but that’s not really the predominant thought (although the show is the culmination of months of efforts by loads of people so I can’t pretend that there isn’t some element of relief).
On the Osirium stand (which, by the way, turned out to be everything and more than we’d hoped for) we had been very busy. With on-stand presentations every half hour through the day, we managed to tell the story of modern Privileged Access Management (PAM) and Privileged Process Automation (with the new Opus product) to a massive number of people. Far more than we could have reached in a single theatre session.
We’d also met a lot of different kinds of people. Everything from people learning about PAM for the first time to those that have had big, heavy, legacy PAM tools for years and looking for a more agile solution. We also had detailed discussions about bit-level protocols through to strategic business change.
Looking around the hall, it was interesting to note the lack of some of the messages that were so predominant when I was here last in 2016. In particular, “User Behavioral Analytics (UBA)” was hardly seen this time around.
There were two groups that seemed to have a number of members. One theme that has remained constant is data protection and access management. Both core capabilities for “least privilege” and “zero-trust” strategies. Which is great news – with PAM, Opus (now known as PPA) and the new PEM solution for Privileged Endpoint Management, Osirium is really well placed and we’ll be publishing much more on these topics in the coming months.
The other is the “Security Orchestration and Automated Response (SOAR)” vendors. For me, it was very hard to spot the difference between them, there seemed to be a lot of common functionality and messaging. There is a good chance this trend may go the same way as UBA. Machine Learning and AI may well speed up the detection of compromise but there’s certainly still a lot of distrust of automated remediation. Maybe that will change but many organizations may only go as far as automatic quarantine of potentially compromised systems to give time for humans to review and recommend the correct way forward. Again, Opus could have an important role to play in this context. For example, “Close this port” or “Disable this account” when the security analyst doesn’t have access or knowledge of all the various network devices or access management tools and doing it all with strong security around those privileged accounts needed to complete those tasks.
I’d better get back to the Osirium stand as the doors are about to open. I need several coffees and multiple throat lozenges to get my voice back ready for today’s presentations. (Note to self – must remember to pay more attention to the presentation rota for next year!)
Congratulations to the whole Osirium team for putting together such a great stand and presence at Infosec. You have the set the bar really high for next year!