RSA 2017: The Culture of Cybersecurity Collaboration

The 2017 RSA Cybersecurity Conference in San Francisco was more crowded than last year, if that’s even possible. Cyber crime and espionage in general show no signs of slowing down as industries, militaries and governments answer the challenge.

End point integration and central management were recurring themes, and for the first time “Physical Security” was actually a category on the exhibitor website.

Having researched the current trend of startup firms emerging from technology incubators, in Israel and here in the U.S., I was anxious to meet several companies featuring innovative products at this year’s show. While the Jewish nations Cyber Intelligence Unit 8200 is renowned globally for its expertise in developing offensive weapons and countermeasures, Israel’s cybersecurity success appears to be a direct connection between a shared “military culture” and a government that both supports, and more importantly, “does not over regulate” this critical industry. Both of these points were driven home by a panel discussion, “Meet the Leaders of the Startup Nation,” featuring the CEO’s from Team 8 and CyberArc, the head of R&D from the Israeli National Cyber Directorate, and a professor from the Interdisciplinary Cyber Research Center at Tel Aviv University. The panel also stressed the fact that in Israel “critical debate” is another important cultural factor of continued success while embracing the need for continuous improvement in product development and research. Stateside, The Hive (www.hivedata.com) is a Palo Alto, CA-based co-creation studio and think tank incubator that funds start-ups in emerging technologies and markets. The Hive utilizes seasoned executive advisors to execute market strategies to drive revenues. Its business model leverages a culture of “collective networking” as applied to emerging innovations.

These cultural traits can be recognized in several cyber companies attending RSA that are poised for rapid growth. I witnessed first hand the overflow crowds at the booth for SentinelOne (www.sentinelone.com) a leader in next generation endpoint protection, and founded by Israeli defense and intelligence experts. The company maintains an R&D team in Israel, and has established domestic operations in Palo Alto to manage its rapid worldwide growth. SentinelOne has proven itself to be an innovative platform to replace traditional anti-virus solutions through its machine learning capabilities and a Deep File Inspection (DFI) engine. For the second year in a row, the company was recognized by Gartner as a Visionary in their Magic Quadrant for Endpoint Protection Solutions. In fact, it also received a “Recommended” rating from NSS Labs for its platform after achieving a 100-percent rating across six tested categories.

E8 Security (www.e8security.com), a portfolio company from The Hive, was working the show from their suite in the St. Regis hotel. If they planned to lie low, the fact that they won the “Best Cybersecurity Startup in 2017” from the Information Security Community on LinkedIn, may have blown their cover. The ISC on LinkedIn is a vast community of 350,000 cybersecurity professionals with a keen eye on emerging players in the cyber market. The E8 Security Fusion Platform uses a unique approach to automate the learned behavior of both users and devices, resulting in improved “proactive” signals to accelerate cyber investigations. The platform provides the “next generation” in Security Operations Center (SOC) efficiency by essentially transforming traditionally manual operations, while focusing a human analyst on actionable intelligence. In the process, E8 Security can essentially double the performance of these valuable and in-demand human resources, and act as a force multiplier. Matt Jones, CEO at E8, is driven by understanding customer challenges, and explained, “We have quickly achieved a culture of collaborative innovation that has allowed us to ascend to a leadership position in Behavioral Analytics, which is transforming the way teams detect, hunt and respond to hidden threats inside their organizations.” Tom Kellermann, CEO at Strategic Cyber Ventures, is an investor in E8 Security and a recognized visionary in the cybersecurity field. Kellermann sees multiple market forces converging to counter sophisticated attackers, “When we created SCV we decided that we would invest in intrusion suppression technologies. Intrusion suppression includes capabilities that can, detect, deceive, and divert attacks from an elite hacker adversary,” he said.

A new Israeli cyber start up that I visited, Nyotron (www.nyotron.com) launched in the U.S. market in January 2017, had a James Bond double providing a demonstration of their patented Behavior Pattern Mapping (BPM) solution at its booth. Nyotron promotes its ability to detect and block “ALL” malware attacks in real time. The technology is able to stop Advanced Persistent Threats (APT), Zero-Day and ransomware breaches before they occur, regardless of the type of methods used to access the network. The founder, Nir Gaist, is a former childhood cyber prodigy who started hacking at nine years old and later established the company as its first CTO, and today leads it as the chief executive. At age 14 he dropped out of school and wrote the cyber curriculum that was adopted by Israeli colleges and universities, and which is still in use more than 15 years later. He also believes that the culture is a major reason that Israel excels in cyber startups.

Nyotron believes that Threat Agnostic Defense is the next security paradigm. The PARANOID platform assumes you will be breached and acts as the last line of defense to protect, defend, respond and analyze. Nir explained, “Competing endpoint protection vendors are only able to analyze data…not the malware’s behavior.” It is a unique vantage point from which to view the problem of cybersecurity.

Platform integration, centralized management and a holistic view of risk were recurring themes at RSA this year. Moving forward, cyber and physical security (surveillance/access/sensors) are aligning around the huge Internet of Things (IoT) market opportunity, where cyber is the foundational technology, and “Collaboration is king!”

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.