In the weeks following Black Hat USA 2019, I’ve done a little traveling from conference to conference – and, in between all that, met with a few customers. In those conversations, I’ve noticed that the key themes that emerged at this year’s Black Hat (all of which I’ve outlined below) have been holding strong throughout customer conversations. I believe these will be the trends we’ll continue to see throughout the last leg of this year, and well into 2020.
1: Complex Solutions
The first trend that stuck out is how complexity remains too high in cybersecurity. Many vendors continue to talk about how sophisticated their products are and how they can solve complex problems. In doing so, these tools become inherently very complex and unwieldy themselves. There’s a large and relevant inconsistency here: on one hand, the security industry, and really all enterprises, struggle with a serious shortage of skilled cybersecurity personnel. On the other hand, the complexity of the toolsets continues to rise. Something has to give.
Of course, these tools are aimed at people who are assumed to be masters of their trade, and who are able to make informed decisions as they examine data subtleties. Finding people with such talents continues to be one of the biggest challenges in the security industry, and without such staff, these tools end up being misused, or even unused.
2: Skills Gap
The second trend is how vendor complexity exacerbates the skills gap. As more organizations look to hire security staff who are less skilled and experienced with the hopes of quickly training these personnel, security vendors still need to provide the market with products that enable newcomers to be as effective as experienced security professionals.
If we want to get information security right in the next 10, 15 or 20 years, the industry must make products and tools that are easier for this next generation of security professionals to consume. Innovative technologies like machine learning and AI are indeed exciting, but they need to be coupled with easy and prescriptive solutions that new security professionals can start using right away without having to be experts first.
3: Communication is Key
The third trend: security vendors need to improve how they communicate their value. By walking the show floor at Black Hat and engaging with various security vendors, you’ll quickly realize that they don’t communicate their value propositions very clearly. It’s a real challenge to determine what many vendors actually do and make sense of whether or not these “solutions” actually solve specific challenges.
This is an area where the entire security industry can improve. The focus needs to be on how to better communicate the value of products and services, and how they provide better business outcomes. However, it’s not just security vendors that should be thinking about how they impact business outcome versus just tools and technologies; security engineers, architects, directors and CISOs must also do a better job of discussing business outcomes and how their investments will improve those outcomes.
4: Management Challenges
The fourth trend is that the challenges associated with managing data loss remain high. There is a considerable amount of continued frustration when it comes to managing data loss.
In fact, all of the leading data-loss prevention vendors still talk about how they use AI to help classify data and automatically create data-loss policies. However, none have crossed the threshold where they can help security teams that don’t have the wherewithal to undertake a monumental project lasting several months or years to classify all of their data so that they can begin to deploy DLP.
Related to this is how understaffed and stressed most security teams seem to be. At the conference, I met with growing enterprises that have staffing ratios so low that one internal person supports 100+ employees. That ratio is far too low, and it’s why it doesn’t matter how cool the technology is; if it doesn’t help security teams that are under constant stress, then it simply doesn’t matter.
“ Making data-loss protection seamless and able to be managed by security teams of any size is something that we think a lot about at Code42. We focus on solving real-world cases, such as dealing with data loss risk by departing employees and high-risk employees in ways that don’t require hundreds to thousands of staff work hours to get right. ”
5: Product Consolidation
The final trend is the continued high level of technological and product consolidation occurring within the security market. This has been going on for some years now, and it’s continuing to accelerate. Security vendors continue to expand to adjacent problem spaces with complementary solutions – be it a DLP vendor acquiring CASB products, or a next-gen firewall solution adding EDR and SOAR capabilities to their portfolio. Elevating the business value to customers is one of the biggest drivers to increase user adoption of these new products and technologies.
These are the trends I noticed while exploring the show floor, speaking with vendors about the issues they are trying to solve, as well as meeting with customers and prospects. While the challenges are steep, I’m convinced that the industry and security professionals alike are motivated to learn, adapt and improve in order to solve the intricate obstacles we face, such as insider threat. We should expect to see solid progress in these areas in the next year.
Insider Threat Is Real