After spending the week at my first RSA Conference, it’s time to provide a perspective on what I saw and learned. First, the scale of the conference, with hundreds of vendors and over 40,000 attendees speaks volumes about the security space. The market is large and growing fast, Gartner shows double digit growth in this, one of the largest areas of software and services in the IT market. Companies are bombarded with different messages and are faced with growing complexity.

This year I once again traveled to San Francisco for the RSA Security conference. I've been to 8 of the last 9 RSA Conferences so I can provide my perspective of what's been on the mind of security professionals.

2008: Hot topic: PCI. Software trend: Data Classification

I had the opportunity to attend the RSA Conference this past week. As we at Ascent Solutions had a number of our Ascent team at the conference, we decided to make sure that we each view the conference through a different lens. For me, I looked for themes and differentiators on the exposition hall floor.

In my last post ( I talked about the idea of adopting a model of IT systems management that matched how a hospital deals with sick patients. In this post, I’ll be detailing solutions for adopting this model in a corporate network.

Administrative credential theft, whether it is an actual systems administrator’s logon or the logon associated with an application or service with administrative credentials, is the most dangerous vulnerability on my customers' networks. This is for two reasons:

  1. The tools and techniques for stealing administrator credentials are well known, highly automated and generally available to threat actors

  2. Very few corporate networks were designed to mitigate this threat.

It’s a very exciting moment in the history of our company. We’ve been working hard on new ways to reduce our customer’s exposure to Credential Theft, which is the leading cause of breaches, according to the 2015 Verizon Data Breach Investigations Report.

There are many different opinions regarding the right level of credential security for an organization. Depending on someone’s role, they might view security as anywhere from the most important to the least important aspect of their environment. Their perception of the importance of security can also be influenced by whether or not they have experienced a breach.