Cyber metrics: In past years, organizations have thrown the works at their data centers, networks and data repositories with the hopes that they blanket them in protection. But more sophisticated methods for assessing and addressing vulnerabilities are coming to fore. Thompson says its possible to measure some degree of efficacy around controls. He likens it to “Moneyball," which transformed professional sports management. Instead of talent and intuition, which was used from everything from baseball to insurance underwriting, metrics are driving purchasing decisions.
Humanized security: Let’s face it: If not for people, most security problems would go away. But people like to click things they shouldn’t. They give away information to those who don’t require it and, worse, unwittingly relax protections to those who mean to do us harm, Thompson says. Thankfully, advances in psychology and technology are addressing the security industry’s weakest link — people. Watch for discussions around these advances at the event and beyond throughout the rest of the year.
While cloud, mobility and risk will permeate almost every topic at RSA Conference USA 2014, Thompson adds, BYOD is likely to take a back seat compared to 2013 when it was foremost on everyone’s mind.
Finally, attendees and security watchers alike should watch for a flurry of new product announcements and program introductions leading up to the event. On Tuesday, Feb. 18, for example, cloud security start-up Elastica came forward with an announcement that it is ready to release CloudSOC, its solution for “making cloud applications and services secure for use by companies and their employees." The company also announced that it had received $6.3 million in Series A funding from Mayfield Fund.
Like many, it will be competing for attention next week at RSA Conference USA 2014 in San Francisco.