RSA 2017: The year the little guys get swallowed up

RSA feels like a mashup of giant tech Titans steadily swallowing up the little guys to make one massive, unholy tech monster, designed to protect everyone from everything. But how does that really work for small businesses as customers, and the rest of us?

Sure, some mashups make sense, but the effort here at the show is to proudly display a marketing brochure that shows a single monolithic product pile that has all the components necessary to provide one-stop-shopping for everyone. Except it’s not that easy.

Mashing up security is notoriously tricky to do well – there are just too many interdependencies to make it seamless. Each piece of the puzzle must communicate about the same (or correlated) events in the same (or compatible) ways and then push appropriate responses to the appropriate defensive components.

STIX and TAXII are steps in the direction of common security interoperability languages meant to aid automated threat communication, but those aren’t nearly as widely adopted yet as their authors would like.

“Swallowing up security, especially into areas that aren’t your core competency, can leave huge blind spots.”

Also, swallowing up security, especially into areas that aren’t your core competency, can leave huge blind spots. By definition, you’re dramatically increasing your potential attack surface. Meanwhile, you are also increasing the number of types of attack you have to guard against. Sure, some companies do it better than others, but these mashups seem to be targeting businesses with the truly staggering budgets needed to protect everything under one umbrella.

It’s not uncommon here to see vendors charging hundreds of thousands of dollars (pounds, euros, etc.) for magic black boxes that “just do it all”, which puts them squarely out of reach of the numerically far larger population – the small and medium size business. The average small business could buy a $100-$250 piece of hardware or software, but there is a precipitously steep sales drop off when those same technologies rise in cost by even ten times, let alone a hundred or more.

So will all these giant mashups keep the millions of little mom-and-pop corner stores safe? Doubtful. It’s encouraging to know that core networks that tie EVERYTHING together will have big expensive stacks, though, so there is protection in some ways, but not specifically for most SMB’s.

But in at least some parts of the show this year, usually around the back by the water fountain and scarce cheap-seating options, I’m encouraged to find SOME things for the SMB market, technology that you can tell your friend to purchase for a small business on a small business budget, assuming that, like most folks, they aren’t sitting on a spare $100K with no idea where to spend it.

Author , ESET

Follow us

Copyright © 2018 ESET, All Rights Reserved.