If we missed you at RSAC 2023, we have you covered

Author

Venky Raju

Read Time

3 Minutes

Last Updated

Aug 8, 2023

table of contents

It was great to see everyone in San Francisco at RSAC last week! If you had a moment to stop by ColorTokens’ booth, we sincerely thank you. Whether it was for a chat with one of our many experts on hand, a presentation or demo, we hope you found the time worthwhile. The ColorTokens team was inspired by the interest in Zero Trust and how we can address the most common concerns about starting a Zero Trust journey while achieving optimum results.

Our featured guest presenters were undoubtedly the most significant hits with our audience.

Kicking off the conference presentations was Paula Januszkiewicz, CEO and Founder of CQURE, by demonstrating real-world attack scenarios that used privilege escalation and lateral movement. One that I found particularly enlightening was on domain accounts and Active Directory (AD). Paula showed how the master keys of all domain users in an organization could be decrypted using hidden certificates stored in AD! As this vulnerability is inherent to the design of Active Directory, Paula discussed how a Zero Trust approach, explicitly using microsegmentation, is critical for protection.

Up next was David Holmes, Senior Research Analyst at Forrester, to discuss the need for Zero Trust. According to Forrester’s research, 74% of firms were breached in the past 12 months, and almost half were attributed to internal incidents or their partner ecosystem. With a focus on eliminating implicit trust even within the enterprise, it is clear that implementing Zero Trust is now a necessity. David also presented a step-by-step roadmap to implement a Zero Trust Architecture. Zero Trust Network Access (ZTNA) and Microsegmentation are essential pillars of David’s Zero Trust Roadmap, and ColorTokens Xshield offers both capabilities in a single platform.

Christopher Steffen, Vice President of Research at Enterprise Management Associates, reminded attendees that Zero Trust was not just a conference buzzword. It was encouraging to learn that over 60% of organizations were investigating or planning a Zero Trust project, and about half were past budget approval. Aside from budget approval, the most significant challenges continue to be the perception of Zero Trust needing to be easier to implement, while there remains concerns about the impact on business. Indeed, these questions came up frequently during our interactions with visitors at our demo stations, and we were happy to showcase our platform’s ease of use and risk-free approach to policy enforcement.

We were also honored to have Tony Scott, CEO of Intrusion, Inc. and former CIO of the U.S. Federal Government, join us for two sessions. Tony spoke about the newly released National Cybersecurity Strategy and the process it took to develop it. The strategy encompasses defending critical infrastructure, disrupting threat actors, and expanding public-private partnerships and collaboration to deal with future threats. Unfortunately, consumer privacy was not explicitly mentioned in the strategy, and I had the opportunity to get Tony’s thoughts on this. He shared that a national framework like the European GDPR is not imminent. Still, as more and more states follow the lead of California, Colorado, Virginia, Utah, etc., a national conversation may occur.

I also enjoyed hosting fireside chats with Anthony Jackman, Vice President of Strategy and Innovation at Expedient, Inc. Expedient is an innovative Managed Service Provider that recognized the need for a managed Zero Trust offering for small and medium-sized customers. I have had the pleasure of knowing

Anthony since 2021 when they first evaluated ColorTokens to power their microsegmentation-as-a-service offering. Anthony spoke about the challenges small and medium businesses face and how Expedient helps them transform their IT infrastructure to a cloud-like model while maintaining security before, during, and after the transition.

RSAC is always a great forum to meet with friends and former colleagues and forge new relationships. This year was no different, and I was thrilled to meet Ashish and Shilpi, host and boss, respectively, of one of my favorite podcasts, the Cloud Security Podcast. I also had the opportunity to meet with fellow (ISC)2 members worldwide at an evening reception and discuss their cybersecurity challenges.

Lack of application and infrastructure visibility is still a challenge in 2023. Unfortunately, this is one of the biggest impediments to starting a Zero Trust journey. And vulnerability management of legacy systems poses an ever-increasing risk as organizations slow down spending in a tough economy. At ColorTokens, we offer innovative, cost-effective solutions to these challenges and are here to help you begin your Zero Trust transformation.

Thank you for taking the time to stop by our booth at RSAC 2023, and we hope to see you at our next event! If there is anything we can help you and your organization with, please contact me at [email protected].