RSA Conference 2017: 7 Trends Influencing Cybersecurity PR and Marketing
Feb 03, 2017 Tiffany Darmetko
We’re coming off a fast and furious year in cybersecurity, from hacking scandals and data leaks plaguing the presidential campaign to the largest DDoS attack on record and the Yahoo mega-breach capping off 2016.2017 shows no signs of slowing. The world is increasingly tuned in. As technology weaves tighter into the fabric of our lives, security incidents make mainstream news headlines and become matters of public safety and national security. It’s a conversation happening in the boardroom, the living room and the Situation Room too.
From an enterprise perspective, CSOs and their security teams face a litany of “pressing issues” while “cybersecurity strategy does not move fast enough to keep up with threats,” as SearchSecurity Senior Reporter Michael Heller points out. Add to that, the marketplace of solution providers continues to multiply promising a dizzying array of answers.
These forces combined sure do pose a challenge – and an opportunity – for security marketers seeking to cut through the noise and get their brands noticed. This is where understanding buyer pain points and recognizing industry trends creates an advantage.
In fact, trend spotting and “trend jacking” are core to our value as security PR practitioners. We act as eyes and ears to help get a jump on breaking industry news and trending topics -- and participate in a strategic way. From Absolute showcasing its insights related to endpoint and critical infrastructure threats in the media, to container security experts from Twistlock offering advice on securing sensitive data, these are just a few recent examples of breaking news “rapid response” PR efforts in action.
Paired with crisp, clear messaging, security PR pros help capitalize on – and drive – trending industry conversations as a cornerstone of thought leadership programs. And with February fast upon us, RSA Conference will be the biggest stage for security conversation amongst 40,000+ members of the community. At InkHouse, we’re right there alongside our clients as we map the plan for making a splash at RSA.
In the spirit of knowledge sharing, we’ve rounded up a list of seven trends that will predictably influence the marketing efforts of this year’s crop of RSA Conference 2017 exhibitors:
- Tension between government surveillance and privacy will reach a boiling point
“Incidents at the national or international level, such as terrorist activities, will drive several governments around the world to seek more surveillance capabilities, further clashing with privacy advocates. The debate between government surveillance and privacy will reach a new height in 2017, prompting the birth of more strong secure communication services.”
- Sophisticated IoT attacks
“Household devices will be the source of a major breach. As more and more devices connect to enterprise networks, IT and security teams are ill-prepared to deal with the security considerations around them. Most IT teams are already stretched thin supporting the typical desktop/laptop/telephony infrastructure all organizations need, so what about IoT?
Ensuring that the untold scores of connected devices are safe to use inside a corporation's walls is no easy task, but it cannot be ignored. From printers to refrigerators to the fitness tracker on your wrist, all have been shown to be vulnerable to exploits. The situation will only escalate as new versions are released and device manufacturers stop patching outdated devices. We expect that this problem will come to the forefront in 2017 with a massive breach resulting from an infected or compromised device unknown to IT teams monitoring the network.”
- Cyber-attacks will rise with geopolitical tensions
“Rising geopolitical tensions will serve as the harbinger for destructive cyber-attacks in 2017. In 2017, the United Cyber Caliphate and AQAP (Al-Qaeda in the Arabian Peninsula) will demonstrate advances in their cyber-campaigns, while Chinese hackers will increase cyber-attacks in response to U.S. Navy maneuvers in the South China Sea.”
- The IT sec skills gap widens
“Defending an organization against cyber attacks takes enormous resources in both technology and expertise. Many folks forget that the Internet wasn’t designed to be secure; it was designed to allow people and organizations to share information. Thus, adding security has been secondary. Most organizations are trying to plug holes and vulnerabilities, even as new ones are constantly surfacing. The experts who understand how to anticipate these vulnerabilities and adequately secure the organization are scarce. This is one trend that will persist for some time, as attackers need not be as smart as cybersecurity experts to be successful. And let’s face it: hackers only have to be right once. The experts have to be right every time. Attracting new talent and training them adequately will continue to be a challenge.”
- Cloud native systems will drive zero trust networks
“As more Cloud Native applications and systems emerge, perimeter-based security protection will become dreadfully ill-fitted to suite IT needs, giving rise to more zero-trust security models where protection becomes cloud-native, traveling with data and applications.”
- Cyber-related regulatory enforcement heats up
“Cyber security compliance and regulatory enforcement is set to receive a lot of attention. What began with the FTC, OCR and SEC has grown to a constantly expanding list of regulators. In just the past six months the CFPB (Consumer Financial Protection Bureau) and the New York State Department of Financial Services were added to that list with their first action and newly proposed regulation.
As the agencies struggle to keep up with the hackers, expanding their security requirements, compliance is becoming increasingly challenging for organizations. The FTC has been active in pursuing companies, citing violations for security failures and deceptive practices related to the collection of information and misleading privacy statements (among others). And the OCR has been aggressively enforcing HIPAA violations.”
- Time for a CCO (Chief Cybercrime Officer)
“Will 2017 see organizations looking to appoint a chief cybercrime officer?
The CCO would be responsible for ensuring that an organization is cyber-ready, would bear the responsibility for preventing breaches, would take the lead if a breach did occur and provide a robust connection between the board and the rest of the company.”
What other big cybersecurity trends for 2017 are you keeping an eye on?