XDR, the cybersecurity trend that dominated the RSA Conference 2022

Alberto Sempere    15 June, 2022
Photo: RSA Conference 2022

After a two-year break, I am back at the RSA Conference in San Francisco, the international key event for the cybersecurity industry.

Having overcome the typical hurdles of a trip in the COVID era, we found ourselves at the conference with broad smiles, strong handshakes, and lots of lively conversations. Signs that proved this industry’s eagerness to get back on track, and also an optimism that is a far from the current scenario in which the average value of the major cybersecurity indices has fallen by 20% so far in 2022.

Every year that I have attended RSA there has been some new buzzword that becomes a kind of common thread for many companies at the conference and it seems you can’t not mention it if you want to be relevant to your customers. In the past years we have lived through the era of orchestration, SASE, the Human Factor, and so on.

Picture: RSA Conference 2022
Photo: RSA Conference 2022

And for this year surely some of us were betting on Zero Trust, which is a topic that is still relevant and has been less present in what I have been able to see of this conference. However, for me, the clear winner for 2022 is XDR.

What is XDR and why is it key to cybersecurity?

XDR stands for Extended Detection and Response. Without simplifying it too much, it has much to do with extending the detection and response tools and processes we had in place to ensure we have no blind spots and that we are much more efficient in our response.

Photo: RSA Conference 2022
Photo: RSA Conference 2022

It is therefore an extension of the detection tools beyond the Endpoint (EDR) and SIEM, taking detection to the network (NTA), to Cloud native environments (CSPM), around identity (ITDR), to applications, etc.

Technological convergence and visibility

XDR is along with two other trends that are closely related: first, technological convergence, which has a lot to do with it because it requires solutions that used to be seen separately and now come together to not only improve detection but also response, which traditionally required additional tools to automate and orchestrate, collect and apply intelligence, etc….

Basically, an integrated tool that allows us to achieve that XDR concept in the most efficient and simple way. Whether this convergence is the best option or whether it is the sum of several technologies coordinated by an orchestrator, a SIEM or other tools is a topic that requires more space than this article provides.

Here MSSPs such as Telefónica Tech can play an important role in supporting customers in this transformation process by providing XDR capabilities in both converged and heterogeneous environments.

The other closely related concept that I wanted to mention is Visibility. Another concept that appears recurrently. It is increasingly important for companies.

Photo: RSA Conference 2022
Photo: RSA Conference 2022

In order to know where they are, to be able to prioritise, in short, to give better visibility of their risk within their organisation. Many solutions have pushed this attribute and some do it in a specific way, such as ASM (attack surface management) solutions.

Essentially, through automated tools these services provide a clear and fairly comprehensive view of the most important vulnerabilities and areas of exposure and risk and unlike other traditional tools do so from an attacker’s perspective.

These tools could help to start automatic Red Team exercises in a lighter way or supplement existing services or capabilities with such activities on a recurring basis.

Mobile security and the presence of Spanish startups

Moving on, I also wanted to mention the security of mobile phones. I have to say that I didn’t see as much as I expected. It seems that the impact of the security breach of the mobile phones of members of the Spanish government has not had as much impact in the United States, and this was reflected at the fair.

I cannot finish without mentioning some of the startups present in the Spanish hall. Spanish startups that I always try to pay special attention to, as this year they were:

  • RedBorder with whom we were able to talk about visibility and XDR on their open and scalable network platform.
  • ETHEC who showed us how their company provides greater visibility through their risk assessment platform.
  • LEX Program, the legaltech startup that enables real-time compliance with the most common legal requirements in website consent taking through a dynamic platform.

As I said at the beginning, the level of enthusiasm experienced during the fair has been contagious and I am looking forward to continue working with many of the partners and customers with whom we had the pleasure of chatting those days.

Photo: RSA Conference 2022

Leave a Reply

Your email address will not be published.