Virtualization Technology News and Information
RSA Conference 2023 Q&A: Armis Will Showcase its Unified Asset Intelligence Platform. Read What Else They Have Planned for the Show.


Are you getting ready for the upcoming RSA Conference, the world's leading information security conference and exposition?  The event is quickly approaching, taking place April 24-27, 2023 at the Moscone Center in San Francisco.  This year's theme: Stronger Together.  In the cybersecurity industry, no one goes it alone. Instead, we build on each other’s diverse knowledge to create the next breakthrough—exchanging ideas, sharing our success stories, and bravely examining our failures.

Ahead of the show, VMblog received an exclusive interview with Curtis Simpson, CISO of Armis, a leading asset visibility and security company, providing the industry's first unified asset intelligence platform designed to address the new extended attack surface that connected assets create.


VMblog: To kick things off, give VMblog readers a quick overview of the company.

Curtis Simpson:  Armis is the leading asset visibility and security company that provides the industry's first unified asset intelligence platform designed to address the new extended attack surface that connected assets create.

Our real-time and continuous protection allows our customers to see and understand, with full context, all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G.

VMblog: How can attendees find you at the show? How many folks are you sending? What can attendees expect? 

Simpson:  Armis has a lot to offer for attendees this year at RSA. With over 70 of our staff attending this year, we have so many events and activities planned. Firstly, you can stop by our booth which is located at S-1127 and S-4411 and meet our experts, see demos of our Unified Asset Intelligence Platform and take part in our fun activity which enables you to find keys to unlock our mystery asset box full of the best swag at RSA!

You can also book a meeting with one of fourteen of our executive leaders who will be attending, so you can hear more and get insight into a specific area or security issue that organizations are dealing with. We are also hosting an invite-only executive event which you can sign up for by visiting our dedicated event site and then, once confirmed, join us at the Nasdaq Entrepreneurial Center on Tuesday, April 25th.

Finally, for IT professionals we are hosting a truly unique experience at the NASDAQ Center "Catch a Hacker." It is a 45-minute immersive experience that puts you in a serious incident within an organization which you have to fix! For all information about our plans you can visit: 

This year, we are also incredibly proud to be supporting St Jude's Children Research Hospital where everyone coming to see us at our booth leads to a donation from Armis.

VMblog: What made you sponsor RSA this year? Is this a must sponsor event for your company?   

Simpson:  RSA is a very important event for us and a must for our year's plans. It is one of the big events each year when the cybersecurity industry gets together and showcases roadmaps, discusses trends and priorities for the year and gets to meet with customers and partners to build out the year's initiatives. It is also useful to hear from peers and discuss the pressing issues of recent months to have new dialogues. It's great to see other vendors so that we can connect and grow new alignment efforts and partnerships - and of course it's' always great fun!

VMblog: What is your message to RSA attendees coming out to the show this year?

Simpson:  In today's world, cyberattacks are not only focused on data theft, but also are actually targeting cyber-physical systems that our society is dependent on. This strategic shift in cyberwarfare and ransomware is causing real-world disruption and harm to global communities and society overall.

Protecting cyber-physical systems against cyberattacks is critical, and it's essential that organizations proactively mitigate risk before an attack occurs. With an ever-growing number of connected devices in use, combined with the fact that cyberattacks are on the rise, it's imperative for companies to have in-depth insights into the risks that vulnerabilities introduce.

As such, it's equally essential to ensure customers have the visibility to secure all of their assets from today's evolving cyber threat landscape. At Armis, we focus on identifying these attack vectors so that organizations and the wider cybersecurity industry can address these threats proactively.

VMblog: What market needs or problems are you addressing in the security space?

Simpson:  The key underlying problem here is that enterprises do not have visibility into all of the asset information they need in order to make informed decisions about their current asset inventory and security posture, which impacts their ability to respond effectively to vulnerabilities, threats, and risks. Organizations that cannot see their assets cannot effectively manage or secure them. This foundational gap negatively impacts organizations and puts a strain on the industry overall, as cybersecurity continues to be a top concern of businesses and individuals, especially with the potential financial risk and disruption to business operations.

VMblog: What are some of the key takeaways of your solution that RSA conference goers should be aware of? And what sets you apart from the competition?

Simpson:  Armis Asset Vulnerability Management (AVM) is the only solution for risk-based vulnerability management that enables organizations to prioritize mitigation efforts across the entire asset attack surface. AVM offers risk-based vulnerability management that enables security teams to quickly identify and remediate vulnerabilities, prioritizing those that are most likely to be exploited and negatively impact the business by potentially causing costly disruptions.

By providing complete asset discovery, real-time vulnerability and threat intelligence, and highlighting critical assets, Armis AVM enables enterprises to hone in on the assets increasing operational risk for smarter remediation efforts, allowing them to better manage their attack surface and improve risk posture.

VMblog: Is your company launching anything new at the show? Can you give us a sneak peek?

Simpson:  What I can share at this time is that we recently completed some very interesting cyber trends research, which we will be showcasing at RSA this year. Myself and my colleague Mohammed Waqas also have a number of speaking slots, one of which is with our customer - The City of Las Vegas. You won't want to miss any of these!

VMblog: What are some top priorities for security leaders at RSA to consider this year?

Simpson:  The cyberwarfare landscape continues to evolve significantly, especially following Russia's invasion of Ukraine in February 2022. As such, business and IT leaders must understand the evolving threat landscape so that they can improve their cybersecurity posture to defend against these attacks. Additionally, the race for tech dominance and increased protectionism between China and the U.S. is increasing tensions - so much so that recently, China's new foreign minister warned it could plunge the two countries into conflict. That's a problem for businesses that are not prepared for an escalation in cyberwarfare with China (or any other nation).

Despite these rising tensions and ongoing global conflicts, our recent study found that 33% of global organizations are not taking the threat of cyberwarfare seriously. These organizations identified as indifferent or unconcerned about the impact of cyberwarfare on their organizations as a whole, leaving room for security gaps. This is despite the fact that the threat landscape continues to worsen: more than half (54%) of respondents surveyed who are their organization's sole decision-maker for IT security said they experienced more threat activity on their network between May and October 2022, when compared to the six months prior.

With global tensions and the looming threats of new cyberwar adversaries changing the threat landscape for U.S. companies, it's critical that U.S. business and IT leaders can take immediate steps to shore up their cyber resilience.

VMblog: What are some of the security best practices you would deem critical?

Simpson:  Ensuring a strong security posture and business-aligned cyber resilience starts with asset visibility. Having the ability to see every asset operating the business and how they map to other assets and business capabilities gives organizations the tools to understand the business context, infrastructure and risk affecting their cyber resiliency, and to use that context to set security policies specific to their organizations' needs. The technological challenge comes in the form of performing identification and classification of these assets, when most devices simply weren't designed to accommodate traditional methods; such as deploying security agents, or when other techniques such as scanning can be disruptive to operations. Organizations must be able to perform comprehensive discovery, identification, and classification in a passive and continuous manner - otherwise, they'll be blind on the one hand and be subject to business and brand disruption on the other.

That said, you shouldn't fall into the trap of visibility alone. Context matters. Security teams should know: what is a device doing, measured against what it should be doing? This combination of continuous and real-time visibility and behavioral analysis is key to ensuring that the connected assets, systems, and infrastructure can perform as they are intended, and that they don't become the entry point or a stepping stone for bad actors to compromise the organization.

VMblog: The keynote stage will be talking about major themes this year. But what trends is your company seeing that we should be aware of in 2023 and beyond?

Simpson:  We're seeing companies try to strike a balance between tech innovation and the high-risk cybersecurity landscape. Smart devices are already integrated into everything from mobile phones to security systems at hospitals and much more. While new managed and unmanaged assets across IT, cloud, IoT, IoMT, and beyond offer many benefits for businesses and their customers, these assets also extend an organization's cyber attack surface. Security and technology leaders need to prioritize gaining visibility into what's connected to their network to improve their asset security posture and mitigate this risk.

VMblog: Does your company have any speaking slots at RSA?  If so, can you tell us more about those sessions so people can get them on their schedules?

Simpson:  Yes, several!

I am speaking on "Cyber Warfare Attack Trends: How Las Vegas is Improving its Security Posture" on April 26 at 12:00pm PT alongside our customer, the Chief Innovation and Technology Officer for the City of Las Vegas, to discuss how to solve the critical challenges facing today's organizations to address the new extended attack surface that connected assets create.

Also Mohammad Waqas, principal solutions architect of healthcare at Armis, is speaking on a panel titled "4 Ways IoT Devices Are Creating Privacy Implications For Organizations." This will be held on April 26 at 1:15pm - 2:05pm PT. Moh is also speaking on "Securing Critical Infrastructure During the Cyber Warfare Era" on April 26th at 2:25pm PDT.

VMblog: As a show sponsor, do you have any tips for attendees to better prepare or handle the conference?

Simpson:  As we're all getting back into the groove of in-person conferences, RSA can be overwhelming for both first-time and veteran attendees. We recommend planning out your agenda so you can attend any must-see sessions, schedule time for vendor booths, and network with fellow security professionals.


Published Monday, April 10, 2023 7:36 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2023>