Are you getting ready for the upcoming RSA Conference, the world's leading information security conference and exposition?  The event is quickly approaching, taking place April 24-27, 2023 at the Moscone Center in San Francisco.  This year's theme: Stronger Together.  In the cybersecurity industry, no one goes it alone. Instead, we build on each other’s diverse knowledge to create the next breakthrough—exchanging ideas, sharing our success stories, and bravely examining our failures.

Ahead of the show, VMblog received an exclusive interview with Dave Frampton, SVP/GM, Security Business Unit, Sumo Logic, the SaaS analytics platform to enable reliable and secure cloud-native applications.

VMblog:  To kick things off, give VMblog readers a quick overview of the company.

Dave Frampton:  Sumo Logic is the leading SaaS analytics platform for reliable and secure cloud-native apps. In one platform, Sumo Logic customers can ingest data across their entire cloud infrastructure and transform data overload into insights for developers, IT operations, and security operations. DevOps teams can proactively monitor applications in the production environment for bugs, quickly detect security threats with the latest threat intelligence, and capture critical application performance metrics that drive effective business decision-making. Sumo Logic is also committed to an open telemetry approach to data collection, which helps simplify and democratize its data collection compared to other analytics solutions.

VMblog:  What market needs or problems are you addressing in the security space?

Frampton:  Sumo Logic is bridging the gap between security and observability, emphasizing the need for an integrated approach where security and observability work together instead of separate to enable business innovation while maximizing threat protection.

VMblog:  Is your company launching anything new at the show?  Can you give us a sneak peek?

Frampton:  Sumo Logic will be announcing several new capabilities at RSAC that will further bolster the Sumo Logic platform to help users gain insights and visibility into threat indicators and provide actionable next steps for remediation. This new set of features will enable customers to improve alert triage, prioritization and escalation using integration, orchestration and automation.

VMblog:  What are some emerging risks for security leaders at RSA to consider this year?

Frampton:  The everchanging cybersecurity landscape always adds new threats and concerns to the minds of security leaders. For this year, security leaders should consider: 

• Hidden malware in public charging stations: As an event related threat, issues with public charging stations are fairly new, but also exemplify the lengths that cybercriminals will go to get user data. Cybercriminals are using tactics such as juice jacking, creating fake charging stations, and Bluetooth hacking at public charging stations to steal user data. Security leaders need to be sure their employees are aware of this threat while at events or traveling.


• Employees' use of AI tools such as ChatGPT in the workplace: The use of ChatGPT and AI tools in the workplace poses a danger to the confidential information employees hold. For example, if employees input confidential information into ChatGPT to help solve business problems, it can create a security risk if any of that information is leaked or the AI tool is hacked.


• Increased password manager use risks: Password managers are hacked all the time. They are well known to leak credentials in clear text and fail to clear out master passwords. This risk is significant as once a password manager is compromised, bad actors gain access to all end-user credentials stored in the master repository.
  

VMblog:  What are some of the key takeaways of your solution that RSA conference goers should be aware of?  And what sets you apart from the competition?

Frampton:  As building security maturity continues to be a key challenge for organizations that lack the resources, staffing and tooling to develop and manage robust cybersecurity programs internally, Sumo Logic is focusing on making it easier for organizations to run security operations more efficiently and with more flexibility, while providing key insights and security solutions in one platform.

Sumo Logic is also the only full-stack observability solution that offers predictive analytics of metrics, events, logs and traces, further establishing the Sumo Logic platform as the singular tool needed to help control and manage cloud infrastructure and app development variables, while making it easier for developers to harness data.

VMblog:  The keynote stage will be talking about major themes this year.  But what trends is your company seeing that we should be aware of in 2023 and beyond?

Frampton:

• Application performance monitoring (APM) is dead or dying in its current state: As a stand-alone market, APM seems like it is dying. While observability is the goal, APM is still a necessary part of the big picture. APM grew from an on-premise environment, so with mobile applications running everywhere, observability can be considered the new APM.


• Prepare for the start of “Everything-as-Code”: Everything is becoming applications and code, meaning automation will be everywhere. Developers will have more control and manageability over applications, so there will be increasing demand for everything possible to be as-code.


• AI tools can prove to be a security risk but are also extremely effective for dealing with large volumes of data: Machine data analytics is the future of data analytics. With machines increasing their capacity at a high rate, their data output is also growing exponentially. It’s going to be essential for vendors to be able to manage this unstructured log data to maintain data security.