Security Trends - RSA 2010

Posted March 9, 2010, 4:53 pm by Dennis Piche

Image of Dennis

Dennis Piche

ANX sent four delegates (including our CEO) to the RSA conference this year with learning in mind;  learning more about what our competition is up to, learning more about potential business partners, and learning more about emerging trends in security.  Here are some of my takeaways from the conference:

 

Attendance

According to Tom Heiser (of RSA) attendance was up 20% this year.  After a disappointing 2009 this is refreshing news and hopefully the sign of a recovering economy.

 

Themes

Cloud Security:  The Cloud Security Alliance put on a sold out show to kick off the conference on Monday.  Unfortunately I did not arrive in San Francisco until Monday afternoon but I heard they had to turn many away due to overcrowding.  Security is considered by many to be a major concern for organizations thinking about adopting cloud computing.

 

Compliance:   Compliance solutions, and more specifically PCI compliance solutions, where on display everywhere at the expo.  Figuring out how to provide PCI (and other) compliant cloud based solutions appears to be the holy grail at the moment.

 

Advanced Persistent Threats (APTs):  While APTs are not new, news of Operation Aurora, disclosed by Google in January, put them on top of the threat vector just in time for RSA.  Truth is APTs are not really on top (see sql injection) but they are newsworthy and high impact.  Based on some of the “I stop ATPs too” stuff on display at the expo it appears as though many were scrambling to include this threat.

 

Honorable mentions:  Data Loss Prevention (DLP), Identity and Log management.


Favorite Session 

My favorite session (both from a material and presentation standpoint) was Winnovation- Security Zen through Disruptive Innovation and Cloud Computing by Christopher Hoff and Rich Mogull.  One of the key messages in their presentation, with respect to cloud computing security, was the need to move from network-centric security to information-centric security.  Rich went into a description on how this might be accomplished – via information tagging – where all information has a description (ie what the data is) and a policy (ie what can be done with the data).  An additional component, cross-domain information protection, according to Rich, would be used to ensure the security model stays intact while data is passed between applications.  I look forward to downloading the slides when they become available.

Honorable mentions:  Dealing with Change: A CISO Perspective, Pecha Kucha (20 slides, 20 seconds each).


Favorite New Product: 

Mykonos Web Security Appliance:  Mykonos Software, Inc. unveiled their new web security appliance and framework at the expo.  Their solution (oversimplified) is hacker profiling (including an assigned name, known IP address, known location, and attempted exploit) with a distraction element that lures hackers (perhaps less experienced ones anyway) into a honeypot while you decide to what to do with them.  The most interesting bit (for me) is what you could do with the aggregate hacker profiling data collected from all of the devices in the field.  Anytime aggregate data can be collected and analyzed from many geographically separate security devices – the data is invaluable.  When I asked about this, Mykonos suggested that customers could subscribe to a service that would automatically block known hackers from accessing your website.

 

Honorable mentions:  Whitebox Security’s Whitebox, Navajo Systems’ VPS, and Envision Security’s Risk Communicator.  These were all part of the Innovation Sandbox.

 
Filed under: Security Threats
Edited February 2, 2014 by Dennis
Listed in Communities:


You must be logged in to post comments.