Key Takeaways from RSA
March 8th, 2010 · No Comments
I’m back and recovered from a hectic week at RSA. I had the chance to exchange ideas with a number of attendees and attend a few sessions as well as meet with several clients. Here are my key takeaways from the week.
What was “hot”? No doubt, discussions of the Cloud and security dominated the show. Sessions on Cloud security were typically full and people turned away (the vigilant room monitors don’t allow standing in the room due to the fire code). My biggest takeaway: The Cloud isn’t one thing, so securing the Cloud can’t be a single thing either. The vendors sense the need and opportunity and are starting to deliver many more innovative solutions here (such as encryption services). Many are using the term “Cloud” to generate interest, but once you get past the hype, real solutions are emerging.
Application whitelisting remains a topic of interest and several vendors were demonstrating their next-generation of manageable application control/whitelising solutions. Key takeaway: The enforcement of an application whitelist is a commodity (Windows, Linux and Mac can do this in the OS). It’s the ongoing management of the list and how exceptions are handled that will make or break an application control implementation.
Virtualization and security was hot again this year. Multiple vendors are demonstrating innovative solutions based on introspection using VMsafe. Altor Networks won the Innovation Sandbox with their virtual firewall solution. Key takeaway: The point solution vendors are innovating rapidly, but the slumbering (lumbering?) giants are taking notice.
A couple of key quotes that really resonated with me:
From a lawyer on the “Big Brother” panel in regards to helping customers easily and transparently use technology more safely: “The vendors should focus less on the dashboard and more on what’s under the hood” – something like that – essentially saying that we as an industry don’t think enough about how to bake safety into computing versus rely on competent users to understand what is going on and make the right decision.
And from the CEO of Qualys: “The Cloud is doing to the IT industry and information security what the Internet did to publishing”. Yup. Our industry is being massively disrupted. As customers of these vendors, this is a good thing. More competition, reducing switching costs and lower costs are all a direct outcome. Exciting times!
Share:
Tags: Cloud · Information Security · Virtualization Security
0 responses so far ↓
There are no comments yet...Kick things off by filling out the form below.
Leave a Comment
Thanks Neil for your interesting insights heading out of RSA 2010.
