 |
RSA Conference 2008
By Vimal Solanki,
Vice President, Solution and Competitive Marketing
Earlier this month some 17,000 security professionals flocked to San Francisco for RSA, the largest conference in the industry. With more than 220 keynotes, panels and educational sessions to choose from (McAfee CEO Dave DeWalt and two of our top executives were among the featured speakers), attendees were promised an up-close look at the latest trends, technologies and best practices, as well as a chance to discuss and debate all of the above with their peers. They were also given the opportunity to hear some what some extremely high-profile figures—including former U.S. Vice President Al Gore and U.S. Department of Homeland Security Secretary Michael Chertoff—had to say about the state of IT security.
Aside from Gore’s latest thoughts on global warming and Chertoff’s plea for private industry to send its best and brightest to Washington to work on national cyber security, what were the biggest topics of conversation among exhibitors and attendees this year?
For those of you who couldn’t afford the $3,670 price tag for a deluxe pass, here are my picks for the top four topics everyone was talking about at RSA Conference 2008:
1) Virtualization
There’s no way around it; virtualization is the future of enterprise IT, and everyone is looking to get into the game. CIO recently identified 10 vendors to watch in 2008, but among RSA attendees the biggest topic of discussion with regard to virtualization was, naturally, the security implications of these environments. Are they safe? What are the risks? Should I jump on the bandwagon? A session called "Mitigating Virtual Machine Security Vulnerabilities" was so packed that some attendees couldn’t even get in the door. Ever ahead of the crowd, my colleague Jason Yuan offered his thoughts on this exact topic in last month’s issue. Back in February McAfee teamed up with VMware to advance virtualization security, and we also launched the industry's first service designed to help organizations securely deploy virtualization technologies.
2) Data loss/leakage
Lost or stolen laptops. Misplaced CDs or memory sticks. Employee email blunders. Social engineering scams. These are all-too-common occurrences that seem to happen to everyone, even the security professionals chatting in the RSA lunch line. Hundreds of thousands of individual instances around the world, many of which could result in the loss of valuable data that could potentially cripple an organization if it fell into the wrong hands. The San Francisco Chronicle correctly predicted that this would be a hot topic at RSA, and from the buzz I heard in the hallways, it’s clear that data loss protection is a trend that will increasingly drive the IT security market going forward. At McAfee we strongly believe that to solve this problem vendors and partners will have to go deeper into the enterprise and address security at the data level. My colleague Andrew Berkuta discussed this in a recent interview, and in January we introduced Total Protection for Data, which includes endpoint encryption, device control and host data loss prevention (DLP) all in one solution.
3) Encryption
One of the livelier debates at RSA this year was a panel discussion on cryptography, where Whitfield Diffie, the chief security officer at Sun Microsystems and a co-inventor of public key encryption, called the state of Internet security "a complete mess." Other panelists criticized the Department of Homeland Security's plan to spend $300 million to upgrade an airport finger-scanning system from the current two fingers up to all 10. (It’s a good thing Michael Chertoff wasn’t in the audience.) Encryption was certainly a hot topic on the show floor too, with several major vendors announcing new products, including Hewlett-Packard, Brocade and RSA. And given McAfee’s recent acquisition of encryption leader SafeBoot, some attendees were asking about the imminent integration of the SafeBoot technology into our McAfee ePolicy Orchestrator® security management tool. Stay tuned for exciting news on that front.
4) Network security
The security component of network access control (NAC), or network access protection (NAP for Windows Vista and Server 2008), was perhaps the hottest topic at RSA this year. Why? Because to reduce IT costs and simplify risk and compliance management across the enterprise, more and more organizations are moving toward centralized control of hosts via network and policy technologies. And implementing the proper security component alongside such an initiative is critical to protect the valuable data of the enterprise. (Just ask Cisco, whose NAC appliance was just found to have a serious security flaw.) In response to the growing need for reliable, comprehensive network security, McAfee just released Total Protection for Network, which consists of the McAfee Content Security Blade Server and the McAfee Network Security Platform (formerly McAfee IntruShield®). Click here to read more about the world’s fastest, most powerful network security suite.
Other topics that came up over and over throughout the week included: identity management, election fraud, tightening IT budgets, companies shying away from new technology because of security concerns, data classification, compliance and regulation, "Echo Boom/Generation Y" hackers, application security, security in consumer electronics, and the government’s role in regulating security. We’ll take a closer look at some of these issues in the coming months.
|
 |
