The RSA Conference is a forum for an industry trying to keep hacktivism, espionage, and money-driven crime syndicates at bay. Walk the floor and you will see how many facets there are to keeping the network secure, so that more than a third of the world’s seven billion people can use their phones, laptops, tablets, smartphones, etc., to connect to the people and information they need to run their lives, businesses and governments. So what were the main themes at the conference? Cloud, mobility, and management.
Cloud: There is no doubt organizations are migrating to the cloud, whether it’s a public, private or hybrid model, to take advantage of its scale and economies. However, securing that cloud deployment can be tricky as you navigate various migration paths, relationships and control issues. While it seems everyone has a cloud story (which evidently necessitates blue collateral and puffy clouds somewhere in the booth), the reality is most still tend to be more of a repackaging of existing technologies rather than new, innovative solutions. For example, VMware talked about its collaboration with partners to deliver security in the cloud, and Fortinet released a new form factor optimized for data centers for its firewall technology in the FortiGate 5140B/5001B.
Mobility: Anything mobile is a hot security issue especially as the bring your own device (BYOD) trend heats up; the devices, are becoming an increasingly attractive target. We have already seen data traffic rise exponentially on smartphones and tablets. Video is now the leading driver of total data traffic, averaging 50 percent across geographies. Then, there are the apps that contain particularly sensitive information, for example, retail sales through mobile devices is on the rise. According to Internet Retailer, the 300 largest U.S. mobile merchants generated $5.37 billion in sales through mobile devices. Mobile banking app usage is also increasing with nearly 14 percent of U.S. mobile subscribers accessing banking services on their devices.
Depending to whom you talk, the percentage of phones infected with malware is estimated between one and five percent. There are solutions being hyped from Juniper (Pulse) and CheckPoint that focus on encrypting mobile traffic and controlling and optimizing access to applications for the enterprise. Other companies attempt to tackle attack identification and remediation on the device, such as Alcatel-Lucent Kindsight, for end users (as a service for providers).
Management: Visibility into the traffic is one of the hardest things to get; most service providers and enterprises cite visibility and subsequent security identification and event management (SIEM) as one of their hardest problems to solve, which is why almost every booth had some sort of SIEM story to tell. But that is really the problem: different “panes of glass” for different functions, regardless of how helpful that pane is, it doesn’t take the pain away from the time and effort it takes to manage the network and the security of that network. Ultimately, all the logs and information that each of the devices in your network generate turn it into a big data issue. The National Science Foundation puts the “Big Data” market at a $100 billion industry. It’s why we have seen companies such as Oracle, IBM, Microsoft and SAP spend a combined $15 billion+ acquiring technology that can help them with data management and analytics. Of course there are security-specific solutions too, such as NetForensics, HP’s ArcSight and many others.
For questions or more specifics, please contact Sarah at firstname.lastname@example.org.