Conferences

Changing Security As We Know It - Software as a Service (SaaS) Has Arrived Giving Rise to Plethora of Security Applications

Philippe Courtot, Chairman and CEO, Qualys, Inc.

We are entering into a new world. The rate of innovation is continuing to accelerate.

The Inconvenient Truth. 50% of corporate data resides unprotected on PC desktops and laptops. 1 out of 10 laptop computers will be lost or stolen within 12 months of purchase. 29.5 days - it takes on average to eliminate half of knows critical vulnerabilities on corporate networks. This is only a .5 day improvement.

Securing the enterprise is getting harder and harder.

Why is security so hard? To many variables, too may security patches, long software release cycle, technology is moving too fast. The burden is all on the enterprise.

The Cloud Computing Era

Software as a Service (SaaS). Infrastructure and Platform as a Service (IaaS, PaaS)

Cloud computing answers the IT business needs of agile, 21st century economies.

Why is it so disruptive? No IT resources needed, a delivery model that scales, disruptive business model, easier to select vendors.

One of the biggest advantages is the ability to quickly and inexpensively try things without a large capital expenditure.

The current financial situation is accelerating the adoption of cloud computing.

Why has adoption taken so long? resistance to change, Internet limitations, i.e. browsers, etc., Internet bubble (.com bust),

There is a tsunami of Enterprise SaaS solutions now coming to a browser near you.

What about security? A counter intuitive reality. Security can be made more granular and invisible in the cloud.

Why is this possible? Security can become part of the fabric.

What are the implications for the security industry? Accelerated consolidation. Major shift in buyers. Buyers of today are the enterprises, the buyers of tomorrow will be the cloud providers. Emergence of new players.

It is not about the survival of the fittest or the biggest, but of the one who adapts!

What are the implications for the security professional? Resistance is not an option anymore. We will be dealing with more complexity. Still have to deal with the current complexity and at the same time deal with the cloud.

What are the missing pieces? Technology: a more security and advanced browser, stronger authentication federated in the cloud, secure open protocols and standards. Legal: sla's, audits and compliance, privacy, location and ownership.

Closing with embrace the change.

{ 0 comments }

Securing the Smarter Planet

Brian J. Truskowski, General Manager, Internet Security Systems (ISS), IBM Global Technology Services (GTS)

1995 was when the first really themed RSA conference happened. A lot has changed since then.

We all need to remember one thing. Bad times are the opportunity for companies to become great companies.

In bad times, change is not only possible, it is necessary.

The winners are not just surviving right now, they are preparing.

A significant number of CEOs saw change coming, but that they couldn't manage it. Systems and processes are to rigid to manage change. Change required.

Business that embrace change are the ones that can excel in this type of environment. Ready to seize opportunities. Keep enterprises focused on values and goals.

Co

He states that the security industries goals and values are misaligned.

Talking about IBM being everywhere and able to see broadly because of that.

They see the world becoming a smarter planet. Instrumented, sensors embedded everywhere. Interconnect, soon 2 billion people on the internet, 4 billion mobile users. Intelligent, data explosion, power new systems for analyzing and using this data.

Ubiquitous computing. Rapidly approaching the day when there will be more smart devices accessing the internet than PCs.

Every day 1 million people become cell phone users. Ticking time bomb from a security perspective. Mobile computing that is.

There is only so much you can do to mitigate security issues after it has been deployed.

Security must become a function that enables business activities by being inherently embedded in all facets.

If you can respond to change more effectively than the competition you will win.

Changing to discuss social engineering. Humans are the weakest link in the security chain. Social engineering still very effective.

"Humans are an infinite threat to information security."

We need to design systems and processes that are resistant to human deficiencies.

Reduce complexity.

Successful business will embrace smarter security.

Pushing security as a business enabler (I don't agree with security as an enabler.)

Security spending must be contained.

Change and collaboration will be required to move forward in reducing cost and complexity.

{ 1 comment }

The "Extreme Makeover" of Network Security

Brian Smith, Ph.D., Chief Technology Officer, TippingPoint

Talking about converging security technologies. (A bit Tipping Point vendorish)

Too many consoles. Each inline device has its own console. Three problems, total cost of ownership, i.e. staffing, etc., inconsistencies with security policies, (he lost he third one)

System integration. Lack of automation makes it difficult to integrate.

Leverage. devices should be able to leverage each other.

Going to talk about "Too many consoles", "System Integration" and "Leverage"

Proposing a tag tables approach where an ip address or network is tagged with attributes. Those tags are now use in rule tables. Tags are used to turn on filters. Active rule table generation based on tags before matching takes place.

Now talking about how tags can be updated in many different ways. Automation becomes possible.

The threat landscape is changing. Applications are now the targets.

Sorry for the disjointed reporting on this one. A bit hard to follow. Key points were to use convergence to battle too many consoles, system integration problems and automation.

{ 0 comments }

The Cybersecurity Challenge - How Do The Good Guys Win?

Dave DeWalt, Chief Executive Officer and President, McAfee, Inc.

It's a tough job to run security.

Wants to talk about two things: 1) State of security, seeing some trends. 2) Path forward.

Obviously the economy has had a downward slope, conversely data breaches, malware and ftc complaints are increasing like crazy.

Talking about the 1 trillian dollars in intellectual property losses worldwide.

"Several years ago zero countries armed for cyber-warfare" Everybody was about protecting, defensive.

"Today 20+ countries armed for cyber-warefare" offensive strategies.

Not limited to governments. There are individuals and groups.

Talking about Conficker and how we don't really understand what it is about yet.

"Why is this happening?" (Growth of cyber crime)

Malware growth, countries do not work together well yet. Looks like a 500% increase in malware is possiblein 2009 again.

Many many devices coming online, mobile devices, critical infrastructure becoming IP addressable. The huge growth of social networking and web 2.0 technologies.

"What's the outlook?"  Not so good. Using weather analogy. Rain, thunder and lightning for the next five years.

Why? No protection, security cutbacks, complex attack vectors.

Attack Scenarios. Multi-vector attacks. Point products don't work well because the don't share data. Integration and learning between products is vital to protecting against these types of attacks.

The CISO nightmare: Money, reputation, and jobs.

The Future. What are we going to do about it?

Weather analogy again. Sensors anywhere. There are weather sensors all over the place. Reporting information back to a correlation point. We need to do the same with security. Gives us global intelligence.

Visibility is very important.

The future is mulit-layered, multi-correlated with real-time visibility.

Multi-layered from silicon to satellite. Sensors everywhere. chips, storage, os, vm, database, web, satellite.

Correlate across sensors and products now becomes very important.  Trying to figure out ways to quickly correlate information. Correlate to a cloud mentioned several times.

Real-time visibility across all products.

Now going through an attack scenario to demonstrate what this might look like.  Demonstrating how the this can work when we can see multiple vectors and how correlation lets us determine something more quickly.

Global Threat Intelligence database in the cloud.

Re-iterating multi-layered, multi-correlated, and real-time visibility.

All done.

{ 0 comments }