Last week’s RSA Conference 2012 was the largest security event ever, with 350 sessions, 350 exhibitors and over 20,000 attendees. There are two very, very good reasons for this ever growing level of interest. In his keynote speech, FBI Director Robert Mueller noted that: “Terrorism remains the FBI’s top priority. But in the not too distant future, we anticipate that the cyber threat will pose the number one threat to our country.” We’ve all read about the large number of successful hacks this year, but for the FBI Director to say that cyber attacks will be at the top of the threat list – well, WOW!
And, according to numerous speakers, IT security managers are not only lagging behind in their ability to cope with current cyber threats, they are even farther behind in their ability to deal with emerging security issues associated with cloud computing.
As you would expect, estimates of explosive growth in security products and services abound. A recent Infonetics Research quarterly report cited that network security appliances and software is expected to increase 8% in 2012 with a long-term global market forecast of $6.7 billion by 2016.
Other interesting tidbits from the conference:
- “Digital Natives,” defined as people who are always connected and feel lost when they are untethered, are changing the workforce and challenging corporate security. They do not separate “work” and “personal” connectivity or their devices – BYOD (Bring Your Own Device) was one of the buzzwords of the conference. For example, there was significant interest in how IT could provide remote access to corporate data without running the risk of this data getting into the wrong hands.
- “Hactivism” is on the rise which creates a constant, persistent threat and the attacks are better coordinated and more sophisticated.
- Big Data was another hot topic. Enterprises can aggregate huge amounts of event data from logs into huge databases, but are challenged by how to turn the data into useful security information. In his keynote presentation, Art Coviello, executive vice president of RSA, said that security pros need tools to sift this data and predict attacker’s next moves, creating an “intelligence-driven program” that’s more agile than current signature-based defenses.
In addition to the numerous product announcements, the Cloud Security Alliance announced two new initiatives for 2012, addressing growing areas of need in cloud security – mobile computing and innovation. CSA’s initiatives in these areas will focus on accelerating delivery of a trusted cloud ecosystem, furthering the organization’s mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.
Encryption is always a big topic at RSA. The 2011 Global Encryption Trends Study, published during RSA 2012, stated that encryption is now seen as a strategic issue and that organizations are increasing their investment in encryption across the enterprise.
According to the report, the main drivers for deploying encryption solutions are to protect brand reputation (45%) and lessen the impact of data breaches (40%). 39% of respondents indicate that compliance with privacy or data security regulations is the main driver. As you would expect, compliance is also driving increased security appliance and software budgets.