March 4, 2012
Posted by on
Last week I visited RSA’12 to see whats going on in the area of digital security in a networked environment. I spent sometime in expo center and attended a couple of keynotes sessions.
A lot of companies including FireEye, McCafee, Symantec, PaloAlto, EMC, Cisco, HP, IBM, Microsoft, and Oracle showed up at RSA’12. Last year someone asked what Microsoft is doing at a security conference and the answer was in the form of another question that ‘what everyone else would have been doing here without Microsoft Windows‘. Oracle was also there with a solution for ‘SQL Injection’; someone may ask why Oracle, instead of fixing actual issues of their main product, is selling another product as a shield; anyway I guess it is the way it is. One of the popular companies was FireEye that participated with a robot to exhibit its hot product line of ‘Malware Protection Systems’.
|FireEye Man at RSA’12
|One of the famous hackers of 1990s Kevin Mitnik of Mitnik Securities was also there at RSA exhibition under FireMon’s booth. He was giving visitors his latest book, the New York Times best seller ‘Ghost in the Wires‘, with his signatures. Although I have already listened the audiobook but I collected ‘Ghost in the Wires‘ in its physical form with the author’s signature.
|With author and his book Ghost in the Wires
The latest trend in RSA’12 is to protect Internet from malicious activities and to address security issues in the cloud. With the emergence of cloud computing, identity management, public key distribution, security information and event management (SEIM) are among popular topics. Addressing issues of single sign-on (SSO), authentication, authorization and confidentiality of contents is of paramount importance before moving toward cloud infrastructure. SEIM seems evolving but interpretability, lack of standards, customization and extensibility in data aggregation are a few areas that need attention.
In a keynote session Philippe Courlot (CEO Qualys) talked about urgent need for a more effective approach to security. I joined in the middle when speaker was advocating that cloud is more secure than traditional approaches. I guess he must have presented some facts in favor of his claim. Later McCafee CTO Stuart McLure gave a talk on ‘Securing the Unsecurable‘; his talk was an acknowledgement that we are facing a real security threat and that the current approaches to address it are not enough. He demonstrated a health device to depict how software vulnerabilities in health equipments could lead to death.
David Brooks, the New York Times columnist and author of The Social Animal, gave an inspiring talk about how we make decisions, how the subconscious mind drives our lives and why some succeed and others don’t. The Social Animal is on my reading wish list now. Overall, it is my understanding that
the industry has realized it now that security is a serious problem and we need to address it properly and urgently