Last week, the SecurityWeek team was in San Francisco for the annual RSA Conference (RSAC). All week long we covered the news from the show floor, as well as various interviews.
In total, the event brought together 562 speakers across approximately 346 sessions, including keynotes, P2Ps, track sessions, tutorials and seminars. More than 350 companies were present in the exhibit hall, showcasing various security tools and technologies.
Here’s a recap of the week, including some product announcements and an overview of some of the other things we learned at RSA Conference 2012. Also, check out SecurityWeek’s slideshow of photos from the conference.
Stonesoft, a network security and continuity vendor, has been working for some time on their line of products. SecurityWeek met with them at RSA, and were pleasantly surprised to learn that they’ve spent a good deal of effort on R&D in order to meet the needs of their customers, while keeping up with the market.
Case in point – they announced something last week that will help IT shops both large and small scale their security environments, on top of making re-provisioning an easier task. Our takeaway on this new offering is that IT teams – especially those in the SMB space – can do more with less.
The offering is the Stonesoft Security Engine (SSE), which can be configured to act as a traditional or next gen device, based on the user’s preference. As of now, the SSE can work as a firewall, IPS, UTM, or VPN device.
“This has been Stonesoft’s long term vision – to stop viewing security as a fixed product or definition. Instead we need solutions that have the adaptability and scalability of a service. We’ve achieved this goal by creating something that can evolve, adapt, scale up and transform in time. These requirements mirror the feedback we’ve heard from customers for the last decade,” said Ilkka Hiidenheimo, CEO and founder of Stonesoft.
The SSE will be available in April, but more information is online here.
Big Data? Hmmmm…
LogLogic, a provider of SIEM and log management solutions, released the findings of a study conducted in conjunction with research firm Echelon One on the topics of cloud and “Big Data”. Key in their discoveries is that many seasoned IT professionals have many misconceptions about big data and what it actually is.
The Cloud Security Alliance (CSA) announced innovation and mobile initiatives during RSAC, which earned them some buzz among show attendees. Those we spoke to said that such plans are a solid starting point – but almost everyone we spoke to agreed that while cloud-based initiatives look easy on paper, they’re never that simple when push comes to shove.
Innovation-wise, the CSA said they plan to accelerate delivery of a trusted cloud-based ecosystem by identifying key structural issues related to trust and security that inhibit adoption, better articulate the guiding principals and objectives that must be addressed by vendors and innovators, and incubate technologies that align with the identified issues and principals.
On the mobile front, the CSA will focus on management, provisioning, policy, and data protection / data management issues, while looking towards developing a stable framework for mobile cloud-based architectures.
“Mobile devices are the newest generation of communication and it’s nearly impossible to separate mobile technology from cloud solutions,” said David Lingenfelter, Information Security Officer for Fiberlink.
“Making sure that security is an integral part of mobile technology can only be done by making sure that security in the cloud takes into account every aspect of mobile computing and this new working group will help bring those two worlds into alignment.”
The R&D, as well as other related initiative work will be done by a working group within the CSA, as well as a for–profit entity working with innovators and other stakeholders. More information is here.
Data Recovery can be Risky…
DriveSavers Data Recovery spent some time talking about the second annual study by Ponemon Institute, which outlines the potential security risks when confidential and sensitive data is outsourced to third-party data recovery vendors.
The key areas that they focused on include the risk of permanent data loss by inexperienced recovery engineers; risk of improper downloading or ID theft of confidential data by unethical engineers; risk of outside breach from hackers if data is stored on an unprotected network; risk of confidential data exposure if damaged drives are not destroyed with a degausser or shredder; and the risk of viruses or malware being returned with recovered data.
Our interest in this topic centers on the fact that the study simply states another level of risk when outsourcing your organization’s needs. It’s another example of why vendors should be fully vetted, and then treated as trusted partners.
Fighting with FIRE
A new solution built on their FirePOWER platform is what led Sourcefire to talk about changes to their new next gen IPS during RSAC. The advancements promise real-time contextual awareness, along side stronger visibility, automation, and granular application control. Sourcefire’s next gen hardware will leverage FireSIGHT to make good on the enhancement claims.
FireSIGHT can discover thousands of applications (including those client-side, on a mobile browser, and VMs) in order to offer control over them, host profiling, mapping, and change visibility, Layer 7 and network behavior analysis (anomaly detection), impact assessments, and automated response based on policy.
Qualys Pushes Major Enhancements to its Flagship QualysGuard Suite
Qualys has a history of making major product announcements at the RSA Conference in San Francisco each year, and this year is no exception. The company, based just miles away in Redwood Shores, introduced significant enhancements to its flagship QualysGuard suite of applications for security and compliance at the RSA Conference.
Well DAM, that’s useful...
McAfee announced its Database Activity Monitoring (DAM) solution during RSAC, which expands on the technology acquired when the company snapped up Sentrigo last year. As with all other McAfee enterprise offerings, the new DAM platform is designed as a snap-on for the ePolicy Orchestrator console.
The latest version of McAfee DAM now supports MySQL and Teradata databases, in an effort to ensure complete protection across the most popular database management systems.
Removable Storage Risks Discussed at Length
There were several vendors talking about secure storage, and storage protection. However, one of the standout briefings on the floor came from Imation.
The company might seem new, but they acquired the rights to storage and media giants Memorex, TDK, and formed a strong partnership IronKey in the last few years. They have worked to expand the security aspect of those products, in addition to acquiring assets of MXI Security, including MXI’s portable security solutions and technologies.
On the floor, Imation discussed a recent report on unintentional data loss / exposure, due to mobile storage. Some of the takeaways included that while an overwhelming majority of enterprises allow portable storage usage (91-percent), only 34-percent actually protected the data stored or the storage medium itself. Also, while 81-percent of those in the study said that they have policy governing storage encryption, two-thirds admitted to not enforcing it.
“Workers are moving mass volumes of data on unsecured devices, often their own iPhones and flash drives, out of the network every day, and this makes businesses vulnerable to loss or theft of corporate or customer data,” said Lawrence Reusing, general manager, Mobile Security for Imation. “…most organizations do not have a handle on the devices and data that can walk out their door every day.”
Speaking of Mobile Storage…
Kingston Digital, one of the more common USB vendors (most of the flash drives handed out during RSAC were Kingston made), said they would lower the price for their line of enterprise and government secure devices. In addition, their DataTraveler line was improved with larger capacity.
The latest DT4000 and DT4000-M have increased capacities up to 32GB and support Mac OS. The DTVP and DTVP-M now offer increased capacities up to 64GB. Pricing ranges from $26.00 (DTV PE 2GB storage) to $404.00 (DTV 64GB storage). Managed versions of DTV devices are just a few bucks more per-level. The DT4000 line ranges from $42.00 to $292.00, and again the managed versions are just slightly higher.
The 2011 Global Encryption Trends Study was published during RSAC 2012. Sponsored by Thales and conducted by the Ponemon Institute, the reveals that encryption is now seen as a strategic issue and that organizations are increasing their investment in encryption across the enterprise.
The study shows that the CIO, CTO or IT leader still tends to be the most important figure in deciding encryption strategy (39% of respondents), but non-IT business managers have an increasing role in determining that strategy (more than doubling since 2005 to 21% of respondents), demonstrating that encryption is no longer seen as just an IT issue but one that affects an entire organization.
The main drivers for deploying encryption solutions are to protect brand reputation (45%) and lessen the impact of data breaches (40%). Compliance is also a major driver for using encryption with 39% of respondents saying it is to comply with privacy or data security regulations and requirements.
Compliance is also driving increased budgets with the highest IT security spend dedicated to data protection in countries that rank compliance as the most important driver for encryption. Compliance is in fact the number one driver for using encryption in the US, UK and France.
Innovation in the Security Industry
This year’s “Innovation Sandbox” program featured interactive white boarding sessions and “Start-up Speed Dating”, matching venture capital professionals with early stage start-up company. Appthority was named Most Innovative Company at RSA Conference 2012 by Innovation Sandbox’s panel of judges.
“There was a great buzz, energy and attendee interest at this year’s event,” said John Summers, VP Security Business, Akamai. “It’s clear that security has moved up the business priority list and we’ve heard that directly from our customers on the floor.”
RSA Conference 2013 will take place February 25 – March 1 at the Moscone Center in San Francisco.
View SecurityWeek’s Photos Taken from The RSA Conference Here.
Other SecurityWeek RSA Conference News: