RSA 2011 Conference, San Francisco, February 2011
Fortinet pioneered the concept of consolidating multiple security technologies in a single device, according to Patrick Bedwell. The simple firewall later evolved into a complex gateway incorporating firewalls, intrusion protection, applications controls and anti-malware, resulting in multiple layers of protection. The company announced its new Active Profiling solution at RSA, which enables networks to monitor traffic, quarantine it or block individual users. Bedwell is optimistic that Fortinet’s integrated technology solution can enable customers to keep up with the next big thing.
The core business of Lieberman Software is enterprise management of privileged identities, according to Philip Lieberman -- specifically, of privileged identities such as root and administrator. The company also has a series of point solutions used to manage local identities, services, scheduled tasks, as well as password synchronization. But the most exciting thing the company is showing at RSA 2011, says Lieberman, is the integration of privileged identity management with SIEM, which he describes as a huge advancement, fulfilling the promise of what SIEM and logger systems are supposed to do.
In the opinion of Sandra Toms LaPedis, the two predominant themes of the 2011 RSA Conference are Cloud Security and Cyber Warfare. She described the keynote on Cyber War as having a great cast of “people in the know,” including Michael Chertoff, former head of DHS, Mike McConnell, former director of the NSA and Bruce Schneier, prolific writer and “voice of the audience” on the panel. This year’s RSA features 17 different tracks, 300 exhibitors and new sessions on professional development. One of Ms LaPedis favorite keynotes, she says, is always the cryptographers’ panel, which dates back to the origins of RSA 20 years ago.
According to Mark Seward, Splunk is an IT Data Engine that is involved with Security Compliance, Aplications Management Monitoring, Business Intelligence and Web Analytics. Government customers include about 75% of federal agencies, with strong representation in state and local government as well. Seward says that “Advanced Persistent Threat” is one of the largest buzz items on the agenda. He also cites “Splunk for FISMA,” showcasing NIST Standard 800-137, describing what continuous monitoring means and how continuous monitoring controls need to be operationalized.
Jay Kim, Founder and COO, says that Data Locker produces a line of hard drive encryption solutions for government, military and Fortune 500 customers. The company’s products include the Data Locker Enterprise and the Data Locker DL3. He adds that the DL3 is the only hard to receive FIPS validation for the entire implementation, and it is becoming the de facto standard for the government and military. The DL3 has a patented touch-screen interface which makes it platform independent, and features two factor authentication, rapid deployment and a self-destruct mode.
James Lyne, Senior Technologist, says that Sophos’s new anti-malware and data encryption products were created to “keep the bad code off people’s computers.” He describes present cyber security threats as the third wave of malicious code, in which the bad guys include gangs in Russia, organized hackers in China and state-sponsored criminals who, with more resources than most governments and vendors, use back door access to computers with malware that target critical infrastructure and allow intellectual property to be stolen from some of the world’s largest corporations. Without more behavior-based solutions, public-private collaboration and real simplicity that solves one problem at a time, he believes we are on a trajectory to fail to deal with the bad guys’ new tricks.
Jody Mack, Director of Business Development, explains that Vanguard, as a provider for enterprise software, services and training for the IBM Z-series, helps government agencies and enterprises solve complex security and compliance challenges. The company’s automated software solutions include operations security tools, audit and client reporting tools and intrusion management tools. Ms Mack describes the company’s new Vanguard Configuration Manager and other tools that provide the continuous monitoring required by OMB and government regulations.
Spyrus is a manufacturer of PKI, Cryptography and Authentication devices that are designed, built and manufactured in the U.S by vetted personnel in a cleared facility, according to Ron LaPedis, Director Product Marketing. The company’s flash drives, used in dealing with unconnected networks, are all encrypted to avoid the loss of data in transit, and use Suite B cryptography (classified up to top secret). At RSA 2011, Spyrus announced its Secure Pocket Drive with Windows 7 operating system – providing a totally secure environment at a time when 20% of the federal work force can work remotely.
Joe Fantuzzi, CEO, says Agiliance allows organizations to manage risk in real-time by making risk visible, actionable and measurable for all business units, IT and security operations -- enabling executives and CEOs to remediate, prioritize and reduce threats to levels that are acceptable. Agiliance uses virtual vulnerability scans to determine which assets may be vulnerable, to find out what events have attacked the assets and to prioritize the threats, which are then remediated through ticketing management and patch management before moving on to the next priority.
Dr. Thompson, RSA program committee chairman who is also a Columbia University professor and much published security expert, points out that RSA is now 20 years old, but the industry is still “incredibly young”. One of the key issues in 2011, he says, is the “partial trust” issue, as it relates to customers, employees, insiders, at a time when we are voluntarily relinquishing “perimeter protection” for IT security through mobile devices and social media. Thompson enumerates the many innovative RSA program features and its intensive system for selecting speakers and topics.