« Healtcare protection is getting teeth by 2010 | Main | Together, LogLogic and Exaprotect will leapfrog the competition »
Coviello from RSA on inter-operability to reduce cost of Security
The best security is inter-operable and ultimately embedded
Art Coviello, EVP EMC Corporation and president RSA, the Security Division of EMC today delivered a key note at the America’s Growth Capital Security Conference.
Art summarized the priorities of the Chief Security Officer community:
- Reduce the cost of security
- Make the enterprise more secure
- Help with governance, risk, compliance
5% of IT spending is being spent on security – the costs of security are out of hand because of the increase in the number of web applications, the amount of information that needs to be protected. Over the same time period the fraudsters have become much more sophisticated.
How can you get the cost of security down? Art shared that he is not a believer in a big inter-galactic governance, risk and compliance, but rather recommends that organizations automate smaller pieces of the puzzle and then ensure those pieces inter-operate. LogLogic agrees and is the first to have released a product that automates a piece of the governance, risk and compliance puzzle: the review of monitoring controls.
Art also gave an example about inter-operation from the security event management industry:
“Picture a security information event management system that can correlate from a vulnerability system and tie that to data loss prevention and identity based information. It would be great if you can see a Sharepoint site with unencrypted information on it and important information and the server hasn’t been patched for a month and you know that you don’t have a high level of assurance and trust for the person who is accessing that site.”
In the case of LogLogic, our partnership with Exaprotect is aimed at achieving correlation Nirvana as described above.
Art’s end-vision for security goes beyond inter-operability to a world where security is embedded into the overall IT infrastructure. Art said two years ago that security industry would come to an end. The idea being that the more you can embed security (and integrate it into the overall operations) the better you will be able to react to the circumstances at hand and the external threat landscape.
Clearly the security industry is still thriving (and Art still has a job), but Art’s points on inter-operability are very well taken and open standards are the key to success securing a dynamic IT infrastructure, especially in the age of virtualization and cloud computing.
Posted April 20, 2009 in | Permalink
August 2010
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 |
Categories
Archives
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
Blogroll
Blogroll
Compliance
Good Reading
- Internet and Web Security Review
- Log Management ROI
- Log Management Best Practices
- SANS Institute Log Management White Paper