Full RSS Feed
Receive
the Free CMSWire NewsletterThis week was always going to be about the San Francisco RSA conference. This year, the big theme has been cloud security and how security, cloud computing and deployments are intrinsically linked. RSA’s Chairman Art Coveillo had some interesting things to say, as well as news of integrations between McAfee and RSA. But there are others there, too, such as Symantec, Modulo and Qualys.
Security and the future of Cloud Computing
Apart from some of the releases around the cloud and cloud security at the RSA conference, there were a couple of notable interventions, not least of which was the one from RSA chairman Art Coviello, who addressed the one issue that needs to be resolved before general cloud adoption: Security.
We all know that concern about information security is one of the major issues holding everything back, but Coveillo said it doesn’t need to be this way, with industry-wide cooperation.
Companies are always going to compete, he said, but, generally speaking, they will need to cooperate to establish standards and best practice so that cloud deployments are less stressful, security-wise, for enterprises.
In his keynote address, entitled Trust in the Cloud: Proof not Promises, he said:
We now recognize the limitations of perimeter defenses, and the need for information-centric security having become conventional wisdom … [However] to be cost-effective, security infrastructures must be grounded in a thorough understanding of risk, balancing the elimination of threats with materiality and probability.”
New threats can be balanced by an industry-wide “cooperative ecosystem." Vendors, he added, “must integrate technologies, industries must share best practices and threat intelligence and governments must cooperate with one another and with the private sector.”
Ultimately, security is about getting the right security to the right people, with virtualization technology a core element of this.
Virtualization, he explained, can give the industry better control and industry-wide visibility, which is ultimately the only way to protect against information threats. Security needs to be logically information-centric, built-in and automated, risk-based and adaptive.
You can almost feel the tears welling up in your eyes at the thought of such widespread cooperation between competing companies, but whether it actually happens remains to be seen. Cloud competition is tight and the idea of companies offering technologies — which might give them an edge — to competitors seems a bit idealistic.
RSA and McAfee Extend Partnership
Moving on, there's more from RSA (news, site) — an announcement that it and McAfee (news, site) have announced a technology partnership that in a way suggests the kind of thing Coviello is talking about.
The partnership will offer integrated solutions designed to help users address complex security problems, lower risk, improve compliance and ensure data security across the IT infrastructure.
By formally joining each other's interoperability partner programs, McAfee and RSA are kicking off joint development efforts that will offer customers combined solutions from both industry leaders to harness IT security and event data and to deliver a comprehensive view of security risk.
Continue reading this article:
Email It
