RSA Conference 2012 sneak peek: cloud, big data, and mobile
RSA conference in San Francisco Feb. 27 through March 2 will focus on securing mobile devices, cloud computing, and using security event data for defensive insight
February 22, 2012 — CSO —
There are fewer topics stirring bigger buzz among information security professionals than big data, cloud security, and mobile. So it's no surprise that those topics will dominate the discussions this year at the RSA Conference 2012.
"One of the terms that has exploded onto the agenda this year is big data," said Dr. Hugh Thompson, program committee chair for RSA Conferences on a conference call for reporters and analysts last week. "Can [big data] help us to be smarter about how we defend, and how we identify malicious activity?" he asked.
Great question. And there will be a number of big data sessions at the conference that will aim to provide answers, from Forrester analyst John Kindervag's session Managing Advanced Security Problems Using Big Data Analytics to Big Data and Security: The Rules Have Changed, moderated by CSOonline's Managing Editor Bill Brenner.
"Big data is a huge topic," said Kindervag. "It's a real opportunity for IT security to not just be the aggregators of the data, but to use the data to uplift the security of users and applications," he said.
Kindervag said that big data could provide enterprises the ability to do simpler things better, such as capacity planning, in addition to increasing security better by utilizing the data from the perspective of both security and network teams. "That's very exciting," he said.
But it also isn't without additional risks. "There is a lot of toxic data in those [big data] repositories, and that could make it easier for attackers to steal our data if they can get ahold of it. We will be looking at both sides of those issues," he says.
Of course cloud computing will be big again. The Cloud Security Alliance (CSA) is holding its third summit this year, where the group will discuss cloud security standards, with presentations that will tackle challenges around international security standards, cloud brokers, and securing various cloud architectures.
"The tools to manage cloud are growing more mature," says George Reese, CTO of enStratus, who adds that the discussion this year should move away from 'what type of cloud is more secure than another' to how to best manage and secure one's architecture.
The risks and security issues created by the mobile devices that enterprise users use to log onto those cloud services will also be scrutinized. "Employees often carry four devices at any one time—how do companies manage these things?" asked Thomson.