Good event, some hype, lots of concerns Okay, it’s been a week since the RSA Security Conference 2012 so my window of opportunity for editorial comment is nearly closed. A few last thoughts:1. Big data and security. This was a topic full of constructive discussion and wild hyperbole at the show. I participated on a panel hosted by security beacon Eddie Schwartz from RSA along with analyst friends from EMA, Forrester, and Gartner, and there were at least 3 other panels during the show. I also discussed this topic with a number of vendors. Red Lambda is doing some interesting work and SAIC is taking its deep government/military/intelligence experience on big data security to the commercial market. There is no doubt in my mind that it would be beneficial to capture and analyze more data as it has the potential to give us a better understanding of “normal” activities and anomalous behavior. That said, the technology is immature, batch-oriented, and very technical. When you have to bring up a skill set like “data scientist” as part of the solution, you can certainly assume that this is a niche for the security elite. How many organizations want to become NSA-like?2. Big data and security at work today. If you want to see where this technology is going, talk to any vendor who offers some type of cloud-based reputation or anti-malware service. Think Blue Coat, Cisco, Kaspersky, McAfee, Symantec, etc. I met with Trend Micro CTO Raimund Genes and he described the cloud-based infrastructure for Trend’s Smart Protection Network. As I recall, Trend has something like 850TB of data on-line using big data technologies like Hadoop. Same thing with SourceFire’s FireAMP as it collects and analyzes endpoint security data in real-time. This is where the technology is headed but again, how many organizations want or need to do this. Seems like managed security players and cloud service providers will likely benefit from big data security momentum most.3. One more point about mobile security. I’ve blogged about the number of vendors trying to get into this market. Who is funding this group and why? I don’t get it. One interesting tidbit however. In all of my meetings, each vendor discussed supporting iOS and Android. Not one vendor had any intention on supporting Blackberry, and only one, Juniper, is publicly stating that it will support Windows 7/8 Mobile. As you probably know, Juniper CEO Kevin Johnson is an ex-Microsoft guy as are a number of other senior folks. Coincidence? Maybe, but unless Microsoft offers incentives to a lot of partners, mobile security vendors won’t offer support until their customers demand it. Interesting dynamic. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe