Lots of cloud hype -- a little bit of real wisdom I’m in San Francisco at the RSA Conference, 2010. Attendance is up over last year’s recession version of the show and a more up-beat vibe all around.Of course, the smell of industry hype is also in the air in the form of cloud computing. RSA’s Art Coviello (amongst others), crowed about how the cloud was the ultimately destiny of Internet computing. Cisco announced an “always-on” cloud computing VPN. EMC, Intel, and VMware want “roots of trust” for cloud hardware. The good news is that we are talking about security as we develop cloud security so in theory, security may be “baked” into the cloud. The bad news is that we are talking about future and extremely hyped technology when we have serious security problems today. Will talking about Cloud Computing circa 2012 address today’s cybercrime problems? The industry needs to focus on addressing today’s threats or cloud computing will never arrive.On a more positive note, Microsoft’s Scott Charney stole the show yesterday. Unlike other speakers, Scott was more pragmatic by addressing things like quarentining infected PCs, government cybersecurity responsibilities and tactics, and public-private partnerships. Charney did mention cloud by declaring that identity and privacy are critical for cloud security (I wholeheartedly agree) and then announced that Microsoft has developed a new identity software framework called U-Prove and that it will be offering the code as open source for all to examine it and build upon it. Kudos to Charney and Microsoft to introducing real action into the marketing buzz.Finally, recently appointed cybersecurity coordinator Howard Schmidt visited RSA 2010 as well. Schmidt,no stranger to RSA as a security veteran, announced that the Obama administration will de-classify some of the Comprehensive National Cybersecurity Initiative (CNCI) as a move to build a public-private partnership to address cybersecurity. Long overdue but well done Howard.One additional note that is not related to RSA. Who is the Elliot Group and why is it willing to buy Novell? I have followed Novell forever and always believed in its technology but Novell is the technology equivalent of a cat with nine lives. In spite of many attempts the company never bounced back from its NetWare days. Someone at Elliot who makes way more money than me thinks that buying Novell is a good idea. Take it from someone who has lived in the technology trenches for 25 years. It’s not a good idea. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe