• United States



Contributing Writer

RSA Day #1: A Whirlwind of Activity

Mar 03, 20102 mins
Cisco SystemsData and Information SecurityMicrosoft

Lots of cloud hype -- a little bit of real wisdom

I’m in San Francisco at the RSA Conference, 2010. Attendance is up over last year’s recession version of the show and a more up-beat vibe all around.Of course, the smell of industry hype is also in the air in the form of cloud computing. RSA’s Art Coviello (amongst others), crowed about how the cloud was the ultimately destiny of Internet computing. Cisco announced an “always-on” cloud computing VPN. EMC, Intel, and VMware want “roots of trust” for cloud hardware. The good news is that we are talking about security as we develop cloud security so in theory, security may be “baked” into the cloud. The bad news is that we are talking about future and extremely hyped technology when we have serious security problems today. Will talking about Cloud Computing circa 2012 address today’s cybercrime problems? The industry needs to focus on addressing today’s threats or cloud computing will never arrive.On a more positive note, Microsoft’s Scott Charney stole the show yesterday. Unlike other speakers, Scott was more pragmatic by addressing things like quarentining infected PCs, government cybersecurity responsibilities and tactics, and public-private partnerships. Charney did mention cloud by declaring that identity and privacy are critical for cloud security (I wholeheartedly agree) and then announced that Microsoft has developed a new identity software framework called U-Prove and that it will be offering the code as open source for all to examine it and build upon it. Kudos to Charney and Microsoft to introducing real action into the marketing buzz.Finally, recently appointed cybersecurity coordinator Howard Schmidt visited RSA 2010 as well. Schmidt,no stranger to RSA as a security veteran, announced that the Obama administration will de-classify some of the Comprehensive National Cybersecurity Initiative (CNCI) as a move to build a public-private partnership to address cybersecurity. Long overdue but well done Howard.One additional note that is not related to RSA. Who is the Elliot Group and why is it willing to buy Novell? I have followed Novell forever and always believed in its technology but Novell is the technology equivalent of a cat with nine lives. In spite of many attempts the company never bounced back from its NetWare days. Someone at Elliot who makes way more money than me thinks that buying Novell is a good idea. Take it from someone who has lived in the technology trenches for 25 years. It’s not a good idea.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author