The RSA Conference is expected to be bigger and better than ever this year—more booths, more vendors, more technical sessions and keynotes.
But I have to ask the question: “Are we as IT practitioners better off now than we were 4 or 5 years ago?” There are a lot of people at the show who worry that the old approaches aren’t working and next generation solutions have not clearly come into focus. I do think, however, there are reasons to be cautiously optimistic.
Join me for a live broadcast from the RSA show floor on Wednesday, February 27 at 10:30 AM PT as I discuss what I’m seeing at the RSA conference and what it means for the IT Security industry. We’ll be taking your questions live via Twitter and Google Hangouts. Read More »
Guest post from Steve Boutelle, VP, Business Development, Global Government Solutions, Cisco.
Cybersecurity and innovative IT solutions play a central role in the National Defense Authorization Act (NDAA) for the 2013 fiscal year, highlighting the military’s increasing reliance on IT. In order to address new and evolving threats today and into the future, the DOD is challenged to develop a strategy to acquire next-generation host-based cyber-security tools and capabilities that go beyond current anti-malware and signature-based threat detection.
Government information systems today are more sophisticated and globally integrated than ever before, and attacks are growing in frequency and complexity. The challenge of data protection is constantly increasing in scope. While government organizations have always needed to secure confidential information, changes in information technology models have introduced new stakeholders, new threats and new regulations. As a result, government organizations need to think beyond the traditional models of securing the perimeter and locking down specific segments of IT infrastructure. For example, the risks of unauthorized access to data in the cloud can be mitigated through the use of next generation technologies.
This year’s AFCEA CYBERSPACE Symposium is themed, “Cyber – The New Center of Gravity.” The event serves as a key opportunity for interaction between industry and government to explore this new domain that has become the center stage of national defense.
At the event, I will be moderating a panel, “Securing the Cloud,” featuring Bret Hartman, CTO, Security Office, Cisco and leaders from Lockheed Martin, ThreatMetrix and Terremark. The panel session will explore current and future technologies for addressing government concerns about new threats targeting the cloud.
By ensuring the integrity, confidentiality, and availability of critical information that flows through today’s cloud-based infrastructures, new and emerging technologies enable government organizations to reduce risk, demonstrate compliance, enhance agility and pursue strategic goals with greater confidence. This panel will be an opportunity for attendees to learn more about a wide variety of current and future technologies that address cloud security challenges.
A month from now, thousands of cyber security friends, colleagues, professionals, hackers, defenders, sellers, buyers, old timers, and newbies will descend on San Francisco for the 2013 RSA Conference. We will challenge one another about what has changed, create new topics and new words to describe the previously indefinable, scare the heck out of each another, and ask the same questions…often: “What’s changed in the last year? Is it better? Is it worse? Is it new?”
“Security in Knowledge” is an apt theme for this year’s RSA. It resonates with me, given my very strong opinions that no company can effectively manage cyber security alone, either people-wise or data- and information-wise. Can any organization analyze 13 billion web requests per day? 150 million endpoints? A daily deluge of 75 terabytes of incoming data? You can’t cope with that yourself. We need to move to crowd-sourcing security, creating security knowledge, and ultimately increasing effectiveness rather than watching the ship continue to take on water at intermittently slowed rates. Read More »
A couple of days ago, I participated in a Social Video Broadcast about cyber security survival tips for the holiday season. Some of my advice is familiar. Use stronger passwords, apply the “smell test” to too-good-to-be-true on-line offers, read the manual—especially the parts about account set up and security—when turning on a new device. Others are a little less well known. I keep a separate credit card account with a low spending limit for on-line purchases. Ask your Sys Admins if it is OK to connect a new “BYOD” device to an enterprise network when you return to work in January.
But the most important advice I offer is to slow down and think before doing anything that might subject you to cyber mayhem. Technology, and the Internet in particular, has programmed us to rush through life. But the best way to make it into to the Cyber Security Victims Hall of Regret is to lose your sense of situational awareness by clicking on anything that moves. This needn’t lead to paralyzing indecision. But taking a moment to ask: “Is this for real? Is this wise? Why does that look funny?” will spare you from a lot of harm in the holiday season.
The infamous Maginot Line was a defensive countermeasure developed by the French Army to protect the Franco-German border. It was an enormous structure and while referred to as a line, it was extremely deep and varying in depth between 12 to 16 miles. The defensive structure was completed in 1939 at the estimated cost of 3 billion French Francs or today’s equivalent of nearly 50 trillion Euros.
While the Maginot Line successfully prevented a direct attack, the travesty of this investment and strategy was that German Army simply flanked the line through the Ardennes Forest via the Low Countries.
This analogy is the basis for our upcoming National Town Hall on Cyber Security Broadcast on October 25, 2012 at 2PM ET/11AM PT. Companies and Federal, State and Local Governments have invested significant funds in creating perimeter defenses to defend their information systems from Internet born threats; yet these threats are continuing to bypass these defenses at an alarming rate and wreak havoc once inside. In collaboration with the 1105 Media, Cisco has assembled a panel of cyber security thought leaders and experts to discuss this growing trend. Thought leaders from Forrester Research, The SANS Institute, The Multi-State Information Sharing and Analysis Center, Patent and Trade Mark Office and Cisco will provide their thoughts and experiences with regards to this topic.
If you’re interested in tuning into this broadcast please register at the following link: