Infrastructure // Networking
News
2/6/2007
03:22 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%
Repost This

RSA's Coviello Predicts Security Consolidation

Security has been too focused on imposing limits rather than lifting them, according to Coviello.

Speaking before a packed house of computer security professionals at the RSA Conference in San Francisco, Art Coviello, president of RSA, the security division of EMC, on Tuesday predicted the demise of the standalone security industry within three years.

"The value of security as a standalone solution is diminishing," Coviello said.

Security, said Coviello, has been too focused on imposing limits rather than lifting them, never mind that this mantra has been used by many companies to explain how they'll adapt as collaboration and connectivity replace walls and silos. "Security needs to be inextricably linked to business strategy," he said.

Coviello pointed to the acquisition of ISS by IBM and EMC's purchase of his own company as a sign of things to come. And as if to hammer home the point, RSA said on Tuesday that it had agreed to acquire Hyderabad, India-based Valyd Software and to establish strategic partnerships with security companies CipherOptics, Decru, NeoScale Systems, and Epicor|CRS.

For those who have been paying attention to Microsoft's security acquisitions and its considerable efforts to build security into its new Vista operating system, or to Symantec's objections to Microsoft's moves, the writing has been on the wall for some time: Security is becoming the province of the big infrastructure players like Cisco Systems, EMC, IBM, Microsoft, and Oracle.

Coviello arrived on stage following Microsoft chairman Bill Gates -- and he risks matching Gates' record as predictor of the future. Recall that in 2004, Gates predicted "spam would be solved" by 2006. At the 2004 RSA Conference, Gates also said passwords would fade away, an assertion repeated at the 2006 RSA show, in three to four years thanks to Vista.

But Coviello's foresight is more firmly grounded in hindsight, given that security industry consolidation is readily evident and that the traditional model of perimeter protection has largely been supplanted by a defense in depth strategy.

"Static solutions aren't enough for dynamic attacks," said Coviello. To support his point, he spoke of the professionalized, profitable cybercrime industry. There's a $1 billion market for stolen identities, he said, citing IDC research. Malware has risen by a factor of 10 in the last five years, he said, citing Yankee Group research. And the antivirus industry catch rate of 70% isn't good enough, he said.

That's fairly convincing stuff. It's certainly enough to motivate ongoing security spending, for those unmoved by ongoing data breach headlines. But it remains to be seen whether the cure is worse than the problem. The approach to security that Coviello described -- an information-centric strategy in which data and networks are protected at all times by layered, active defenses -- sounds more like a hindrance to productivity than something that will get more information to more people at the right time.

Coviello's vision could be described as ubiquitous, always-on digital rights management, and, true enough, something of the sort could keep data safe. But it also could keep data from being useful. Simply put, the inherent tension between access and control won't be resolved through mere mergers.

Adding the digital equivalent of guard dogs, bodyguards, cameras, motion sensors, ID checks, and bear traps to corporate networks may instill a sense of security. Just don't count on getting anywhere with ease.

Comment  | 
Print  | 
More Insights
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.