dcsimg
RealTime IT News

Looking Beyond Security as an Investment

IT managers and technicians will gather at the Computer Security Institute's (CSI) 29th annual conference and exhibition next week, to see the latest wares in the market and convince executives security is more important than a bottom-line consideration.

The conference runs Monday through Wednesday, with more than 150 security vendors pitching and demonstrating the latest firewall, anti-virus, intrusion detection system (IDS) and network security servers and software.

But according to Gene Spafford, professor of Computer Sciences at Purdue University and one of the keynote speakers at the conference, it's more than just a vendor opportunity; it's an opportunity to get the word out on the importance of corporate security.

Spafford is also the director of the Center for Education and Research in Information Assurance and Security (CERIAS), an organization that looks at a holistic approach to network security -- i.e., working with academics, governments and industry leaders. And while he sees improvement in the security arena, there's plenty of room for more involvement among the corporate leadership.

"The awareness is growing, more people are coming around," he said. "The problem is there are still too many people who view (security) as an investment with a specific return, rather than as a cost of operation that is an ongoing issue.

"You don't get to see the CIOs and CEOs, who should be hearing about some of this," he added.

Also speaking at the conference is Scott Charney, chief security strategist at Microsoft, who runs the software giant's controversial "Trustworthy Computer" initiative. He will speak to attendees and try to make a case for the company's commitment to security despite, or maybe because of, numerous security issues in its .Net framework, SQL and Windows applications.

Throughout the convention sessions ranging from "Keeping Management Interested in Information Security" to "Open Source ID Tools" to "Wireless Security - An Oxymoron" will be held to give IT managers and technicians more weapons for their corporate network arsenal.

In the background, security vendors will permeate the exhibition floor, many releasing the latest versions of their current product line and new applications to protect the network - cheaper, faster and more timely than in the past.

Companies ranging from IDS vendor ForeScout to IBM's Tivoli to popular downloadable patch developers BigFix will announce security enhancements throughout the course of the show.