RealTime IT News

Hot Topics in Tech Security

SAN JOSE, Calif. -- What are the hot topics and trends with enterprise customers? Where are they putting their resources? Executives at the RSA Security Conference here say the answer depends on who's doing the talking.

Richard Palmer of Cisco Systems's security technology group said SSL-based VPNs are very hot.

In the firewall space, he's detecting deeper interest in inspection technologies and a greater focus on looking at security on a systemic-based system on the hosting and networking sides.

"All these are integrated into services. The growth is spread out across many product areas and focused on innovating in these areas," he said during a panel discussion during the RSA Security conference here.

Mike Nash, corporate vice president of the Microsoft security technology unit, said customers are responding positively to Microsoft's progress in making Windows more secure.

"The interest now is in more aspirational scenarios that require a higher level of trust, such as authentication and authorization," he said.

The top security priorities for Microsoft? Nash said they include delivering security improvements in both the next version of Windows Vista and its Longhorn server suites.

At the same time, we're making sure we improve core platform capabilities, such as isolation, anti-malware technology and better network isolation, he added.

"We're doing a lot of work around making sure Kerberos is a native and pervasive part of the Windows platform, and especially in depending on multi-factor authentication."

Looking ahead at next year, Thomas Noonan, chairman and CEO of Internet Security Systems (ISS), said the next-generation approach to security is seeping into vendors' wares.

"I think one of the things we'll see is an ability to actually feed these various products across the enterprise with live services. I don't mean patches that provide new [security] signatures, but on-demand services that bring the security infrastructure to life in extensible ways that had not been capable before."

Another big trend we're seeing, said Cisco's Palmer, is that security is no longer thought of in isolation terms. What we're seeing is a greater degree of participation across the IT decision-making unit in what to do in the security space. And that's a big change.

Art Coviello says the industry has kind of come full circle. About 10 to 15 years ago, customers were looking at best-of-breed technologies.

"Then they wanted to buy suites. Now they want to buy best-of-breed suites. It's like they're never satisfied."

But there is logic in the shift.

"We're seeing customers trying to balance the equation between and among risk, convenience and cost: convenience in helping end-users get to an application, but also administer the app.

"When I think of cost, I'm talking about cost of deployment and cost of the ongoing support. So the balancing of these equations leads them to best-of-breed from larger, more established vendors."

It's also important to remember, he added, that "security is different from almost any other technology application in the fact that there might be overlapping solutions is a good thing, so you can ensure there are no gaps in the security system that we're all trying to develop."

ISS's Noonan added: "I personally believe that on-demand services or online services are going to play a huge role in [security] because they're flexible, they're extensible and the networks are reachable."