Hot Topics in Tech Security

SAN JOSE, Calif. — What are the hot topics and trends with enterprise
customers? Where are they putting their resources? Executives at the RSA
Security Conference here say the answer depends on who’s doing the talking.

Richard Palmer of Cisco Systems’s security technology group said
SSL-based VPNs are very hot.

In the firewall space, he’s detecting deeper
interest in inspection technologies and a greater focus on looking at
security on a systemic-based system on the hosting and networking sides.

“All these are integrated into services. The growth is spread out across
many product areas and focused on innovating in these areas,” he said during
a panel discussion during the RSA Security conference here.

Mike Nash, corporate vice president of the Microsoft security
technology unit, said customers are responding positively to Microsoft’s progress in making Windows more secure.

“The interest now is in more aspirational scenarios that require a higher
level of trust, such as authentication and authorization,” he said.

The top
security priorities for Microsoft? Nash said they include delivering
security improvements in both the next version of Windows Vista and its
Longhorn server suites.

At the same time, we’re making sure we improve core platform
capabilities, such as isolation, anti-malware technology and better network
isolation, he added.

“We’re doing a lot of work around making sure Kerberos
is a native and pervasive part of the Windows platform,
and especially in depending on multi-factor authentication.”

Looking ahead at next year, Thomas Noonan, chairman and CEO of Internet Security Systems (ISS), said the next-generation approach to security is
seeping into vendors’ wares.

“I think one of the things we’ll see is an
ability to actually feed these various products across the enterprise with
live services. I don’t mean patches that provide new [security] signatures,
but on-demand services that bring the security infrastructure to life in
extensible ways that had not been capable before.”

Another big trend we’re seeing, said Cisco’s Palmer, is that security is
no longer thought of in isolation terms. What we’re seeing is a greater
degree of participation across the IT decision-making unit in what to do in
the security space. And that’s a big change.

Art Coviello says the industry has kind of come full circle. About 10
to 15 years ago, customers were looking at best-of-breed technologies.

they wanted to buy suites. Now they want to buy best-of-breed suites. It’s
like they’re never satisfied.”

But there is logic in the shift.

“We’re seeing customers trying to
balance the equation between and among risk, convenience and cost:
convenience in helping end-users get to an application, but also administer
the app.

“When I think of cost, I’m talking about cost of deployment and
cost of the ongoing support. So the balancing of these equations leads them
to best-of-breed from larger, more established vendors.”

It’s also important to remember, he added, that “security is different
from almost any other technology application in the fact that there might be
overlapping solutions is a good thing, so you can ensure there are no gaps
in the security system that we’re all trying to develop.”

ISS’s Noonan added: “I personally believe that on-demand services or
online services are going to play a huge role in [security] because they’re
flexible, they’re extensible and the networks are reachable.”

News Around the Web