Coviello from RSA on inter-operability to reduce cost of Security
The best security is inter-operable and ultimately embedded Art Coviello, EVP EMC Corporation and president RSA, the Security Division of EMC today delivered a key note at the America’s Growth Capital Security Conference. Art summarized the priorities of the Chief Security Officer community:
- Reduce the cost of security
- Make the enterprise more secure
- Help with governance, risk, compliance
5% of IT spending is being spent on security – the costs of security are out of hand because of the increase in the number of web applications, the amount of information that needs to be protected. Over the same time period the fraudsters have become much more sophisticated. How can you get the cost of security down? Art shared that he is not a believer in a big inter-galactic governance, risk and compliance, but rather recommends that organizations automate smaller pieces of the puzzle and then ensure those pieces inter-operate. LogLogic agrees and is the first to have released a product that automates a piece of the governance, risk and compliance puzzle: the review of monitoring controls. Art also gave an example about inter-operation from the security event management industry: “Picture a security information event management system that can correlate from a vulnerability system and tie that to data loss prevention and identity based information. It would be great if you can see a Sharepoint site with unencrypted information on it and important information and the server hasn’t been patched for a month and you know that you don’t have a high level of assurance and trust for the person who is accessing that site.” In the case of LogLogic, our partnership with Exaprotect is aimed at achieving correlation Nirvana as described above. Art’s end-vision for security goes beyond inter-operability to a world where security is embedded into the overall IT infrastructure. Art said two years ago that security industry would come to an end. The idea being that the more you can embed security (and integrate it into the overall operations) the better you will be able to react to the circumstances at hand and the external threat landscape. Clearly the security industry is still thriving (and Art still has a job), but Art’s points on inter-operability are very well taken and open standards are the key to success securing a dynamic IT infrastructure, especially in the age of virtualization and cloud computing.
- christophe.briguet's blog
- Login or register to post comments
- Feed: LogBlog
- Original article
User login
Current Poll
Developer Resources
Active Forum Topics
- Restrictions on the Virtual Appliance
- Sample the LogLogic API Realtime dashboard
- Random Tech Preview performance data
- Great tool for testing the tech preview
- Download Instructions for Tech Preview
- Getting Started With .NET
- wrong log type format error
- Lasso 4.0.5 doesnt work.
- Simple Installation
- Simple Installation
Recent Comments
44 weeks 1 day ago
44 weeks 3 days ago
51 weeks 17 hours ago
1 year 3 weeks ago
1 year 8 weeks ago
1 year 9 weeks ago
1 year 11 weeks ago
1 year 13 weeks ago
1 year 14 weeks ago
1 year 15 weeks ago