Typically, each conference has one prevalent theme: NAC, cloud security and APT are a few that we've seen in recent years. This year, no dominant theme emerged, which I think is an indicator that the security industry is in a transition period: enterprises are focused on restarting delayed security initiatives, many major vendors are focused inward on finishing or integrating recent acquisitions, and analysts are waiting to see which of the next crop of security startups will bear fruit.
Still, I thought it would be worth highlighting a handful of our most interesting takeaways, all of which you can read more about on our RSA Conference 2011 coverage page.
Signature-based antimalware ain't what it used to be: Signature-based antimalware, the cash cow for the big AV companies, isn't going away anytime soon, but the writing is on the wall in that "traditional" antivirus software is becoming less effective and, in turn, less important. It's time to start learning how to rely on better technologies, like heuristics, behavior-based detection and, yes, even whitelisting.
Microsoft smack in the middle of cyberwar campaigns: In my exclusive interview with Scott Charney, Microsoft's corporate vice president of Trustworthy Computing, he admitted the increasing number of nation-states seeking exploits in the software giant's wares to conduct Internet espionage contributed to Microsoft's record number of security bulletins in 2010. Even though Microsoft had no new security product announcements and a somewhat lower profile than usual at RSA, it was clear after my conversation with Charney that Microsoft is committed to being perceived as a leader and an innovator in information security, even if that means recognizing some unpleasant realities about today's threat landscape.
Some talking about IPv6 security issues; few actually listening: What happens when you transition to a new Internet Protocol system that has exponentially more address space? Well, nobody really knows yet, but the smart money says there will be a host of security issues that many aren't thinking about, one of which will be that IP address blacklisting will get a whole lot harder. Some would go so far as to say it fundamentally breaks vulnerability assessment methodology as we know it today. These are complex issues, and as addresses begin to run out and IPv6 becomes the only alternative, I was surprised not to hear more widespread concern.
How risky is my cloud?: Finally, there was still plenty of talk about cloud computing security, everything from contracts to compliance and virtualization. And, in case you missed it, we've consolidated all of our secure cloud coverage to our newest website, SearchCloudSecurity.com. Check it out.
One last note, if I had to put in my early wagers on the RSA Conference 2012 theme, it would be mobile device management. If, as somebody predicted, mobile attacks increase and data loss results, there will be a rapid rise in demand for security tools to manage, monitor and enforce policy on a variety of mobile platforms.