RSA chief executive Art Coviello on the future of security

Security bigwig opens up about the current challenges facing the security market and how resellers are coping

By Hannah Breeze

More from this author

13 May 2013

Comments

  • Digg
  • Tweet
Art Coviello is chief executive of RSA

Last week at EMC's Global Partner Summit, security division RSA told the channel that there was a big opportunity for them to ease customers' security concerns.

RSA's chief executive Art Coviello (pictured) said the market is "angry and confused" with the increasingly changing state of security, and later on in the conference, he opened up further about what is happening and how VARs can help.

Coviello on... the key issues facing the security market at the moment:
Believe it or not, we almost have too much awareness [of security risks]. Awareness is not necessarily a bad thing, but what we don't have accompanying [it] is a good level of understanding. Hardly a day goes by that you don't see some article about a breach, a credit card stolen, [a] website defaced; but we never quite get it in perspective.
We in the industry do a lot of this stuff to ourselves. In other words, we overhype the situation. [The] former [US] defence secretary [Leon] Panetta would say ‘we are in danger of a cyber-Pearl Harbour' – really? I have been hearing cyber-Pearl Harbour since 2001 and it is almost one of those things like the boy who cried wolf. When the wolf ultimately came, no one listened to the boy any more.

The impact new technologies are having on security
It is the attack surface that is emerging more and more as a problem for us. When Paul Maritz, Pat Gelsinger or Joe Tucci get on stage and talk about the opportunities for big data and mobility and how exciting it will all be, if you're in security, you get a migraine. Because all that represents to us is a continuing broadening of the attaseo-headacheck surface.
Compounding that is the threat environment, and the combination of those two means the model of security we have used for more than 20 years – since the first virus appeared – is obsolete and that we need to adopt a new model. RSA is leading the way of the adoption of that model with our tech and point of view.

What the future holds
Once we get to 2020, all that unstructured [and structured] data is going to be a rich opportunity for companies to mine that data and do great things with it. But it also represents a treasure trove of opportunity for attackers to go after that very information... as soon as you introduce a web application, you create an opening into your infrastructure.
In 2013 the common [phrase] is ‘there's an app for that', and by 2020 there will be big data applications everywhere mining that rich content. This year there are roughly 2.4 billion people connected to the internet through PCs and mobile devices, [and] there will be another billion devices connected this year – cars, vending machines, smart meters. By the end of this decade, there will be 200 billion devices connected [to the internet].
We are beginning to see how wide the attack surface is getting... this is the biggest problem we face as security practitioners. The threat environment is getting a lot more hostile.

How security attacks are changing technically
In 2007 we were worried mostly about intrusion attacks but one of the interesting things about the threat environment is that malware has not significantly changed. All malware in the world today is mostly the same stuff being recycled, basically to evade increasingly ineffective virus controls. The difference in the threat environment is the threat methodology.
Malware that these criminals [use] is so pervasive and prolific that it is gathering so much data that criminals have a big data problem! Don't you feel bad for them?

Whether resellers are ready to embrace RSA's new model and products
I would say the answer is yes and no. When you talk about transformation, Joe [Tucci, EMC's chief executive] talks about going from platform two to platform three; we are seeing indications of lots of resellers grasping that they have to change. They have to change delivery models and have more and more thumbs-up-downspecialist expertise. Many of our resellers and partners are making this move, but I suspect some won't make the move fast enough.
Our job is to educate them and help them make the move because, many of those service providers will be extremely important to compensate for the skills shortage that I talk about. It's a mixed result at the moment.

blog comments powered by Disqus

Will Nick Clegg's TechNorth initiative help boost growth in the northern tech industry?

4%

15%

74%

7%

Updating your subscription status Loading

Popular Threads

Powered by Disqus
graduate-dv1850052

CRN on Education

Leading channel figures report on market trends at our recent event focused on the education market

crystal-ball2

Sponsored Q&A: MAXfocus on the future of managed services

Dave Sobel, Director of Partner Strategy, looks at what makes a good MSP

No matching document
fragment image

Don’t let your customers suffer from heat exhaustion

IT virtualisation - the engine behind cloud computing - can have significant consequences on the datacentre physical infrastructure (DCPI)

fragment image

Advanced evasion techniques for dummies

Given the changing threat landscape - with growing security threats, cybercrime and compliancen regulations - we need to rethink traditional security models


The Editors dairy blog

The editor's diary

The bitter taste of success

As we look back on another CRN Channel Awards, the comments made by a selected few have made me ANGRY

Dave the dealer blog

Dave the dealer

Salad dodger

Dave reports on fish-mad execs, tablet-wary footballists, chatty Chinese teens, and generous teachers

View from the channel

Views from the Channel

All that glitters ain't Gold

Exclusive Networks' Barrie Desmond says some vendors are missing the point when it comes to partner programmes

To send to more than one email address, simply separate each address with a comma.