Targeting cyber crime and cyber terrorism

Alex Teh reports back from this year's RSA conference

I have just returned from this year’s RSA conference in San Francisco. Now in its 20th year, the event continues to be a massive draw for information security professionals around the world and a must-attend in the security industry events calendar.

As it was our first year attending, I was keen to see what the big themes were, if there will be any impact on this side of the Atlantic, and what will be most important for the market.

One theme was how best to manage the rise in consumerism in the workplace, which has been underlined by the prevalence of devices such as iPads, iPhones, smartphones and personal digital assistants.

The big talking point was how organisations can manage these blurring boundaries between work and home use of consumer technologies, and protect the corporate network when employees expect to be able to connect their personal devices.

We will need a new rule book to manage this shift and corporate policies will have to be adapted to provide services securely to these non-corporate machines.

Meanwhile, many new vendors such as Palantir are beginning to target cyber terrorism and cyber crime threats – involving devices such as Trojans, Man-in-the-Browser or Man-in-the-Middle attacks – as a viable market for 2011.

Change in the threat landscape, alongside increasing sophistication and targeting of those threats, shows no sign of abating. This will drive the need for new weapons.

In the UK, as in the US, we are likely to see highest demand from those most at risk, in verticals such as the police, central and local government, banking and financial services.

There was also considerable discussion about how to mitigate the internal threat and the security risks posed by the insider. I predict that we will need to learn from the high-profile insider incidents – not only with solutions that set policy around who is logging on to the network, and what they are accessing, but also who is watching the watcher and keeping them accountable.

It is important to be able to audit and report on privileged user or administration access. This ensures that changes made to the security policies on core security products adhere to enforceable standards and the rights are not abused.

Although there has been lots of talk about PCI DSS in the UK, I saw a marked difference in the prominence it is given in the US. This was doubtless because the first fines for non-compliance have already been levied in the US. However, UK resellers should take heed: PCI DSS compliance is driving demand here and businesses will continue to look for partners that can offer specialist support in this area.

Unsurprisingly, most of the vendors were promoting their cloud-based solutions heavily, or at least branding their solutions to fulfil the marketing hype around the cloud. While I did not see too many new entrants to the cloud security market, all the big vendors were showcasing cloud versions of their existing tools.

All these issues will resonate in the UK, but the big talking point was the changing nature of cyber crime and the rise of cyber terrorism. We are likely to see this creeping up the agenda and driving the market in the UK.

With the government now responding to the threat of cyber warfare, organisations may well revise their opinion on the reality of targeted attacks and ensure they are adequately protected.

Alex Teh is commercial director of Vigil Software