HOME Software Network Security Wireless Latest News Contact Us
 
Events | News Feeds (RSS) | Articles | New Archive  
 
 
  Recommended Product
Network Security Audit Software
Network Security Audit Software and Computer Security Tools
  Learn More
 
 
  Network Security Software
Network Bandwidth Monitor

Network Bandwidth Monitor
NBMonitor displays real-time details about your network connections & bandwidth usage.
   
Network Access Monitoring

Network Access Monitoring
ShareAlarmPro monitors network access to shared folders and resources.
   
Product Key Finder
Product Key Finder

Product Key Explorer retrieves over 3000 software product keys from network computers.
   
Network Shares Monitoring

Network Share Watcher
Monitors network folders permissions and identify shares which are violating company data access policy.
 
 

Network Security News

RSA Conference: Security Issues from the Cloud to Advanced Persistent Threats

February 20 2011

A recap of the RSA Conference touches everything from cloud security to cyber-war.

The 20th annual RSA Conference in San Francisco came to a close Feb. 18, ending a week of product announcements, keynotes and educational sessions that produced their share of news. This year's hot topics: cloud computing and cyber-war.

The conference included a new session track about cloud computing, and the topic was the subject of the keynote by Art Coviello, executive vice president at EMC and executive chairman of the company's RSA security division. Virtualization and cloud computing have the power to change the evolution of security dramatically in the years to come, he said.

"At this point, the IT industry believes in the potential of virtualization and cloud computing," Coviello said. "IT organizations are transforming their infrastructures. ... But in any of these transformations, the goal is always the same for security—getting the right information to the right people over a trusted infrastructure in a system that can be governed and managed."

EMC's RSA security division kicked the week off by announcing the Cloud Trust Authority, a set of cloud-based services meant to facilitate secure and compliant relationships between organizations and cloud service providers by enabling visibility and control over identities and information. EMC also announced the new EMC Cloud Advisory Service with Cloud Optimizer.

In addition, the Cloud Security Alliance (CSA) held the CSA Summit Feb. 14, featuring keynotes from Salesforce.com Chairman and CEO Marc Benioff and U.S. Chief Information Officer Vivek Kundra.

But the cloud was just one of several items touched on during the conference. Cyber-war and efforts to protect critical infrastructure companies were also discussed repeatedly. In a panel conversation, former Department of Homeland Security Secretary Michael Chertoff, security guru Bruce Schneier, former National Security Agency Director John Michael McConnell and James Lewis, director and senior fellow of the Center for Strategic and International Studies' Technology and Public Policy Program, discussed the murkiness of cyber-warfare discussions.

"We had a Cold War that allowed us to build a deterrence policy and relationships with allies and so on, and we prevailed in that war," McConnell said. "But the idea is the nation debated the issue and made some policy decisions through its elected representatives, and we got to the right place. … I would like to think we are an informed society, [and] with the right debate, we can get to the right place, but if you look at our history, we wait for a catastrophic event."

Part of the solution is partnerships between the government and the private sector.

"One of the biggest issues you got—[and] unfortunately we haven't made enough progress—we need better coordination across the government agencies, and from the government agencies to the private sector," Symantec CEO Enrique Salem said. "I think we still work too much in silos inside the government [and] work too much in silos between the government and the private sector."

The purpose of such efforts is to target advanced persistent threats (APTs).

"Part of the problem of when you define [advanced persistent threats], it's not going to be like one single piece of software or platform; it's a whole methodology for how bad guys attack the system," Bret Hartman, CTO of EMC's RSA security division, told eWEEK.

"They're going to use every zero-day attack they can throw at you," he explained. "They are going to use insider attacks; they're going to use all kinds of things because they are motivated to take out whatever it is they want."

The answer, Hartman said, is a next-generation Security Operations Center (SOC) built on six elements: This vision includes six core elements: risk planning; attack modeling; virtualized environments; automated, risk-based systems; self-learning, predictive analysis; and continual improvement through forensic analyses and community learning.

Preventing attacks also means building more secure applications. In a conversation with eWEEK, Brad Arkin, Adobe Systems' director of product security and privacy, discussed some of the ways Adobe has tried to improve its own development process, and offered advice for companies looking to do the same.

"The details of what you do with the product team are important, but if you can't convince the product team they should care about security, then they are not going to follow along with specifics," Arkin said. "So achieving that buy-in to me is one of the most critical steps."

Sours From

View more news
 
  Most Popular
 
 
  Popular Searches
network security magazine network security auditor network security news network security software corporate network security network security systems home network security product key finder password recovery software Network Bandwidth Monitor Network Access Monitoring data access policy monitoring remote shutdown Network File Search key recovery Network Monitoring Computer Security Ethical Hacking Network Security Network Inventory Software
 

 

 Sponsored Links
Network Security Auditor
Nsauditor is a complete networking utilities package that includes more than 45 network tools and utilities for network auditing, scanning,network connections monitoring and more. For more information, please visit:
www.nsauditor.com

Password Recovery Software
SpotAuditor is All-in-one password recovery program that offers administrators and users a comprehensive solution for recovering passwords and other critical business information saved in users' computers. For more information, please visit:
www.password-recovery-software.com

BlueAuditor - Monitor YourBluetooth Network
BlueAuditor detects and monitors Bluetooth devices in a wireless network and allows network administrators to audit wireless networks against security vulnerabilities associated with the use of Bluetooth devices. For more information, please visit:
nsauditor.com/bluetooth_network_scanner.html
 
 
Home Software Security Wireless Latest News Contact Us