Collaborative security initiatives spark interest at RSA

SAN FRANCISCO— IT executives who flocked to the RSA Conference this week heard more evidence that enterprise networks are increasingly vulnerable, while cybercriminals are becoming better organized and more dangerous.
An estimated 250,000 computers are compromised every day by botherders, according to Robert Holleyman, president and CEO of the Business Software Alliance (BSA). The number of exploits is seven times higher than it was a year ago, and the cyberthreat is "growing exponentially,'' he said.

While vendors are rallying to improve enterprise security options, no one suggests it will be easy. A number of the 550 speakers at RSA highlighted the need for more industry collaboration to better fight the threats.

Microsoft championed the need for a new generation of secure systems, an idea that the company is calling end-to-end trust. Craig Mundie, Microsoft's chief research and strategy officer, called for industry cooperation to work out what protocols and formats will be needed to create these end-to-end trust systems, which could enable people to establish trust and disclose private information electronically in a manner similar to how it’s done in the real world.

Among the challenges are creating devices with hardware-based authentication, designing operating systems and programs that can talk to other programs about their own trustworthiness, and devising ways of keeping track of where data has been, Mundie said. "We need a lot of work; we can't just do this by ourselves," he said.

Separately, Art Coviello, executive vice president of EMC's RSA division, said that security systems have a long way to go before they are intuitive. "Existing security technology ... abounds with failures," he said. "Tools aren't even close to behaving the way that people think."

He called for a "thinking security ecosystem that works across all components of the infrastructure."
Toward that end, EMC highlighted its collaboration with Cisco at the show. The two companies announced plans to do more to combine network security technology from Cisco and data security tools from EMC's RSA division, focusing initially on data loss prevention, data center security, and data encryption and key management.

By joining together, the companies can cover everything from data centers and servers to individual employees' PCs, plus the network that connects them, said Richard Palmer, senior vice president and general manager of Cisco's Security Technology Group.

In a demonstration of RSA’s data classification technology working with the Cisco Security Agent (CSA), the companies simulated an employee accidentally trying to copy a document containing customer credit-card numbers onto an external storage device. CSA produced a pop-up warning to the employee that included a box where the employee could give a business justification for going ahead with the process. Another tool let the user clean out the sensitive information before copying the document. Lessons learned from such incidents, if they happened frequently, could point to changes in business processes, the companies said.