At the RSA Conference in San Francisco, it’s all security, all of the time. When one topic is the only focus over such a short period, it becomes easy to see current trends. Here are three that have caught my attention:
1. Advanced persistent threats (APTs) – APTs will continue to be an issue for enterprises in 2013 and beyond. The machine layer of defense is excellent at catching threats that are known ahead of time, where rules can be written, filters created and bad things can be “bucketed” from good things. Sometimes a human eye is brought in to spot things computers don’t “see” so easily. In a perfect world, that is enough.
But the significant problem is the A in APT. Advanced threats haven’t been identified, and only by collecting all data available and using user and machine activity monitoring can these threats be identified and blocked.
2. Bring Your Own Device (BYOD) – BYOD brings problems as well when people using their own devices can break any policy at any time. Enforcing policies across disparate devices (some more secure, some more vulnerable) requires monitoring of systems and user activity. [Read more...]