RSAC 2012: RSA Conference Live! (Day 3)by Steve Ragan - Mar 1 2012, 03:34
RSAC 2012: RSA Conference Live! – Day 3.
After back to back meetings on Tuesday, Wednesday is just as hectic. However the crowds have certainly picked up this year at the RSA Conference. Easily, there are at least 5,000 people in the area where this update is being written and the buzz of passive conversation between attendees and vendors, co-workers and competitors creates a somewhat (oddly enough) soothing white noise.
Over the last 24-hours The Tech Herald has had some interesting conversations. So for the Day 3 update, we thought it best to recap some of them. Also, keep an eye out for Jen’s image updates as she wanders the floor capturing the activities in high-definition.
Eric Chiu, the co-founder and President of HyTrust, sat down with The Tech Herald this afternoon to discuss four security essentials for cloud and virtual infrastructures. It was an enlightening conversation, so we wanted to share it here.
According to IDC, the top priority for IT is virtualizing their network environments. In order to properly scale and build out their environments, there are some basic considerations to address.
Access Control and Account Management
- “Having access to the virtual infrastructure gives you access to everything, in addition there are lots of administrators accessing the virtual environment with no separation of duties,” Chiu explained. His point being that this must be accounted for and secured.
Network and Endpoint Security
- “VMs have to be secured like any other endpoint, however companies are looking for virtualization optimized tools, such as agentless AV and virtual firewalls, which help them increase consolidation ratios,” he noted.
Configuration Management / Hardening
- “90% of downtime is caused by misconfiguration. In a highly dynamic virtualized environment, monitoring and maintaining the environment’s configuration is key to preventing un-needed downtime and security incidents linked to human error.”
SIEM / Log Management
- “Virtualization aware monitoring and logging tools are critical, in order to know what’s happening in the environment.”
Overall, the talk with HyTrust was productive. If you’re out at the show on Thursday and want to check them out, they will be doing a series of talks at booth #333.
Bit9 has launched their Advanced threat Protection Platform, which looks to stop attackers and their malicious applications from bypassing anti-Virus and other behavior-based protections. The reason for Bit9’s offering is the solid uptick in the number of personal and targeted attacks on the enterprise and SMB market, so they’ve come up with a trust-based offering that is designed to add an additional layer of protection to the network.
Bit9’s Advanced Threat Protection Platform comes with four essential components – Trust (proactive security that ensures the network is running trusted software), Detect (quick detection of risky files and users), Protect (trust-based application control and enforcement), and Measure (actionable intelligence reports for each protected endpoint).
Overall it’s a decent approach. We had a conversation with Bit9 earlier this afternoon, and will have more on them in a future story.
Research from DDoS and IPS provider Corero Network Security says that hacktivism isn’t to blame when it comes to DDoS attacks – based on what a study with 200 IT directors at mid-sized firms had to say on the topic. According to the study, when asked for the reason behind the DDoS attacks, more than half blamed the competition.
Conducted by Vanson Bourne, the research poll showed nearly two-thirds (63%) of IT directors were highly concerned about the threat of a DDoS attack with more than a third (38%) of the companies hit by at least one attack in the last 12 months.
As mentioned, contrary to the widespread belief that ideological and political motivation are the driving forces behind DDoS attacks, more than half (52%) of the companies surveyed that had been victims of a DDoS attack blamed “competitors looking to gain a business advantage.”
In contrast, ideology was blamed by enterprise IT directors surveyed for only 20% of the DDoS attacks.
“Hacktivists are a threat to anybody who touches on public policy, privacy around the internet and of late anybody in law enforcement, but the average business will never find itself in the sights of groups like Anonymous, whereas every business has competitors,” said Richard Stiennon, chief research analyst at IT-Harvest.
“These new low and slow application-layer attacks are ideal for competitors seeking to disrupt business activity,” Stiennon said.
Lastly, unfair business advantage was cited as the leading source of DDoS attacks reported by victim companies in each vertical surveyed: Financial Services (62%), Retail (47%) and Manufacturing (46%).
We’ll have more updates later this afternoon.