Dynamic Security: Wave of the Future?

RSA has extended some of these "dynamic" pattern checks to online banking, Coviello said.

"We look for your IP address and certain idiosyncrasies of your computer, then we look for the types of transactions that you engage in.  We then use those consistencies in those transactions to identify you as the correct user," Coviello said.

Is this "business intelligence" per se, or is it something else? "It's absolutely that," Coviello said. "It's not what I'd call 'artificial intelligence,' but it's a way of taking what's there and using it to protect people."

Coviello said RSA is now applying information-centricity directly to all its new security products, adding that no firewall or password-entry system will ever provide airtight data protection from intruders. 

Information-centric security binds security directly to information and the people who access it to ensure that they can access only the right information at the right time, when and where they need it.

"We are now protecting well over 100 million online identities," Coviello said. "But the next step is to bring the security to information itself, and look for patterns in the flow of information and data. Our tools are sophisticated enough—not to do just dictionary-type content—but to actually screen streams and flows of different data."

Security is at a crossroads. Listen to the podcast here.

Another example of finding a pattern in the data itself might involve e-mail security, Coviello said. "Our tools can identify a string of credit card numbers. In an e-mail scan, we would certainly ask, 'Why was a string of credit card numbers headed out of the company in the form of an e-mail?'" Coviello said.

"Ironically, we deployed this within EMC itself. One of our engineering groups sent an e-mail list of numbers—test data that looked like credit card numbers —to one of our technical directors in Europe, and our own internal deployment of the products flagged and stopped the e-mail!" Coviello said with a laugh.

These issues and many more will be examined when  RSA, whose software is used by more than 90 percent of the Fortune 500 enterprises, opens its annual users conference here at the Moscone Center in April.

"We'll talk a lot of about innovation at the show, including dynamic software. But also we'll be talking about how much security is being built right into IT infrastructure, like embedding encryption into storage platforms and the like," Coviello said.

"We'll see some new innovations around static security, like firewalls and standard virus protection also, but those things are just not keeping pace right now."