RSA Conference 2010 is kicking off March 1 in San Francisco, bringing with it a focus on the latest threats as well as security strategies spanning application development, social networks and the cloud.
From data protection to
cloud computing to application development, this year's
keeping an eye toward practical strategies for dealing with today's
The conference, which will
run from March 1 to March 5 at the Moscone
in San Francisco, has expanded this year to include
250 sessions across a total of 18 class tracks. Two of the class tracks-'Data
Security' and 'Security in Practice'-are brand new.
The Security in Practice
is focused on helping businesses deal with the day-to-day, practical challenges
of implementing security, explained Hugh Thompson, chief security strategist at
People Security and Program Committee Chair of the conference.
"There's been a huge need
over the last couple of years for companies to focus on where their data is,
how it's being protected and what practically companies are doing when the
rubber meets the road as far as data protection," he said during an interview
with eWEEK Feb. 24.
The Security in Practice
sessions touch on subjects such as how Brazilian banks deal with issues of
authentication and how one enterprise transitioned to cloud-based Web security
to protect its environment.
The Data Security track,
meanwhile, will take a look at the topic of data breaches. Among the topics
covered: the top 10 security breaches, what
to do in the event of a breach
, and a discussion of a lack of cooperation
between law enforcement, lawyers, regulators and the breached corporations
Also featured prominently
in this year's conference will be sessions touching on securing
cloud computing environments
, Thompson noted. His comment echoed thoughts
from Scott Crawford, research director for security and risk management firm Enterprise
Management Associates (EMA), who during a briefing with
journalists Feb. 24 said that organizations are taking a cautious approach to the
cloud. In a January survey,
found 11 percent of more than 850
respondents stated they definitely plan to implement cloud computing in the
next 12 months. Of those, 75 percent favor a private cloud model rather than a
public one, he said.
"A lot of the hype
relative to the adoption is perhaps somewhat out of proportion, and a good deal
of the reason for this according to our research is security and risk factors,"
he said. "Security risk and compliance is a top factor in choosing a cloud
technology or provider reported by 54 percent of the respondents in our study. ...
Organizations recognize they are giving up a certain amount of control in
exchange for the benefits of the cloud computing model, so this really raises
the bar on the visibility into the cloud environment, manageability for cloud
computing and, to the extent that organizations do have some controls, what are
the means they can use to gain control of their resources in a cloud computing
During the briefing,
Forrester Research analyst Khalid Kark said he will be paying close attention
to the security implications of what he called the consumerization of
technologies in the enterprise, including the growing use of social
media and Web 2.0 technologies in the workplace.
"Not only are we
seeing a shift in technology, but really the velocity of this change has been
unprecedented," Kark said. "We haven't seen this amount of technology change
all happening at once within security organizations."
The conference will also
feature keynotes from executives from Symantec,
(EMC), McAfee and other companies, as
well as speakers such as FBI Director Robert Mueller III and newly appointed
White House Cyber Security Coordinator Howard Schmidt.