Cloud Security, Network Security

RSA Conference 2011: CISO panel expects innovation, offers advice

Tools that better classify data, provide deep-packet inspection and offer risk management for organizations migrating to the cloud are three solutions areas ready to make their mark in the security industry, predicted a panel of CISOs on Tuesday at RSA Conference in San Francisco.

"We're not in control of the endpoint anymore," said Eric Litt, who heads information security at General Motors. "We need to migrate to the data."

While data leakage prevention and log management technologies are maturing, the current state of offerings fail to do an effective enough job of locating "the needle in the haystack," he said.

Roland Cloutier, vice president and CISO of Automatic Data Processing, said this may prompt further investment in deep-packet inspection, which would allow for the closer examination of data and traffic.

Malcolm Harkins, general manager of Intel's Information Risk and Security group, said he expects the next iteration of innovation to allow for the better analysis and correlation of employee access patterns to sensitive data repositories.

Meanwhile, the cloud will spur on advances in other technologies, such as identity and access management, said Mark Chamberlain, executive director of information security at insurance provider USAA.

Panelists also suggested ways to win over executive management. Litt said security professionals must leverage major cyber events that garner headlines, make senior leaders aware of security through training and perfect their elevator pitch.

Harkins said "credibility and influence are what gets budgets approved." Credibility is built, he said, by making good predictions.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.