Subscribe to the RSA blogs and podcasts for the latest posts and security updates!
Bob Griffin is Chief Security Architect at RSA, the Security Division of EMC, where he is responsible for technical architecture, standards and strategy, particularly for RSA’s data security products. He represents EMC to several standards organization, including as co-chair of the OASIS Key Management Interoperability Protocol (KMIP) technical committee. Bob has extensive experience in security strategy, corporate governance, business process transformation and software development. He has had the primary architectural responsibility for a number of production systems environments and for major software engineering projects at RSA, Entrust and Digital Equipment Corporation,. He is a frequently requested speaker for professional and industry conferences and has instructed courses within both professional and university settings.
In his #EMCworld keynote on Tuesday morning, Joe Tucci used the phrase “the sea of trust” to capture the pervasive role that security has to have in the success of the “third platform” of mobile, cloud and big data. It’s a great metaphor, reflecting not only the pervasiveness that security has to have, but also the dynamism and power that it needs to embrace.
In my earlier blogs on Transforming Security Analytics and Transforming Trust, I wrote about the strong focus we have on cybersecurity at this year’s EMCworld, previewing several of the sessions that will highlight security topics. In addition to those presentations, we’ll also once again have a Birds-of-a-Feather session, focused on Building your Trusted Cloud. It’ll [...]
The application of Big Data analytics to security has resulted in a transformation not only in detecting and responding to threats. It also transforms how we establish and evaluate trust, based on understanding risk rather than expecting absolute security. This transformation doesn’t just affect security professionals. Understanding trust is critical for many of the topics that are explored at EMCworld, including cloud, virtualization, storage and document management. Understanding trust can help in enabling new business opportunities, finding more effective operational processes and working more effectively with partners.
We’re well into the preparations for EMCworld 2013, to be held May 6-9 in Las Vegas. There’s been a significant RSA presence at EMCworld ever since RSA was acquired by EMC back in 2006 – including the presentation I gave on storage encryption and key management back at EMCworld 2007 in Orlando! This year we’ll have even more RSA presence than ever, exploring the “Lead your Transformation” theme from the perspective of security and trust.
We had our first meeting of the OASIS PKCS 11 Technical Committee last week, a very interesting and exciting start to this new stage in the life of the PKCS #11 standard. It was a very impressive gathering of folks from many different companies and countries, a breadth of participation evident in the officers and [...]
In his introduction to the Innovation Sandbox at RSA Conference, Hugh Thompson remarked on the critical role that small companies have in driving innovation. That’s certainly true and it was great to see the innovations of the 10 finalists who presented on Monday. But Hugh’s remark got me thinking about other dimensions of innovation, particularly in the light of the phenomenal range of capabilities evident in the exhibition hall at the conference.
For some time now, we at RSA have been speaking about the essential role that collaboration has to play in effective security. It is not enough to collect and analyze information within your own organization. You need to draw on sources of information outside your environment and you need to share your information with other organizations. This cooperation and collaboration in security is imperative, especially given that we are confronted with well-organized and collaborative adversaries.
As I mentioned in an earlier blog, RSA is transitioning the PKCS #11 standards effort into OASIS. The call for participation for the new OASIS PKCS 11 Technical Committee has now officially gone out from OASIS leadership, describing the process for joining the TC. The new public page for the PKCS 11 TC provides information [...]
The Cloud Best Practices Network has just published the second installment of the e-magazine TRANSFORM. This issue, which focuses on various aspects of cloud security, includes my article on “Key Management Strategies for the Hybrid Cloud”, leveraging the use cases that we developed in OASIS KMIP for our work on the next version of KMIP. [...]
