The Sea of Trust: Cloud, Big Data and Security at EMC World

In his #EMCworld keynote on Tuesday morning, Joe Tucci used the phrase “the sea of trust” to capture the pervasive role that security has to have in the success of the “third platform” of mobile, cloud and big data. It’s a great metaphor, reflecting not only the pervasiveness that security has to have, but also the dynamism and power that it needs to embrace.

Reinforcing our doors in 2013

In my last blog I talked about the key technologies breaking down our doors in 2013. The four key areas were Cloud Computing, Social Media, Big Data and Mobile Devices. None of these should have come as a surprise to anyone in the industry today. These are all topics that are discussed and debated around tables of security teams in most enterprises. So, what can we do today to ensure we are prepared for these challenges and how do we start reinforcing our doors so that we allow these new technologies but have greater control and visibility and provide transparency for the user?

Disruptive technologies breaking down our doors in 2013

RSA recently launched its latest SBIC report titled ‘Information Security Shake-up – Disruptive Innovations to test Security’s Mettle in 2013’. It introduces some interesting food for thought on what organizations should have on their ‘to do ‘list for 2013. Four key innovations are highlighted which shouldn’t come as a big surprise to anyone, I think we have all been addressing some of these in the last year but it’s time to hunker down and really start focusing on these four key innovations which will test the true grit of our security systems.

Security Strategy and Big Data

There’s been quite a lot of discussion recently about applying big data to improving security.  My colleagues Rashmi Knowles and Barrett Mononen have written a couple of blogs about it.  Our RSA/Netwitness CSO Eddie Schwartz spoke about it at RSA Conference China and the Splunk IPO in April certainly created lots of buzz around big…

Knock, Knock. Who’s There? Big Data.

I recently had the pleasure of attending the annual EMC World user conference in Las Vegas, NV. And it was, in my opinion, immensely informative, not just for me but for EMC, RSA and all of its partners and customers. The sessions and Solutions Pavilion were lively and engaging, the keynotes had the production value worthy of most Hollywood movies and the topics were relevant for today’s IT and security managers.

Trusting Your Crowd Sources

Earlier this week I was at MIT Media Labs for a meeting with my colleagues in EMC technical leadership. While we there, we took a tour of the Media Labs, including talking with a couple of grad students and professors. One the projects we were introduced to is called Place Pulse, “a website that allows anybody to quickly run a perception study and visualize the results in powerful ways”. It was interesting from a lot of perspectives: as an investigation of perceptual clues we use in making decisions; as an exploration of visualization techniques; and as a model both for generating and for analyzing Big Data.

Will big data know you better than you know yourself?

There was lots of buzz about big data at RSA Conference, especially in terms of the essential role that big data analytics increasingly plays in detecting data exfiltration and other security issues. Using big data for security is clearly a significant opportunity. But the security and privacy of big data is equally important and yet got much less attention. These concerns did come up in the Tuesday afternoon panel on big data, during which Rick Mogull of Securosis articulated the distinction between securing big data and using big data for security. But for me the most striking insight about the security and privacy issues for big data was in the discussion that Hugh Thompson and Dan Gardener had during the Friday afternoon “Hugh Thompson Show”.

Smart Security: The Evolution of Higher Security Forms

Last august, I wrote about needing a different answer to the traditional security problem because the changing landscape over time was making conventional protocols, applications and skill obsolete. I wrote there about time and intelligence: these are the essential assets in any security autonomic system. Why? To really boil it down to its basics, it’s a race. In a race, you care about being first, not second. Intel helps you run the race better and time is the only currency that matter. It’s a race to the data, and you want to win. So it’s all about time and intelligence.