What businness actually want: lessons learned on the RSA floor ~ Miscellaneous Security

5.12.2009

What businness actually want: lessons learned on the RSA floor



From a security perspective, companies want simple solutions. As I walked the RSA expo floor a few weeks ago, this became very apparent.

Vendors were pitching products that were among other things, "in the cloud", "self-maintained", and "auto-updated." It seems that companies are looking for simple solutions for complex problems. (Duh?)

As I walked around the exposition floor, I began to chuckle, realizing that there were more people in the Moscone center than there are attackers in the world. More money gets pumped into security products than actual money gets stolen. What an amazing idea.

Now, imagine I have a product that you can:
  1. Plug into your network or computer.
  2. Requires no "maintenance".
  3. Will prevent your network/computer from being attacked.
  4. Alert you after it has successfully prevented the attack.
This was essentially every product that was being offered at RSA.

My two-cents: No product or grouping of products will prevent an attack. You can do some preventative measures, however, if an attacker wants to get you, they will.

Good Luck!