RSA Conference: Big Data, BYOD Join Other Hot Security Topics


Mobile security is expected to be a core theme at the RSA Conference as well, prompted by the increased interest of IT security pros in gaining control and visibility into corporate data on smartphones and tablets in the workplace. Two notable sessions include a presentation Feb. 26 by Troy Lange, a mobile security expert at the National Security Agency, who will identify the security gaps in mobile devices and what the industry can do to create a more secure ecosystem.

A session on Feb. 28, "Mobile Security Battle Royale," will pit several prominent security researchers against each other, debating the security merits of each mobile platform.

Companies are struggling with BYOD and ways to enforce mobile security policies. The idea that IT practitioners can simply deploy technology to gain control over the influx of mobile devices is overstated, said Ramon Krikken, a research vice president at Gartner, in a conference call with reporters this week. Organizations are evaluating mobile device management platforms -- there are dozens of them vying for business -- but costs and perceived maintenance burdens may be hindering adoption, Krikken said.

"They're coming to the conclusion that it's too heavyweight or it doesn't do what they quite want it to do," Krikken said.

Massive password breaches and identity theft are expected to breathe new life into the topic of identity management at the conference, Thompson said. The topic faded in the past and strong submissions on identity management got filtered into other session tracks, but this year the conference program committee brought the track back. Weak and default passwords plague the Internet and are easy pickings for cybercriminals, Thompson said.

"It's not just about the password, but the way we choose to architect how we authenticate someone at a distance that is becoming an issue," he said.

Steve Werby, an information security consultant, formerly the CISO at the University of Texas at San Antonio, will present his project to gather, assess and rate password policies and controls from the top 10,000 websites in his session, "Crunching The Top 10,000 Websites' Password And Controls." A panel of experts led by Wired reporter Mat Honan, who wrote about his personal experience with identity theft, will discuss security measures such as VPNs and two-factor authentication, in a session, "Think a Password is Going to Protect You? Think Again." Both sessions are scheduled for Feb. 28.

PUBLISHED FEB. 19, 2013