RSA's Coviello: Standalone Security Is On The Way Out

As a result, consolidation is going to severely thin the herd of security vendors, said Art Coviello, president of RSA, the security division of EMC, during a keynote speech Tuesday at the RSA 2007 conference in San Francisco.

"With the exception of a few innovative startups, the standalone security industry will end within three years," he said.

Security needs to be inextricably linked to an organization's business strategy, and the old approach of building a perimeter around the network to secure the data inside just isn't cutting it, said Coviello.

Vendors have been making the mistake of chasing threats and building walls around data, ignoring the fact that data is never static, added Coviello.

Sponsored post

"If you can't retrieve the right information at the right time, then you aren't properly managing that information. And you can't secure what you can't manage," he said.

The rise of hacking for profit, the growth of service oriented architectures and Web 2.0 technologies and their associated security risks, and regulatory compliance burdens are driving the need for an approach to security that's nimble and adaptive, Coviello said.

With an estimated 200,000 malware variants on the way in the coming year, according to Yankee Group, static security solutions like antivirus and IPS aren't going to be enough to stem the tide. But an information centric approach to security, which tightly links security to information, can reduce the risk to high value information, said Coviello.

Security also needs to adapt to the changing threat environment, and RSA is building pattern matching and recognition technology to allow organizations to apply security on an as-needed basis, said Coviello.

Strong authentication and access control can work hand in hand with other technologies such as key management to provide layers of security that stop threats as they emerge, Coviello added.

Key management and access control will be the primary chunk of value for RSA once encryption becomes more widespread, which provides plenty of incentive for RSA to move the encryption market forward, said Coviello.