Friday, May 3, 2013

Infosecworld 2013

Last week was Infosecworld. Not surprisingly, as in 2012 the main topics were Big Data, BYOD, mobility and cloud security, and risk. Jeff Crume had several sessions on access control and identity management, including Federated identity management and single sign-on. It’s interesting to think that the big social networking sites—Facebook, Twitter, LinkedIn, Yahoo—use Federated identity. Now, I can log into Yahoo mail using Facebook or Google, not that I want to do it. I’m not sure whether this is good or bad, but it is interesting that while this is being discussed within the enterprise, the social world went ahead and implemented it. Of course, the security and privacy concerns are vastly different between the two worlds.
I heard a lot of talk about cyber espionage, both in sessions and in keynotes. Also, that the defensive focus has changed from cyber crime to cyber espionage and warfare. Of course, APT came into the discussion, although there was some disagreement about what it was. There was even a demo session on hacking SCADA, ICS, programmable controllers, etc.
Jay LaRosa and a colleague from ADP gave an interesting presentation on its next-generation security management platform system. It integrated passive data access network, SIEM, GRC tools, and massively scalable data warehouse; added advanced threat modeling, and provided real-time analysis and reporting. I recall from an earlier presentation about SEIM that between hardware, software, and personnel requirements it was out of reach of most places.  This presentation confirmed that observation, but it is a very impressive system.
BTW, I still need proposal for books on DLP, SEIM, BYOD, APT.