This week, I’m visiting the Gartner Security & Risk Management Summit 2013 in National Harbor, Maryland. It’s early June weather here, and outdoors there’s been cycles of warm rain with major storm warnings mixed in. Here inside the conference, there’s a storm of a different sort brewing, as the Gartner analysts dive into the details about the serious IT issues that enterprises face.
I’ve been following the security track, and today’s agenda’s been packed with content on the nature of cyberwarfare/terrorism/crime. Analysts Richard Hunter and Avivah Litan noted how cybercrime evolved over time, because in the past, criminals used to go after targets of opportunity (namely they would go after the tactical, easy money). Today, the criminals are much more strategic, using methods that are straight out of a heist movie, using plenty of research on their potential victim, creating distractions to mask their true intentions of their activities, and performing coordinated exfiltration to get their wares.
On the advanced targeted attack tracks, there were several sessions that mentioned that the lack of visibility into application layer traffic creating a major blind spot. In the past, attacks were at the network layer, but today, attacks are occurring at the application layer. Shoring up visibility plays a critical role for protecting the enterprise. In one session that I attended, the panel noted that the ISPs will need to play a greater role in acting as the perimeter on behalf of the customer, either due to market forces or regulation, but in the mean time, the enterprise will need to do their part to make sure that they have taken the appropriate measures to make sure their perimeter has application layer visibility and control. Policy controls must have better context to know what belongs in an environment and what doesn’t.
Tomorrow’s agenda is going to dive even deeper into national security, with a keynote by Admiral Mike Mullen. In addition, I look attending a number of sessions on enterprise mobile security.
Are you at the Gartner Security & Risk Management Summit? Make sure to stop by session SPS22, Living with Next-Generation Firewalls: How Enterprises Operate Re-invented Network Security. It’s being held Tuesday June 11th between 3:00PM and 4:00PM in room Potomac B and hosted by Chris King, Sr. Director of Product Marketing for Palo Alto Networks. He’ll be moderating a panel on how next-generation firewalls are used at leading technology, government and healthcare organizations. In addition, please stop by and visit us in the Solution Showcase in Booth G.
Well, that wraps up Day 1 here at the Gartner Security & Risk Management Summit. Check in again tomorrow for a recap of Day 2.