So Long, Security Silos

SAN FRANCISCO -- RSA Conference -- Data growth, its increasing value to the enterprise, and the resourcefulness of cybercriminals underscore the importance of multi-layer security for enterprises, and the equally large parallel requirement of security simplification, the president of RSA said this morning in his opening keynote here.

"Security has traditionally been about imposing limitations, rather than lifting them. It's time to force that to change," said Art Coviello, president of EMC's RSA security division. Threats and challenges should not be the only motivation -- opportunities like accelerating new ways of doing business must also factor highly into the mix.

He went on to challenge the audience to think about security, not just in terms of firewalls and antivirus software, but also fungible assets, the customer experience, internal assets, and brand integrity. "Security impacts all that and we must treat security within that broader context," he said. "Information security has become a complete misnomer -- we've protected the perimeter but not the information itself. Despite digital rights management (DRM), we haven't linked security to DRM. And information has this nasty habit of wanting to move around.

"Security can no longer exist in silos in our companies or in the industry, or as a tactical afterthought," Coviello added. "It's no longer enough to build an outside-in approach -- we must simultaneously master an inside-out approach mapped to security -- an info-centric approach."

The fact that this new business model just happens to map to EMC's reasons for acquiring RSA wasn't lost on the audience, or an interviewer who posed questions to Coviello and his boss, Joe Tucci, EMC's chairman, who later joined Coviello on stage. With EMC (and Cisco, IBM, Microsoft, Oracle, and others) trying to be enterprises' one-stop infrastructure management stop, will discounts for volume or loyalty be forthcoming?