RSA Conference is upon us once again. This year's RSA Conference is hosting around 350 exhibitors, and with the economy slowly on the mend, the show promises to have strong attendance, according to inside sources.
In addition to the usual array of raffles, costumes, and “Wheel of Fortune” gameshow gimics, the show floor was abuzz with its own unique alphabet soup (e.g. BYOD, APTs) while mobile threats, securing the cloud and virtualized platforms, and targeted attacks became the topics_ du jour_.
So what's all the rage in network security? We visited a few players on the show floor to find the biggest and most salient threats and some of the latest greatest technologies to combat them.
** Fortinet**: Well, we had to start somewhere. During a presentation Tuesday, Derek Manky, Fortinet senior security strategist, discussed the alarming rise of Advanced Persistent Threats, (APTs), sophisticated ransomware targeting Hyundai and other high profile corporations, and the increase in zero-day threats (thus far, there are around 30 zero-day vulnerabilities reported by FortiGuard Labs ranging from six months to two years that are still unpatched in the wild.), while predicting a rise in mobile ransomware. Most—around 90 percent—are delivered via botnets. Manky emphasized the need for a layered approach to counteract these threats, which included consolidated security technology designed to block botnet code from communicating with its command and control servers.
Juniper: Juniper is taking a hard look at the mobile security threat, noting that mobile malware, such as SMS Trojans and spyware, on the Android platform increased roughly 3000 percent from 2010 to 2011. Meanwhile, other threats, such as mobile man-in-the-middle attacks are anticipated to rise as more users access corporate data over insecure public Wi-Fi networks without VPN access. “You wouldn't consider doing that on your laptops,” said Jay Kelley, Juniper senior product marketing manager. “But everyone thinks of this device as a phone. They don't think of it as a computer.” To combat mobile threats, Juniper researchers underscored a mobile solution that contained proactive malware protection, a personal firewall and antispam technology, as well as anti-theft and data wipe for lost and stolen mobile devices.
Palo Alto Networks: Palo Alto Networks founder and CTO Nir Zuk touted targeted attacks as one of the biggest threats on the security landscape during a presentation on the RSA Conference show floor. In the not too distant past threats were only delivered over Web and e-mail, he said. But these days WebEx, DropBox, SharePoint, Facebook, IM, and Skype among others are prime targets for malicious attacks. “Today you're securing only Web and e-mail and completely ignoring all the other applications,” he said. Meanwhile, most security products are only marginally different than they were 15 years ago, he added. However, Zuk emphasized that Next Generation Firewalls are designed protect and block threats delivered through all applications by giving organizations the ability to monitor and control all content, and block what is deemed malicious while allowing workers to continue using the application.
** Watchguard**: Folks at Watchguard cited the organized cyber underworld leveraging advanced malware and political hacktivism as some of the most significant threats on the security landscape. “What's sad is that a lot of Anonymous attacks are not terribly complex,” said Corey Nachreiner, Watchguard director of security strategy. Meanwhile, organizations are trying unsuccessfully to block attacks from zero-day malware. “All of us are trying to find malware without signatures,” he said. “We need to find better ways of doing that.” One of those ways is through Next Generation Firewall, with strong application control capabilities that can allow one or more aspects of application (such as Facebook) while blocking other facets of that same application (like Zynga). Other application control features should enable organizations to identify well disguised applications attempting to bypass security controls by encrypting data.
** Cisco**: Cisco too is extending content-based security and awareness, identity awareness, policy and threat intelligence while beefing up visibility across the endpoints, data center and cloud segments of the network for a major launch at the RSA show floor. Cisco's launch also addresses the issue of BYOD by enhancing features that allow administrators to have more control over employees' mobile devices-- allowing them to see the type of device, the operating system its running, geo-location and current security posture.