Home > Information Security > RSA – sigh….

RSA – sigh….

April 16th, 2008

This has been an unbelievably busy month, with lots of travel. I changed jobs (left CIS and went to Configuresoft), had a million projects to wrap up in the consulting realm, and finally went to the RSA show in San Francisco.

Wow, just not that exciting this year. Last year, I was totally blown away by the “widget overload”. In other words, there were a lot of features for sale, looking for a home. 🙂 This year, the buzzword mania was sickening. “PCI Compliance in a Box!” or “Firewall/IDS/IPS/DLP/Encryption in a simple appliance!”. Everybody is jumping on the compliance bandwagon, for sure, and many of the products I saw were still firmly in the widget category.

I’d love to see security moving more into integrating with IT and operations overall, instead of fighting so damn hard to be special. Guess what? Network guys can manage firewalls and IDS, too! It’ll get there – it has to. Those that fight it will be wondering where their super-special jobs went in 5 years, guaranteed. And I’m not saying there aren’t some specialized skills, because there definitely are – setting up PKI or access management infrastructures is not trivial. However, IT Ops is still IT Ops, and security is becoming part of everyone’s job, not the other way around.

RSA is definitely a show you need to attend if you work in the industry, no two ways around it. Some good content, good speakers, and San Francisco is always fun. But people take these keynote speeches way too literally – I mean, it is *definitely* in John Thompson’s and Art Coviello’s best interest to keep a little FUD in the game – why in the world would they say things are getting better? No $$ in that. Gotta move products…

Til’ next time I get 10 free minutes…

Categories: Information Security Tags:
Comments are closed.