February 13, 2006 4:00 AM PST

RSA confab: Boom times for security

The security industry converges at the annual RSA Conference this week, an event that's moved far beyond its origins as a get-together for cryptogeeks and other insiders.

Though still organized by RSA Security, a company with its roots in cryptography, the confab has developed into a showcase for security companies and an annual gathering for IT professionals. This year is the 15th anniversary of the event.

"There has been significant growth," said Ray Wagner, an analyst with Gartner. "The RSA Conference four, five years ago was much more of a technician conference."

The changing face of the conference mirrors a growth in concern over security in companies large and small. Once just an extra task for an IT manager, a digital breach may now bring legal entanglements for organizations. That's one reason why concern over security has moved into boardrooms.

Driving that increasing concern is a rise in threats such as armies of zombie PCs, higher awareness of data security dangers, and a need to comply with data protection laws.

"The security market is as active as I have seen it in a long time."
--Charles Kolodgy, analyst, IDC

With security now printed in bold on many corporate agendas, a plethora of new companies have sprouted up to sell products. At RSA, more than 275 exhibitors will show their wares. Product announcements at the show run the gamut and include application security software, e-mail security appliances, antivirus software and encryption technology.

Charles Kolodgy, an analyst at IDC, said: "The security market is as active as I have seen it in a long time. There seems to be something for everyone."

Many of the new vendors who jumped into the market are looking to cash out, often by being acquired by a larger player. Analysts have said that some of the security start-ups deal in features, not products, and essentially exist to be taken over.

And while new players continue to enter the space, takeovers are common. Symantec, in particular, has gobbled up many small security companies. Executives at the Cupertino, Calif., company said last fall that they plan to make six to eight acquisitions per year, with a major deal--such as Symantec's buy of Veritas Software--about every 18 months.

Over the past years, Microsoft has also been acquisitive in the security space, as it ramps up to deliver antivirus and anti-spyware products. The Redmond, Wash., software giant is set to take on traditional security players later this year with the launch of those lines.

Bill Gates will kick off the confab in San Jose, Calif., on Tuesday, the third time the Microsoft chairman will have opened the event. Other luminaries occupying the keynote stage will include Sun Microsystems chief Scott McNealy, Cisco Systems head John Chambers and Symantec CEO John Thompson.

Gates is expected to talk broadly about security in his speech, titled "Security in Tomorrow's World." The talk won't be as product-focused as in previous years, but Gates is expected to talk up security in Windows Vista and discuss Windows Defender, Microsoft's anti-spyware product, a second beta version of which is due out soon.

Last year, Gates unveiled Internet Explorer 7 at the conference and said Microsoft would deliver antispyware technology for consumers at no cost.

RSA itself also plans to make an announcement, which the company will describe only as a strategic shift. Company CEO Art Coviello is slated to speak Tuesday, after Gates.

Bring on the gear
Many companies in the security space are using the event to announce new products or updates to existing wares.

Symantec plans to introduce a new network access control appliance. Such products perform a health check on computers that join a network to make sure they meet company policy on such things as up-to-date patches, security software and installed applications. The new appliance comes preconfigured, Symantec said.

In a similar vein, Endforce plans to release access control software called Informant, a companion product to Endforce Enterprise. The software silently monitors a network to detect unknown machines and then alerts an administrator.

Nortel Networks also plans to introduce products and updates to its Secure Network Access portfolio. These technologies all target risks from internal users who may unknowingly introduce malicious viruses to a company network.

Sellers of identity and access management products that let businesses manage usernames and passwords, as well as oversee access to corporate resources, are also making noise at RSA.

Computer Associates International plans to announce the integration of its SiteMinder and Single Sign-On products for enterprise Web, client server and legacy systems.

In addition, Oracle is readying Identity Management 10g Release 3, a new version of its authentication and access management suite. The product is due out in May and will blend technologies Oracle acquired when it bought OctetString and Thor Technologies last year, the company plans to announce next week.

See more CNET content tagged:
RSA Security Inc., Bill Gates, conference, data security, Symantec Corp.


Join the conversation!
Add your comment
So 90% of the population has been suckered-in to using the
world's least secure OS, and we're supposed to be surprised that
in the "security" industry "There has been significant growth."

Before some dimwit tries to claim that the Mac OS and other
OSes are just as vulnerable but don't have the market share to
warrant attacks, please note that pre-OS X versions of the Mac
OS had viruses. OS X's market share is larger than previous
versions of the Mac OS and it has been virus free for nearly 6
years! Cell phone OSes like Symbian have had viruses when they
had well under a million users, compared with the 30+ million
Macs in use today.

The fact is, Microsoft's laughable OS is generating big business
for the security industry. I'm not saying the Mac is 100% secure,
but neither is Fort Knox. Windows on the other hand, is like a 24
hour convenience store with no security cameras in a drug
infested part of town. It's just too easy and tempting a target.
Posted by Macsaresafer (802 comments )
Reply Link Flag
To be fair,
Security is not just keeping hackers off your network and out of your OS. Everything from social engineering attacks to properly disposing of company garbage must be taken into account. The company employee is often the biggest security risk not because of ill intent, but because he/she is not aware of how valuable that spreadsheet before them is to a criminal or corporate spy.
Posted by Marcus Westrup (630 comments )
Link Flag
SANS Institute
RSA shows are fluf, BS and total GLAM show with no substance. If you want a REAL security conference with true hands-on classes in a wide variety of security subjects, check out www.sans.org !
Posted by jmanico (55 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.