A long time ago my last post... Anyway, lots of first-year students and research grant applications kept me busy.
The IT-SA is now THE event for IT-security in Germany. It has not the flavour of the RSA conference, altough it may actually be of a similar size, at least in the exhibition area. It is much more about small conferences around the exhibition floor, organized / owned by different people and groups, such as e.g. the AppSec conference in Germany or the KuppingerCole Enterprise Cloud Security summit. Consequently, and this is especially true for folks from abroad, don't expect a huge number of people showing up at your booth - you need to organize traffic yourself. But then - uh lala, lots of intense discussions...
A few takeaways more from the content point of view from my side about the IT-SA:
1. "bring your own device" is now a mainstream topic. Security folks: like it or not, you will need to cope with it. There are a number of arguments for this being financially-wise a good decision. But what does that mean security-wise, really? Well, my take is that the IT-security guys now need to think about how to protect corporate information instead of protecting the infrastructure from viruses. Come on, be honest: company confidential information is anyway already on devices that are not under your control, even today. The solution is: intelligent awareness, and - maybe some day - intelligent IRM.
2. IRM, IRM, IRM: the more I wandered along the different booths, the more I see the need for a good solution. All these different offerings that pretend to make your IT secure, but actually don't (no, I won't name them), all suffering from information not being protected adequately, still relying on a benign, controlled infrastructure. You that time is over, right? Unless you are a bank (you make your money yourself) or a government (you don't even need money in the first place ;-) chances are quite bad that you know what is going on in your network aeh on your machines, aeh I mean on the devices in your network...
3. Privacy-friendly IDM: there is a trend to use IDM against people's intention. And indeed, that may happen, if the data is under legitimate control of the authority maintaining the IDM information. Consequently, we need to think about how to make that happen in a privacy-friendly way. There are cryptographic protocols, and frameworks available, such as MS U-PROVE and the new German E-ID-Card. We need to spread the word that this is indeed possible!
And finally 4.: the Cloud is real. Companies do no longer think whether they will do it, but HOW, and how the security can be setup. Most importantly, companies were asking how to extend their security management processes to the cloud provider. And indeed, ISO 2700X et al can be applied, but they don't provide operational help. ITIL is much better suited, but does not really cover confidentiality...