ICT security transformation underway...
Ovum recently attended the RSA conference in late February 2014 and the event continues to grow in importance and increased participation by most in the ICT community.
"Ovum attended the RSA conference in late February 2014 and the show continues to grow in importance and increased participation by most in the ICT community," says Mike Sapien, Principal Analyst, Enterprise, Ovum.
"Ovum expects this conference to continue to grow for the next few years with security and managing risk one of the top agenda items for the IT decision makers. It was more than just the Target and NSA incidents that is driving this growth."
According to Sapien, many of the security tactics (and managed security service providers) are adding more proactive measures and features to their security service portfolios.
Historically most managed security services were more reactive and based on security incidents but this now has changed to providing more proactive features and going beyond identification and isolation of a security breech.
"Remediation in real time and immediate preventative policies are becoming standard requirements now," Sapien adds. "Customers want to know they have more proactive security services that are protecting their IT resources and end users in real time.
"The traditional model of protecting the perimeter and the edge has now given way to more sophisticated solutions.
"This includes more core (network or IT infrastructure) security solutions which may also include increased use of cloud based security solutions within the IT core versus the perimeter.
"This has been driven by the complete implosion of the perimeter with mobile access, home workers and lack of any real perimeter any more."
Sapien believes the conference this year showcased two distinct dimensions in cloud services. The use of cloud services is driving the need for security within the enterprise as cloud services are deployed
"Security vendors (new and emerging) are also leveraging cloud technology to provide more security services within the IT infrastructure," he adds.
"So the managed security service providers have to think about both dimensions when approaching customers with cloud based solutions to clearly address both dimensions. Are you providing security for implementing cloud services or are you using cloud services as a platform to provide increased security?
"In many of the meetings, briefings and announcements around RSA, Cybersecurity initiatives and work efforts are underway.
"Not all vendors were in the same state but most of them were increasing, enhancing or adding Cybersecurity measures to their security service portfolios. Clearly, this is also part of the move and growth to more proactive (versus reactive) security protection.
"Every vendor mentioned the fact that all large enterprise customers have had a breech. Now it was more about knowing about the total exposure, assessing your risk and plugging the holes in your security program to manage your risk as well as remediate and resolve security incidents in real time."