VMware CEO to Outline Need for a Comprehensive IT Security Architecture at RSA Conference
March 2016 by VMware
In his keynote at the RSA Conference, VMware CEO Pat Gelsinger will address the most significant impediment facing IT security today: IT architectural issues that create complexity and inhibit security teams from successfully doing their ultimate job—protecting applications and data. By adopting a common framework, enterprises can align policies with innovative security solutions that can be extended across the data center and the cloud. Gelsinger will also unveil new research from The Economist Intelligence Unit (EIU), sponsored by VMware, that shows significant misalignment between corporate and IT leadership on cyber security investment, cyber protection priorities, and the timing of a major attack against their company.
“There is tremendous innovation in the security industry today. What’s needed is an organizing framework—a true architecture that all the leading players can align to so that security can be architected in,” said Pat Gelsinger, chief executive officer, VMware. “By changing the dynamics of how we deliver trusted services over vulnerable infrastructure, the IT security industry has an opportunity to chart a new path forward.”
Gelsinger will detail how virtualization creates the foundation for a comprehensive architecture that enables security to be built-in to the technology infrastructure. Because virtualization is a layer in between physical infrastructure and applications, it is in the perfect position to align endpoint and network controls to the applications being protected. Virtualization has become the most ubiquitous infrastructure layer covering compute, network and storage, and spanning both private and public clouds.
In the keynote, Gelsinger and VMware Senior Vice President of Security Products Tom Corn will demonstrate a preview of Distributed Network Encryption technology enabled by VMware NSX. Traditionally, encryption is enormously complex. The demonstration will show the ability to encrypt data in flight, and data at rest, with a simple drag and drop onto an application. In addition, the demo will showcase how the technology will extend to public clouds such as Amazon Web Services.
New Research Highlights Misalignment on IT Security across the Globe In addition to calling for a comprehensive IT security architecture, Gelsinger will highlight EIU research (1) that demonstrates there is still work to be done on building alignment between corporate leadership and IT leaders with regards to cyber-security, preparedness and imminence of future attacks. Specifically the survey found:
• While IT security leadership regard cyber-security as the number one corporate priority, only five percent of corporate leaders take that view.
• The Business and IT security leaders are out of sync on the most important assets to be protected. Corporate leadership prioritize strategic assets such as the company’s reputation, while IT security takes a tactical approach focused on protecting data and applications.
• More than 30 percent of IT security executives expect a major and successful attack within 90 days, versus 12 percent of corporate leaders.
• Business and IT leaders diverge considerably on security budget expectations. Nearly 30 percent of IT leaders believe they will see a significant security budget increase in the next two years. Conversely, less than 10 percent of corporate leaders foresee a significant increase, despite believing “underfunded security” poses the third greatest risk or vulnerability to their firms.
However, business and IT leaders are aligned in one key area – concern over the threat of the unknown. Critical threats identified by each group were the concern for resources and data that now may unknowingly reside in the cloud, concern over fast-moving unknown threats in the wild, and concern about unknown users and devices accessing corporate networks and systems. The EIU research brief is available here.