I have been attending RSA since the mid-90’s and there is usually a theme that dominates many of the sessions, keynotes, and marketing collateral. PKI definitely had its year(s), of course the mass-worm attacks in the early part of the decade drove a lot of activity. NAC, compliance, identity and data security have certainly been dominant themes recently and there was certainly no shortage of “solutions” this year either.
However, I would say that the keynotes by Bill Gates, John Thompson and Art Coviello, coupled with recent acquisition activity, pointed towards a general market realization that security is evolving beyond a reactive, ad-hoc activity to an integral part of running a business in today’s world. We are increasingly reliant on technology for every aspect of our lives and business is looking to IT to play a significant role in innovation, whether that is to tap into new revenue streams or to achieve new levels of operational efficiency that also boosts the bottom line.
The realization is that security is critical to enable this innovation. Best of breed organizations are beginning to look at operational maturity within their security programs as enabling the business to innovate as opposed to inhibiting innovation, which has been the traditional role of security. For those of us who have spent many years watching the security industry evolve this shift is not new, nor unexpected (here) and (here)
It is encouraging to see organizations begin to embrace security as an integral part of how a successful business functions. But we have a long way to go as we evolve from reactive security programs performed in a silo to security and operations convergence, and a level of operational maturity and agility that allows organizations to leverage IT for innovation.