Monday, June 9, 2008

Adaptive security from the Gartner IT Security Summit

I was at the Gartner IT Security Summit in DC last week - very interesting sessions.

Liked the Neil MacDonald keynote on the second day. He talked a lot about the current challenges or point products, silos and the decreasing importance of the perimeter. He also talked about how security would evolve and his vision on model based security, proactive approaches to security and how we could learn from the adaptive mechanisms of a biological system. Very interesting.

Most of it made sense - however, it seemed hard to see how we could build adaptive/proactive security systems just yet. We are still figuring out security based on signatures and we cant build them fast enough - adaptive might mean too many gray areas in the short term. And it necessitates learning from mistakes - I think it will take a bit of time before we will fully trust this, seemingly AI models, for security.

The one topic that did intrigue me was his statement on protecting the information and not focusing on devices - near and dear to my heart this information-centric security view! This trend does seem clear - more on this soon...

1 comment:

Rob Lewis said...

It seems to me that very fast (approaching immediate), or automated "adaptive" security, is still reactive, not proactive at all.

To be proactive, do you think security would have to be deterministic, that is all access privileges pre-determined and all other access attempts denied by default?