Notes from the Gartner Summit
And if I could sum up the major themes of the event in two words, they'd be these: Cloud computing. The same words I've used to describe every other major security event of 2010.
Talking with analysts, vendors, attendees, the story is the same. Everyone is piling into the sessions dedicated to the cloud, and the underlying drive is: "We all know we're headed to the cloud, but we've got questions."
The cloud dynamic is a lot of people standing around a swimming hole, waiting for someone to stick in a toe before they all take the plunge.
In fact, more than once I heard observers describe the cloud dynamic as a lot of people standing around a swimming hole, waiting for someone to stick in a toe before they all take the plunge.
Me? I sort of wonder "What's the big deal?" In banking, especially, core processing services have been outsourced for years - into the cloud before anyone called it a cloud. What, then, is the leap of faith in outsourcing additional services? Especially when resources are tight.
I know; it's more complicated than that. There are questions of privacy, data sharing,vendor management and other concerns - especially at a time when third-party relationships in all industries are under greater scrutiny.
I wonder sometimes, only half-jokingly, whether cloud computing is hurt by its own name. Think about it: A cloud summons up an image of decreased visibility or a coming storm. Not exactly the images you associate with information security and privacy. Would cloud computing be better received if it were called "blue sky computing?" Doesn't have the same ring, I know, but sometimes image is everything.
While at the Gartner Summit, I caught up with some analyst friends such as Avivah Litan, who continues to stay on top of all the forms of fraud threatening financial institutions and their customers. And I also conducted a series of interviews with industry leaders on a range of topics - from ACH fraud to email security and more.
All of the discussions were informative, and I enjoyed meeting so many people at the event. But among some of the interviews I want to highlight:
- David Tripier of IronKey, who has a unique approach to helping banking institutions and businesses deter ACH fraud;
- Jonathan Nguyen-Duy of VerizonBusiness, who spoke directly to the issue of helping business/security leaders feel more comfortable about cloud computing;
- Gene Kim of Tripwire, who discussed regulatory challenges and current security threats.
Again, you can readily access these interviews, and I recommend you give them a quick listen for insights on some of the discussions at the Gartner event.
Then I'd love to hear your own thoughts on the security trends and threats we need to be paying attention to during the second half of this year.