VMware, Inc. - In his keynote at the RSA Conference
today, VMware CEO Pat Gelsinger will address the most significant
impediment facing IT security today: IT architectural issues that create
complexity and inhibit security teams from successfully doing their
ultimate job -- protecting applications and data. By adopting a common
framework, enterprises can align policies with innovative security
solutions that can be extended across the data center and the cloud.
Gelsinger will also unveil new research from The Economist Intelligence
Unit (EIU), sponsored by VMware, that shows significant misalignment
between corporate and IT leadership on cyber security investment, cyber
protection priorities, and the timing of a major attack against their
company.
"There is tremendous innovation in the security industry
today. What's needed is an organizing framework -- a true architecture
that all the leading players can align to so that security can be
architected in," said Pat Gelsinger, chief executive officer, VMware.
"By changing the dynamics of how we deliver trusted services over
vulnerable infrastructure, the IT security industry has an opportunity
to chart a new path forward."
Gelsinger will detail how
virtualization creates the foundation for a comprehensive architecture
that enables security to be built-in to the technology infrastructure.
Because virtualization is a layer in between physical infrastructure and
applications, it is in the perfect position to align endpoint and
network controls to the applications being protected. Virtualization has
become the most ubiquitous infrastructure layer covering compute,
network and storage, and spanning both private and public clouds.
In
the keynote, Gelsinger and VMware Senior Vice President of Security
Products Tom Corn will demonstrate a preview of Distributed Network
Encryption technology enabled by VMware NSX. Traditionally, encryption
is enormously complex. The demonstration will show the ability to
encrypt data in flight, and data at rest, with a simple drag and drop
onto an application. In addition, the demo will showcase how the
technology will extend to public clouds such as Amazon Web Services.
New Research Highlights Misalignment on IT Security across the Globe
In addition to calling for a comprehensive IT security architecture, Gelsinger will highlight EIU research that demonstrates there is still work to be done on
building alignment between the C-Suite and IT leaders with regards to
cyber-security, preparedness and imminence of future
attacks. Specifically the survey found:
- While IT security leadership regard cyber-security as the number
one corporate priority, only five percent of C-level business leaders
take that view.
- The Business and IT security leaders are out of sync on the most
important assets to be protected. C-level business executives
prioritize strategic assets such as the company's reputation, while IT
security takes a tactical approach focused on protecting data and
applications.
- More than 30 percent of IT security executives expect a major
and successful attack within 90 days, versus 12 percent of C-level
business execs.
- Business and IT leaders diverge considerably on security budget
expectations. Nearly 30 percent of IT leaders believe they will see a
significant security budget increase in the next two years. Conversely,
less than 10 percent of C-level business executives foresee a
significant increase, despite believing "underfunded security" poses the
third greatest risk or vulnerability to their firms.
However, business and IT leaders are aligned in one key area
-- concern over the threat of the unknown. Critical threats identified
by each group were the concern for resources and data that now may
unknowingly reside in the cloud, concern over fast-moving unknown
threats in the wild, and concern about unknown users and devices
accessing corporate networks and systems. The EIU research brief is
available here.