With all the big news being RSA, it seemed fitting to make this week’s “syndicated” post actually two “syndicated” posts from a local blogger at RSA. Over at The Falcon’s View, Ben Tomhave discusses RSA’s “Innovation Sandbox” as well as  summarizes of day 1.

As part of our effort to let the Metro DC area know about the awesome infosec bloggers we have, our “syndicated” posts emphasize other local bloggers that discuss news, events, and resources relevant to infosec professionals in NoVA, DC, and MD. In each post we introduce the topic, syndicate the introduction and part of the content, and then link off to the source blog post for the rest of the content and conclusions.

Well onto today’s posts…

///

RSA 2010 – Innovation Sandbox: Not Really Innovative

“Where has all the innovation gone? I was very much looking forward to talking to the startup vendors selected as finalists for this year’s Innovation Sandbox at RSA. After last year, I suppose I should have set my expectations a little lower, although realistically it would have been impossible to set them low enough to avoid some level of disappointment. Because, quite honestly, I was quite disappointed.

Of the 9 finalists, 6 had “cloud” point solutions, largely targeted to the hypervisor, with one that did some funky inline crypto stuff that made me wonder. 2 finalists had “new” authentication approaches, which were sort of interesting, but they didn’t solve the larger problems with authentication. The 9th finalist was also potentially interesting in that they provided a nice visualization dashboard for risk management, but the biggest downside was that all data had to be independently entered. There was no integration with any GRC products, and so while it looked pretty, it wasn’t overly sensible. So, yes, I was a wee bit disappointed.”

RSA 2010 – Day 1 Round-up

“It’s already Wednesday morning, which means the first full day of RSA 2010 is in the can and quickly receding into the past. Overall, things are fairly standard quo again this year. Sessions galore, vendor keynotes, and a busy expo floor. This last point is perhaps the biggest difference from 2009 in that the expo floor is, in fact, quite busy. My impression is that a lot of realistic networking and lead generation is happening this year.

Before I hit themes, one tidbit of interest. I spoke with a couple guys from Boston who specialized in financial fraud. One of the fellows had calculated the cost of doing a wholesale revamp of the card infrastructure to be about US$12B. That is far more than the card brands are eating in fraud costs today. Moreover, today the merchants bear most of the fraud burden, whereas the cost of a complete infrastructure overhaul would be primarily borne by the card brands (although these costs would obviously be passed along to the banks, merchants, acquirers, processors, customers, etc.).

There seem to be a couple subtle themes this year. Cloud computing is of course very prevalent, but it’s far less “in your face” than last year. A lot more vendors seem to be realizing that “cloud” is a tool, not a destination or silver bullet. This observation seems to suggest that a reasonable degree of sanity may be returning to PR and marketing, if only for a short time.”

///

See the rest of these posts and their exciting conclusions over at RSA 2010 – Innovation Sandbox: Not Really Innovative and RSA 2010 – Day 1 Round-up. If you are based in NoVA, DC, and MD and would like to have posts from your blog considered, please Contact Us or mention @grecs with the request on Twitter.

Tags: nova, novablogger, rsa, syndication

This entry was posted on March 4, 2010 at 11:00 am and is filed under Infosec Blogs/Podcasts. You can follow any responses to this entry through the RSS 2.0 feed.