RSA confab: Boom times for security

No longer just for cryptogeeks, RSA Conference attracts big-name speakers, product launches, underscoring security's growing importance.

The security industry converges at the annual RSA Conference this week, an event that's moved far beyond its origins as a get-together for cryptogeeks and other insiders.

Though still organized by RSA Security, a company with its roots in cryptography, the confab has developed into a showcase for security companies and an annual gathering for IT professionals. This year is the 15th anniversary of the event.

"There has been significant growth," said Ray Wagner, an analyst with Gartner. "The RSA Conference four, five years ago was much more of a technician conference."

The changing face of the conference mirrors a growth in concern over security in companies large and small. Once just an extra task for an IT manager, a digital breach may now bring legal entanglements for organizations. That's one reason why concern over security has moved into boardrooms.

Driving that increasing concern is a rise in threats such as armies of zombie PCs, higher awareness of data security dangers, and a need to comply with data protection laws.

"The security market is as active as I have seen it in a long time."
--Charles Kolodgy, analyst, IDC

With security now printed in bold on many corporate agendas, a plethora of new companies have sprouted up to sell products. At RSA, more than 275 exhibitors will show their wares. Product announcements at the show run the gamut and include application security software, e-mail security appliances, antivirus software and encryption technology.

Charles Kolodgy, an analyst at IDC, said: "The security market is as active as I have seen it in a long time. There seems to be something for everyone."

Many of the new vendors who jumped into the market are looking to cash out, often by being acquired by a larger player. Analysts have said that some of the security start-ups deal in features, not products, and essentially exist to be taken over.

And while new players continue to enter the space, takeovers are common. Symantec, in particular, has gobbled up many small security companies. Executives at the Cupertino, Calif., company said last fall that they plan to make six to eight acquisitions per year, with a major deal--such as Symantec's buy of Veritas Software--about every 18 months.

Over the past years, Microsoft has also been acquisitive in the security space, as it ramps up to deliver antivirus and anti-spyware products. The Redmond, Wash., software giant is set to take on traditional security players later this year with the launch of those lines.

Bill Gates will kick off the confab in San Jose, Calif., on Tuesday, the third time the Microsoft chairman will have opened the event. Other luminaries occupying the keynote stage will include Sun Microsystems chief Scott McNealy, Cisco Systems head John Chambers and Symantec CEO John Thompson.

Gates is expected to talk broadly about security in his speech, titled "Security in Tomorrow's World." The talk won't be as product-focused as in previous years, but Gates is expected to talk up security in Windows Vista and discuss Windows Defender, Microsoft's anti-spyware product, a second beta version of which is due out soon.

Last year, Gates unveiled Internet Explorer 7 at the conference and said Microsoft would deliver antispyware technology for consumers at no cost.

RSA itself also plans to make an announcement, which the company will describe only as a strategic shift. Company CEO Art Coviello is slated to speak Tuesday, after Gates.

Bring on the gear
Many companies in the security space are using the event to announce new products or updates to existing wares.

Symantec plans to introduce a new network access control appliance. Such products perform a health check on computers that join a network to make sure they meet company policy on such things as up-to-date patches, security software and installed applications. The new appliance comes preconfigured, Symantec said.

In a similar vein, Endforce plans to release access control software called Informant, a companion product to Endforce Enterprise. The software silently monitors a network to detect unknown machines and then alerts an administrator.

Nortel Networks also plans to introduce products and updates to its Secure Network Access portfolio. These technologies all target risks from internal users who may unknowingly introduce malicious viruses to a company network.

Sellers of identity and access management products that let businesses manage usernames and passwords, as well as oversee access to corporate resources, are also making noise at RSA.

Computer Associates International plans to announce the integration of its SiteMinder and Single Sign-On products for enterprise Web, client server and legacy systems.

In addition, Oracle is readying Identity Management 10g Release 3, a new version of its authentication and access management suite. The product is due out in May and will blend technologies Oracle acquired when it bought OctetString and Thor Technologies last year, the company plans to announce next week.

Featured Video