TechSec, Day 1

 - 
02/25/2009
Well, we had a great first day here in Dallas for TechSec Solutions, now in year 5, with some well-received presentations and some interesting technology on the show floor. Attendance is a bit down - I'm not sure how we could have avoided that in this climate - but spirits are surprisingly up. Those people who are here aren't exactly crowing of boom times, but most talk about the opportunity that a down economy presents for aggressive companies with technology that solves real problems. (Of course, I don't think any conference wants to open on a day when the Wall Street Journal leads with a story about how the market is 50 percent off its peak.) Anyway, remember that post where I wondered about whether IPv6 was a big deal or not? Well, our keynoter, Jack Johnson, former CSO for DHS, apparently feels IPv6 is a big deal. He used his presentation to argue that it presents quite a few difficulties for a security staff. Chief among them is the fact that, while security is built into IPv6, there are also inherent ways for malicious hackers to hide their efforts and the increase in addresses makes the 'Net far more difficult to police and scan. Further, it's possible hackers will be able to much more accurately target those they'd like to damage, and may even be able to actually keep tabs on, say, people they'd like to target for assassination, simply by tracking their IP-enabled mobile device using its unique global IP number. Kind of scary, really. This was followed up nicely with a presentation by the Open Security Exchange, including Laurie Aaron from Quantum Secure, Dan Moceri from Convergint, Chip LeBlanc from Imprivata, and Dan Dunkel, who consults as New Era Associates. Their message centered on convergence in real life, a bringing together of the IT and security departments, not just a new technology for moving around security data. Following on Jack's speech, which essentially emphasized that the physical security department will be increasingly important in protecting the end points of a company's network, their message was that data loss is an increasingly important threat organizations need to guard against, and a simple convergence technique - like marrying logical and physical identities so that when an employee is terminated their physical access and network access are eliminated at the same time - can prevent real damage to a corporation or government entity. I think their message was well received, even if some attendees have convergence-fatigue. Maybe the best-received panel of the day came from Fredrik Nilsson of Axis, Steve van Till of Brivo and Andres Armeda of Secure-i. They spoke of the new trend of managed access control and managed video as delivered by security installers and integrators. They asked a simple question: You use software as a service for so many vital operations in your life and business already - online banking through your browser, salesforce.com, investment management with your broker - why should security be any different? And why are security alarm companies, so great at creating RMR, not jumping on providing this service? A number of integrator attendees have told me they're looking to increase their RMR - one said frankly they only do about two percent of their revenue in RMR - but they're having trouble figuring out the mechanism. Managed access, particularly, since it's not bandwidth intensive, seems to offer that mechanism. Other problems, however, include changing a culture at an integrator that has been focused on landing the big $1 million job, and maybe doesn't know how to compensate for someone who lands a $599-a-month account. Also drawing a good crowd was the storage panel I moderated, pitting leading voices from DNF, EMC, Intransa, and Pivot3 against one another (okay, it just seemed like they were pitted against one another - really it was a simple panel discussion, but, boy, there was a bit of sniping going on). Dick O'Leary from EMC, being the big dog in the room, bore the brunt of backhanded compliments, but handled it with aplomb, at one point noting that he wasn't sure whether EMC knew about a certain technology, since they'd only spent $1.7 BILLION in R&D last year. Still, attendees told me they appreciated getting an understanding of how these storage manufacturers differentiate themselves, as it can be difficult to figure out what the difference really is. And then, well, everyone went to the main hall for the free drinks. You'll see more on the show in the Thursday newswire, and hopefully we'll have some video up from the show later today. SsnTVnews is going to be bumping with new interviews and full-length videos of the keynote and other sessions in short order. It'll be just like you were here (except no free drinks).