Print This Story  Email This Story  Save this Link View PR Newswire's RSS Feed  Blogs Discussing this News Release  Search Blogs that Mention this News Release  Click this link to view linked Bookmarking Services Click this link to view linked Blogging Services

EMA Identifies Hot Topics for RSA 2008
 
Virtualization security joins other current trends in IT security that will
                    be bantered about at the conference

    BOULDER, Colo., April 4, 2008 /PRNewswire/ -- With IT virtualization
one of the hottest topics in technology it's not surprising that
virtualization security will likely peg the "buzz meter" at the upcoming
RSA 2008 conference. Scott Crawford, research director for the security and
risk management practice at Enterprise Management Associates (EMA)
(http://www.enterprisemanagement.com), says virtualization security has
quickly become one of the highest visibility concepts in IT, and that EMA
will explore the new frontier of virtualization security in a new research
study that will be initiated at RSA 2008.

    "RSA is a great place to kick off our research on virtualization
security," said Crawford. "As the use of virtualization continues to climb,
so do questions about the security issues it raises. Virtualization
security will definitely generate huge interest at this conference."

    Currently, virtualization itself is at the top of many executives'
agendas. As virtualization is adopted by more and more companies, security
professionals have begun to integrate security methods into this new
approach. Unfortunately, there is no real standard method for implementing
virtualization, which makes it more difficult for security professionals to
form a general consensus regarding the actual issues of security in
virtualized environments. This has made virtualization security an elusive
target.

    In addition to virtualization security, EMA has identified several
other hot topics for RSA 2008, including:



    -- Current trends highlight that there is a big difference between
       compliance and security. The Societe Generale case illustrates how an
       insider with knowledge of technical business risk controls in IT can
       perpetuate fraud on a massive scale. On the other hand, the recent
       Hannaford case shows how attackers can exploit exposures that are
       beyond the controls required by current regulatory mandates.

    -- As underground computer activity continues to mature, attacks have
       become more sophisticated, thus complicating the discovery and criminal
       prosecution of these attackers. This seedy environment has created a
       foundation for major investments into criminal activities.

    -- 2008 appears to be a year in which security strategies will focus on
       ground-up approaches to develop and deploy more secure systems and
       applications. As a result, many organizations are integrating new
       security processes into the pre-production phases of systems and
       applications.

    -- The number of websites with malicious codes is constantly on the rise.
       In addition, the exploitation of browsers and the plug-in applications
       that they integrate is continually growing. Vulnerable websites become
       a target for hackers to flip into major attackers. In addition, one of
       the most alarming trends is that attackers can leverage legitimate
       websites in a manner that even trained security professionals may not
       recognize as harmful.

    -- Information risk management continues to be a very complex challenge
       for many organizations. High-privilege user accounts wield a large
       amount of control over IT systems, but they are not necessarily well
       secured.

    -- As SaaS models and approaches to "security in the cloud" continue to
       mature, new product and service offerings have sprung from many
       security vendors. The implications for security strategy management in
       containing many of the risks and costs of maintaining in-house tools
       and expertise could lead to the outsourcing of security departments to
       third-party organizations.

    RSA 2008 will be held April 7-11 in San Francisco, Calif. at the
Moscone Center. If you would like EMA comment on virtualization security or
any of these topics, please contact Guy Murrel at gmurrel@catapultpr-ir.com
or 303-581-7760.

    About Enterprise Management Associates

    Founded in 1996, Enterprise Management Associates (EMA) is a leading
industry analyst and consulting firm dedicated to the IT management market.
The firm provides IT vendors and enterprise IT professionals with objective
insight into the real-world business value of long-established and emerging
technologies, ranging from security, storage and IT Service Management
(ITSM) to the Configuration Management Database (CMDB), virtualization and
service-oriented architecture (SOA). Even with its rapid growth, EMA has
never lost sight of the client, and continues to offer personalized support
and convenient access to its analysts. For more information on the firm's
extensive library of IT management research, free online IT Management
Solutions Center and IT consulting offerings, visit
http://www.enterprisemanagement.com.
SOURCE Enterprise Management Associates



Back to Topback to top

Related links:
  • http://www.enterprisemanagement.com
    CONTACT:
    Guy Murrel, +1-303-581-7760,
    gmurrel@catapultpr-ir.com, for Enterprise Management Associates
    www.technorati.com Blogs Linking to this News Release at Technorati
    Issuers of news releases and not PR Newswire are solely responsible for the accuracy of the content.
    Terms and conditions, including restrictions on redistribution, apply.
    Copyright © 1996- PR Newswire Association LLC. All Rights Reserved.
    A United Business Media company.