Gary Palgon
Vice President, Product Management
nuBridges
If the variety of topics and interactive dialog around information security at InfoSec World is an indicator of need for companies and organizations to get better, then there’s plenty of room for growth. While many companies seem to be making progress, most are just embarking upon implementing best practices in security and often are just assessing the risk off different threats within their company.
One presentation of interest included “Taming the Beast(s): Securing Major Enterprise Applications” by Rich Mogull, which discussed how security must be considered throughout the entire software development lifecycle as well as the differences in addressing security in enterprise applications, application servers and legacy solutions. Data de-identification and data masking in the test environment and security options in Oracle and SAP were also discussed.
And Whitfield Diffie, a pioneer in public key encryption, spoke about where we are headed in security. He reflected on past milestones including initial cryptography, the advent of computer processors for calculations and the problem of encryption key management, the latter in which he’s heavily involved.
As Diffie looks forward, the security of cloud computing is of concern and the privacy issues that go along with it. He wonders, for example, if I offload information to a 3rd party, how can we ensure they don’t have full access to information? And if they do, who has access to it? All valid concerns and no doubt coming from his background in public key encryption brought forward!
Here’s my picture with him!
Until next time,
Gary
