The IANS founders kicked things off with some into “keynote” observations.

• Signs of economic recovery may bode well in the fight against crimeware. According to the founders (I am not sure I completely agree yet) economic indicators (using the Dow and NASDAQ) show that we are back to where we were this time last year. The founders made a point that a tough economy is correlated to an increase in crimeware.
• There is a significant amount of concern about increasingly sophisticated APT’s (advanced persistent threats) and their proliferation. These threats are designed to bypass blacklist antivirus. These threats get on a box and then morph to avoid detection by new signatures distributed by the antivirus vendors. The general dissatisfaction with existing desktop security solutions, i.e. antivirus, is evident.
• Cloud computing remains a hot topic. Revenue from these services is expected to triple from 2008-2012.
• Desktop virtualization is a key CIO initiative, and security teams are trying to keep up. One professional quipped that “the virtualization train is flying down the tracks without brakes and the security caboose isn’t even attached.” Organizations will clearly need to address virtualization in their overall security plan.
• Social networking security implications was a point of significant concern and merited an individual session by Allen Carey, svp of research for IANS. I believe that social networking in business is inevitable as users demand access; social media is simply too tied up with business to eliminate from the enterprise. In addition to use policies, security teams will need a solution to prevent drive-by malware and ensure link integrity.
• As a representative of an application whitelisting company, I was especially encouraged to see that interest in application whitelisting is growing, as evidenced by full sessions and lively discussions. In general, all the feedback we got from attendees was positive, especially with respect to our key capabilities around trusted change and memory protection. Attendees emphasized the need for “enterprise scalablity” with whitelisting, but defined it under both technical and operational terms. The operational terms were focused on handling new applications and updates. We certainly agree with this and see the way whitelisting vendors handle application updates as the key to success. Our “trusted change” concept was very well received. Following our session 80% of the attendees joined us for lunch to continue the discussion.

All in all this was a great first day and I look forward to today’s sessions.