Luc Villeneuve VP Sales, McAfee Canada Luc Villeneuve is responsible for the McAfee business in Canada. Villeneuve ...
Recently, McAfee Canada hosted 15 senior network security executives at a CISO roundtable event in Toronto. It was actually a sit down dinner, not a bar and the discussion was moderated by Gartner Research VP Greg Young. The very lively discussion centered around the Future of Network Security and ventured into other topics like securing the cloud, securing mobile and BYOD as well. But if I had to summarize the evening, the over-arching topic was truly the need for a ‘security connected’ approach to network security (even if everyone had a different term for it). We had some of Canada’s largest financial services firms and most recognized companies represented. I want to respect the privacy of the group, so I won’t name names, but I think it’s ok if I share some of the topics and responses from this group of ‘in the trenches, on the front lines’ cyber security leaders.
Trends in intrusion prevention: The bulk of the discussion around network security focused on improving threat prevention through deployment of network IDS/IPS solutions. Those attending were attempting to make purchase decisions based on a three year horizon. There was a lot of discussion around both vendor viability and investment in roadmap for these solutions. Making the ‘right long term choice’ was top of mind. As a side note, many users are still using intrusion detection vs. intrusion prevention, e.g. they are not automatically blocking threats using IPS. They aspire to do so however, and tend to work with vendors that have mature solutions that can potentially block threats at realistic network speeds.
Trends in firewalls and next generation firewalls: Many of the companies attending the roundtable have mature security practices and teams. They have started to deploy NGFW’s, but these are still primarily deployed behind traditional firewalls to gain additional visibility vs. inline deployments.
Trends in data protection: BYOD and Data Loss Prevention (DLP) were hot topics throughout the night. The discussions centered around what network-level controls can fit into BYOD and DLP strategies.
Overall network security Trends (consolidation, integration)
Attendees continue to be concerned about long term vendor viability for standalone point solutions. They discussed the need to be forward thinking and adopt flexible solutions that can provide long life. And, they discussed the concept of connecting disparate security silos in order to gain situational awareness of network security posture and pro-active threat prevention. Something that McAfee calls “Security Connected.”
I want to thank those that attended. It is rare that such high powered security executives get to meet for information sharing and open and frank discussions and attendees took advantage of every moment and discussion during the night. In all the discussion of integrating security silos, we need to remember to connect the human elements as well. Security Connected indeed.