
RSA Conference: Should you be worried?
By Steve Ranger
Published: 22 April 2009 15:30 GMT
Cloud computing might be the hottest tech trend (and certainly the most hyped), but experts are split over whether IT chiefs should be worrying about the security risks behind it.
Speaking at the RSA Conference, Whitfield Diffie, chief security officer at Sun, was enthusiastic about cloud technology, predicting that at some point cloud computing will mean that "no real [programming] will ever be done anymore on the computers of the company that's doing it".
But speaking on the same cryptography panel, Professor Adi Shamir of the Computer Science Department at the Weizmann Institute of Science in Israel was less optimistic.
"I'm getting very worried about it," he said, arguing that as we move to a world where the majority of computing power is housed in a small number of datacentres that we could be "facing a real danger that hackers would be able to take one of these datacentres out of commission - and that would have a catastrophic effect".
Bruce Schneier, chief security technology officer at BT Counterpane, was less concerned: "It's presented as a new paradigm but fundamentally I don't see a lot of difference - we still have to trust our vendors," he said.
UK CIOs have already voiced their reluctance to get involved with cloud computing at the moment, citing security concerns as one reason for holding back.
However, at a separate RSA panel session, Mary Ann Davidson, chief security officer at Oracle, suggested that many of the issues around cloud computing will in the end come down to standard due diligence.
"One of the things that will happen is that services will evolve depending on people's appetite for risk. There's going to be a continuum of what these services are and what they offer - that means you will have more options in terms of how much risk you want to take.
"You can outsource the provision of the service but you can't outsource the responsibility - you have to do a good job of vetting the service," she said.
"You are never going to be 100 per cent certain that things are perfect but you don't have that [running services] in your own organisation," she added.
The role will focus heavily on new, large scale client engagements using the latest technologies around SOA Architecture and Infrastructure, ...
Position: Information Security Officer Salary: GBP30,500-GBP35,000 per annum Location: Hertfordshire Our client a leading IT organisation, are ...
Carry out Network Installation and consultancy services, Windows Network migrations, Virtualisation/Optimisation, IT strategy, policy and security, ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Tim Ferguson Exclusive: Former MySQL boss Marten Mickos talks open source Why Microsoft could become one of the "biggest friends of open source" and why Oracle getting its hands on MySQL could be "one of the biggest open source coups ever"...
Naked CIO Naked CIO: Cloud computing more expensive than we thought? Smart IT leaders will examine the impact of how they pay for tech