Security investments and priorities are a tricky thing to nail down, given that threats are constantly shifting, but one security precaution could be going the way of the dodo bird.
Michael Daly, deputy CISO at Raytheon Co., tells me the buzz at shows and security groups is about getting rid of some security measures — in particular, endpoint security tools, and possibly even staff.
The reasoning, he said, is that security for endpoint devices has become automated enough that endpoints don’t necessarily require some of the tools and people of yore to run effectively.
“An organization may have been staffed up in order to go through patching. Now everyone has patching automated, so I think people are asking, ‘Do we still need this many people, or do we have enough [automated] procedures now to get things done with [fewer] people?’” Daly said. For instance, “Maybe it turns out Microsoft has gotten better with Windows 7. You still need desktop [antivirus], but all these other things — insider threat tools, automated patching tools — are taking care of things, so, what can we give up?”
Then there’s the high interest in desktop virtualization, which essentially removes the data from the endpoint. Some experts, however, argue that virtualization should not be used as a security precaution, but that’s an issue we’ll explore in another story.