Coviello said he is concerned enterprises have not learnt from RSA’s mistakes, after an attack compromised its SecurID tokens, when it comes to cloud integration. “As much as I’ve preached for three or four years that we have an opportunity to get it right this time by building security as we virtualise our environments and go to cloud, it just isn’t happening. We’re making the same mistakes all over again,” Coviello said.
The problem is that businesses crave the functionality and savings of virtualisation and cloud at the expense of security, Caviello said. “It’s just unfortunately the way the world works sometimes, that people want to get the benefits of a new technology wave and don’t always think through all the security ramifications,” he added. Caviello said he worries that the urgency of enterprises to beat competition is coming at the expense of vital security.
“You would like to think that people would come to these conclusions and act on them more quickly. But there’s such competition – whether it’s budget, whether it’s business initiative, whether it’s overhauling their own infrastructure, whether it’s this crazy economy we’re working with – it never goes as fast as you think it should or could,” he said.