All stand alone security companies will shut down or be taken over by 2010, according to RSA president Art Coviello.
Speaking today in a keynote speech at the RSA Conference 2007 in San Francisco, the executive vice president of EMC said that security will be increasingly integrated into the IT infrastructure developed by the big computer firms, such as Microsoft, IBM and Cisco. He argued that integration is essential because businesses cannot secure sensitive data with the combination of security software and hardware currently used.
"There will be no more stand alone security companies in three years," he said. "I really believe that. With the exception of some start ups, it will be the end of stand alone security solutions."
In June last year, EMC acquired RSA for around $2.1 billion to act as the information security division of the company.
"We’re victims of too much of a good thing, too much information," said Coviello. "Ninety-six percent of the world's data is created digitally today. With that torrent, is there any doubt about the immense challenge before us? You can't secure what you can't manage."
The RSA president also predicts that 200,000 virus variants will be released this year and anti-virus firms are, on average, at least two months behind tracking the malware. "Static security products are just security table stakes," he said. "Anti-virus products may soon be a waste of money. Static solutions are not enough for today’s dynamic threats."
According to Coviello, security companies shouldn’t simply try to limit access to all data, and should instead focus on ensuring that critical data is properly protected, for example by encryption.
"We haven't implemented information security. We have been securing the perimeter, the moat and castle, but not the king, and information is the king.," he said. "And like a king, information has a nasty habit of wanting to move around. The pursuit of perfect security is a waste of time. The digital world brings inherent and inextricable risk."
RSA also announced today that it has bought the Indian company, Valyd Software Private Ltd, for an undisclosed sum. The acquisition will see the Hyderabad firm join RSA’s enterprise data protection strategy, providing customers with solutions for business data protection later this year.