RSA: Businesses need 'air traffic control' style security

Speaking today at the RSA Conference in London, Coviello said the growing complexity of systems across physical, virtual and cloud infrastructures was presenting a real challenge to businesses, and they needed a single point where they could see security across their operations.

While the aviation industry uses air traffic control to reduce the danger across multiple aeroplanes, runways and airspaces, many IT departments have not yet managed to make their security match their own ever-changing technology setup, he said.

Coviello said he saw cloud as "an opportunity" to be embraced, but that businesses needed to take the right steps and ensure they had visibility across their hybrid environments.

RSA advocates a three pronged approach to security, in order to achieve more secure, compliant and manageable IT infrastructures. There needed to be a controls enforcement layer, a controls management layer and a security management layer, it says.

The controls enforcement layer needs to be the point of security detection and enforcement across the infrastructure, RSA says. It advocates many controls being embedded directly into infrastructure such as operating systems and networks, providing ubiquitous coverage without needing hundreds of point tools.