Art Coviello, chief executive at RSA Security, believes that
investing in IT security measures for areas such as remote access
can bring a dual advantage for firms.
IT security has always been high on the agenda for IT directors
and chief executives, but with most company boards reining in their
spending, it has never been more important that investment in
security also brings a return.
If the RSA Conference in San Francisco earlier this month is
anything to go by, this message has started to filter through to
security suppliers. Their attention is turning very firmly towards
offering systems that save money and generate new streams of income
for businesses.
Art Coviello, president and chief executive at RSA Security, which
specialises in software security products, claimed that while the
downturn may have damaged some firms, it has also forced the rest
to become much more focused on the real needs of the businesses
they serve.
RSA, like many user companies, has grasped the efficiency nettle by
outsourcing some of its development work offshore to India and
Russia. But rather than seeing this as a symptom of cost cutting,
Coviello sees it as a strength. It is, he said, an opportunity to
supplement the firms' US expertise by drawing on a larger pool of
international talent.
"You can't be a chief executive officer and not be an optimist," he
said in an exclusive interview with Computer Weekly. "There are
tremendous productivity improvements to be gained from better
security."
Analysts believe these productivity gains will come from new
remote-access technologies that will allow companies to open up
their networks to their customers and their business
partners.
At the same time, single-sign-on technologies, currently being
developed by industry groups such as the Liberty Alliance, will
allow firms to radically cut the cost of password management and
simplify network access.
Coviello has staked his company's future on the success of remote
access technologies. He predicted they will have radical
implications for businesses.
"A just-in-time inventory becomes literally true, and offering more
products more quickly to your customers is a reality. The
importance of reducing unit costs and business costs is much
greater than before. Companies will either have to embrace this or
they will not survive."
Coviello pointed to one of RSA's customers, a US insurance company,
as an example of the way security technology can transform a
company's business processes. The company is using remote-access
software to give insurance brokers direct access to their
websites.
Once the brokers are online, the company's website can redirect
them to other insurance products that might be of interest. "They
have no reason to go to a competitor because it is much easier to
come to you. You have created a competitive advantage," he
said.
Security can be used offensively, not just defensively, Coviello
said. Single-sign-on systems mean users do not have to remember
complex passwords that are changed every month.
"Most helpdesk calls are made by people who have forgotten their
passwords, so that is a big saving. But it can also expand the
number of applications and the number of people you can have online
because you do not have to worry about who is accessing your
systems," he said.
Coviello acknowledged that businesses still have a long way to go
before they have addressed the defensive aspects of security. Good
security is a never-ending struggle, he said.
"People think they can solve problems while their businesses grow.
The number of network nodes and applications increases
exponentially every year. That means the number of vulnerabilities
increases every year."
There are signs that as the better security suppliers focus on the
need for businesses to improve the bottom line, that spending on
security is picking up. But Coviello does not expect a rapid
bounce-back.
"We had good success in the third and fourth quarters last year. We
continued that success in the first quarter this year, but it has
not been easy.
"The first clear signs of recovery you see are in activity levels.
The number of leads the industry generates has increased, but sales
cycles take from six to 18 months. I think you will see
improvements in 2003 but nothing dramatic. It will either become a
table-setting year for a robust 2004, or we will continue with a
slow gradual recovery."
www.rsasecurity.com/worldwide/uk/welcome.html
