After spending the week at my first RSA Conference, it’s time to provide a perspective on what I saw and learned. First, the scale of the conference, with hundreds of vendors and over 40,000 attendees speaks volumes about the security space. The market is large and growing fast, Gartner shows double digit growth in this, one of the largest areas of software and services in the IT market. Companies are bombarded with different messages and are faced with growing complexity.

I was fortunate enough to get the opportunity to help Skyport Systems demonstrate their product at the RSA conference last week. As I met with hundreds of people, there were 2 things that stood out in my week:

In my last post (http://bit.ly/1SxQcK4) I talked about the idea of adopting a model of IT systems management that matched how a hospital deals with sick patients. In this post, I’ll be detailing solutions for adopting this model in a corporate network.

Administrative credential theft, whether it is an actual systems administrator’s logon or the logon associated with an application or service with administrative credentials, is the most dangerous vulnerability on my customers' networks. This is for two reasons:

1. The tools and techniques for stealing administrator credentials are well known, highly automated and generally available to threat actors

2. Very few corporate networks were designed to mitigate this threat.