Alan Paller, SANS Institute director of research
By far the biggest technological changes for agency CIOs in security will be:
1. The movement of security into the cloud -- extending the agency perimeter to new security operations centers inside the network providers – such as Verizon, AT&T etc. -- and encompassing the US-CERT monitoring. It will be catalyzed by the Trusted Internet Connection initiative.
2. The expanding, but still nascent, replacement of loose National Institute of Standards and Technology guidance -- unconnected with effectiveness -- with the more specific measures of effectiveness being put forward in the Consensus Audit Guidelines (John Gilligan's initiative). Those will reshape contracts and activity and will actually lower costs.
Connect with the GCN staff on Twitter @GCNtech.