RSA 2010: PGP president eschews easy answers

Phil Dunkelberger: Compliance and regulations do not equal security [photo © 2010 RSA Conference]

PGP president and chief executive Phil Dunkelberger has predicted that the development of enterprise cloud computing could create legal headaches as well as security issues.

Dunkelberger explained that, as companies move critical infrastructures to cloud platforms located elsewhere in the world, the customer's regulatory and compliance rules could come into conflict with those of the company hosting the cloud.

"When you go into the cloud, the way data is treated legally is different from when you go on-premise," he said.

The issue was one of several raised during Dunkelberger's keynote address at the RSA 2010 security conference.

He challenged his fellow security vendors, claiming that the industry as a whole had not done enough to win the trust of businesses, and that all vendors should up their support for standards and do more to address attacks originating from large criminal and government-supported groups.

Dunkelberger suggested that, even if vendors sort out the issues of compliance and jurisdiction, there is still much work to be done in the enterprise space.

"Compliance and regulations do not equal security," he said. "Ask anyone who has passed a PCI audit and had their data breached."