While acknowledging that some elements of adaptive security are mainly theoretical in the IT arena, Weise noted that they already exist in various non-IT areas. "Predictive analytics is an element of adaptive security," he said. "For example, by looking at a person's age and health records, health insurance companies can estimate the client's lifespan."
"I see predictive analytics as a potential area that security vendors can work on to bring the industry further down the road to true adaptive security," Weise said. "This means security software can predict threats before they happen, but no one knows how to do that yet."
Weise noted however, that progress in predictive analytics has already been made in the hardware space. "For example, the CPU has to run under certain conditions like temperature or humidity because we know that it will fail if it is overheated beyond a certain number of hours," he said. "That's why cooling fans are installed."
Another example is observation of devices running on limited power supplies. "If I see any unusual changes in the device's performance, I may 'predict' that the power supply will run out in an estimated time period and hook up the device to an alternative power source before that happens," Weise said.
Weise said that Sun is doing research on adaptive security in its labs such as an 'automated self-healing' system. "When we see a threat alert coming to the system, we can automatically bring the system offline, take a forensic snapshot of the system and use it to restore the system in seconds."