Security is top of mind for businesses, especially with the recent reports of data and privacy breach incidents across the globe. But what should the industry do to bring about a radical change in the way these incidents are detected, controlled and prevented?
On the second day of RSA Conference 2016 being held at San Francisco from 29th February to 4th March, Amit Yoran, President, RSA urges the industry to wake up and take on the challenge of cyber-threats and security risks in his opening note, ‘The sleeper awakes’.
The 25th edition of RSA Conference expects to draw around 40,000 participants while 1000s more are expected to view it online. The event boasts over 500 vendors and includes sessions from more than 700 speakers who are thought-leaders across industries.
Yoran began his speech by painting a general overview of the current threat landscape on a global scale.
“With the emergence of IoT, our challenges around security are only going to get exponentially worse. Yet, we continue to push communications and collaboration online, pretending that anti-virus and next-gen firewalls will keep us safe. But it won’t.”
As per a recent RSA survey, around 90 percent of respondents are not satisfied with their organisational incident detection speed and capabilities.
The question that arises here is are you leading your organisation into security’s future or still clinging to the past?
He adds, “Remember, you are how you behave. The future is a new world order that place greater emphasis on monitoring and response, knowing that prevention will fail.”
The abuse of identity has become a key piece of advanced attacks, outpacing malware attacks.
“What we need today,” says the RSA President, “is comprehensive visibility. This is the building block for insightful analytics and scoping out incidents correctly.”
He further explains that the root problem the industry faces is not a technology issue.
“Our adversaries are not beating us because they have better technology but because they are being more creative, more patient and more persistent, and has virtually limitless paths to explore.”
The solution to this problem is only through nurturing a creative pool of talent. Yoran adds that claiming scarcity of talent is not something the industry should indulge in; instead he urges, “to grow and evolve the hunters you need.”
He says, “People are naturally curious. It is our job to enable and free them to chase the ‘why’ behind situations and things. Focus on powering them with tools that can fuel their curiosity. Create a culture that embraces free thinkers.”
Companies need to understand that if encryption is weakened, then the adversaries will definitely exploit it. “Security is not for the faint-hearted. The cyber-world is a dangerous place. To survive, we need to follow careful planning and preparation.”
This begins by differentiating and being unique in an organisation’s approach to cyber-risks and other security perils.