RSA President Issues 5 Security Recommendations
After conceding that the IT security market has largely failed customers, RSA President Amit Yoran offered a five-point vision for the path forward during the RSA Security Conference in San Francisco.
After conceding that the IT security market has largely failed customers, RSA President Amit Yoran offered a five-point vision for the path forward during the RSA Security Conference in San Francisco.
Also See: Five Trends at RSA Security Conference
Yorans keynote offered these key takeaways, which RSA has now published for the broader world to digest and consider:
1. Stop Believing that Even Advanced Protections Are Sufficient. No matter how high or smart the walls, focused adversaries will find ways over, under, around, and through. Many of the advanced attacks last year did not even use malware as a primary tactic.
2. Adopt a Deep and Pervasive Level of True Visibility Everywhere from the Endpoint to the Cloud. We need pervasive and true visibility into our enterprise environments. You simply can't do security today without the visibility of both continuous full packet capture and endpoint compromise assessment visibility.
3. Identity and Authentication Matter More Than Ever. In a world with no perimeter and with fewer security anchor points, identity and authentication matter more than ever . . . At some point in [any successful attack] campaign, the abuse of identity is a stepping stone the attackers use to impose their will.
4. External Threat Intelligence Is A Core Capability: There are incredible sources for the right threat intelligence . . . [which] should be machine-readable and automated for increased speed and leverage. It should be operationalized into your security program and tailored to your organizations assets and interests so that analysts can quickly address the threats that pose the most risk.
5. Understand What Matters Most to Your Business and What is Mission Critical. You must understand what matters to your business and what is mission critical. You have to . . . defend whats important and defend it with everything you have. Yoran noted that RSA, as a company, is re-aligning to map itself to this new paradigm. As an industry, we are on a journey that will continue to evolve in the years to come through the efforts of all of us here today. He continued, We have sailed off the map, my friends. Sitting here and awaiting instructions isnt an option. And neither is what weve been doing continuing to sail on with our existing maps even though the world has changed. Yoran concluded that many technologies exist to provide true visibility, proper threat intelligence and systems that help manage digital and business risk. This is not a technology problem, he said. This is a mindset problem.
Also See: Five Trends at RSA Security Conference
Yorans keynote offered these key takeaways, which RSA has now published for the broader world to digest and consider:
1. Stop Believing that Even Advanced Protections Are Sufficient. No matter how high or smart the walls, focused adversaries will find ways over, under, around, and through. Many of the advanced attacks last year did not even use malware as a primary tactic.
2. Adopt a Deep and Pervasive Level of True Visibility Everywhere from the Endpoint to the Cloud. We need pervasive and true visibility into our enterprise environments. You simply can't do security today without the visibility of both continuous full packet capture and endpoint compromise assessment visibility.
3. Identity and Authentication Matter More Than Ever. In a world with no perimeter and with fewer security anchor points, identity and authentication matter more than ever . . . At some point in [any successful attack] campaign, the abuse of identity is a stepping stone the attackers use to impose their will.
4. External Threat Intelligence Is A Core Capability: There are incredible sources for the right threat intelligence . . . [which] should be machine-readable and automated for increased speed and leverage. It should be operationalized into your security program and tailored to your organizations assets and interests so that analysts can quickly address the threats that pose the most risk.
5. Understand What Matters Most to Your Business and What is Mission Critical. You must understand what matters to your business and what is mission critical. You have to . . . defend whats important and defend it with everything you have. Yoran noted that RSA, as a company, is re-aligning to map itself to this new paradigm. As an industry, we are on a journey that will continue to evolve in the years to come through the efforts of all of us here today. He continued, We have sailed off the map, my friends. Sitting here and awaiting instructions isnt an option. And neither is what weve been doing continuing to sail on with our existing maps even though the world has changed. Yoran concluded that many technologies exist to provide true visibility, proper threat intelligence and systems that help manage digital and business risk. This is not a technology problem, he said. This is a mindset problem.
More for you
Loading data for hdm_tax_topic #care-team-experience...