In his RSA Conference 2012 keynote address, Art Coviello, Executive Vice President of EMC and Executive Chairman of RSA, The Security Division of EMC (NYSE: EMC), called on the industry to rethink traditional methods of security – imploring security leaders, vendors and practitioners to rapidly advance security strategies beyond signature and perimeter-based defenses and to work together to develop and adopt new intelligence-based approaches to information security.
Coviello noted that up until recently, IT security has succeeded in making the internet safe enough to transform the world, but times are changing, and trust in the digital world is in jeopardy.
“New breeds of cybercriminals, hacktivists, and rogue nation states have become as adept at exploiting the vulnerabilities of our digital world as our customers have become at exploiting its value,” said Coviello. “With increased speed, agility and cunning, attackers are taking advantage of gaps in security resulting from the openness of today’s hyperconnected infrastructures and the industry’s slow response to recognize the potency of the emerging threat landscape.”
Coviello remarked that security systems must evolve from the current patchwork of controls serving up too much data and not enough intelligence to models that provide advanced monitoring capabilities, high-speed analytics and intelligent controls.
“Our mindset must shift away from playing defense and tracking meaningless individual events,” said Coviello. “We need the capability to sift through massive amounts of information lightning fast, creating predictive and pre-emptive counter-intelligence to spot the faint signals that may be all that’s visible in a sophisticated, stealthy attack.”
In his keynote, Coviello observed that the security industry has been going through “hell” over the past year with the recent epidemic of attacks. Referring to the attack on RSA in March of 2011, Coviello stated, “Never has our responsibility to you been as firmly etched in our minds. We have a sense of urgency as never before to take the lessons we learned first-hand, and the privileged insight we obtain from other attacks to use them to drive our strategy, our investments and product roadmaps. In the final analysis, we hope that the awareness from our attack will strengthen the sense of urgency and resolve of everyone.”
Coviello called for the industry to rally together to take the following actions:
· Change how we think about security. The security industry must stop thinking linearly, “…blindly adding new controls on top of failed models. We need to recognize, once and for all, that perimeter-based defenses and signature-based technologies are past their freshness dates, and acknowledge that our networks will be penetrated. We should no longer be surprised by this,” Coviello said.
· Transition to intelligence-driven security systems that are risk-based, agile, and contextual. Organizations must do a better job at evaluating risk from the inside out and the outside in – combining both broad and deep understanding of their material assets and internal environments with a wide range of external intelligence sources. Security frameworks must be based upon agile, predictive analytics and continuous monitoring. Finally, organizations need to develop systems that provide real-time access to the entirety of relevant information via advanced, Big Data-based security systems driven by the power of multi-source intelligence in order to achieve a contextual understanding of threats.
· Collaborate and Share information. The IT industry must do a better job of sharing its collective intelligence in real time “for the benefit of all,” Coviello said. This is already beginning to happen, as grassroots networks of likeminded communities are sharing security intelligence as never before.
· Train a new generation of security analyst to combat the rising tide of Advanced Attacks. The new breed of analyst must have analytical and intelligence skills, ‘big picture’ thinking, people skills, a focus on offense (not just defense), and the ability to react with speed and precision.
“We are in combat with a host of adversaries and it’s time for us to fight back with creativity and innovation,” Coviello concluded. “By doing so we can ensure that the balance of control of our digital world remains in the hands of security practitioners.”