RSA Conference opening signals change in direction

Loud music, a spectacular video presentation and an auditorium full of info sec professionals. It’s that time of the year - the opening of RSA Conference.

Each year, the opening keynote offers something a little different. This year it was actor Jane Lynch from Glee and Two and Half Men, singing (or perhaps destroying) a cybersec version of the David Bowie classic Changes. And that is the big theme of this year’s conference - change.

The real opening keynote was delivered by RSA’s new president Amit Yoran. Yoran is a very different leader to his predecessor Art Coviello. Gone are the suits and ties, replaced with jeans and windbreakers and a more casual look. But that belies his purpose.

“The technology we’re charged with protecting has accelerated out society and our civilisation to heights we could never have imagined a few decades before. The information age has been heralded with incredible computational capability… at a speed of computation that boggles the mind,” he told the packed theatre at the Moscone Center in Sa Francisco.

Walking us through some recent changes in the IT landscape he highlighted that technology is now smarter than ever before. This was a theme we caught the beginning of last year but was overwhelmed by the revelations at the time of the NSA’s actions and Edward Snowden’s leaks. It was what Yoran called the “year of the mega breach”.

“2014 was yet another reminder that we’re losing the contest,” he said. "We can neither secure nor trust the pervasive complex, and worse, end-point participants in any large or distributed committing environment”.

Yoran pointed out that IT security has been stuck in a reactive mode. And that is the real challenge - in security we haven’t been able to find what we’re looking for. Or, our assumptions about how we should do security are wrong. Despite lots of discussion about how security perimeters are no longer relevant, most security systems still work from an assumption that we start at the perimeter.

Many detection systems, says Yoran, are based on signatures and “crude’ aggregations of data. He said it’s time for us to start doing things differently. Yoran challenged the audience to look at security in new ways.

He questioned whether advanced protections really help and said focused adversaries will find heir way through almost any defence. So, while edge protection is useful, it’s not nearly as effective as it was.

Read more: A10 Networks works with RSA Security to provide enhanced interoperable threat protection capabilities

You can’t do effective security without visibility right across the enterprise with a full understanding of what systems you have, how they work together and perverse and true visibility of all the data. Otherwise you have no chance of identifying incidents. "The single greatest mistake made by security teams today is under-scoping an incident,” he says.

Identity and authentication mean more than ever before. Citing a recent Verizon report, Yoran noted that many attacks rely on stolen credentials - attackers simply walked in through the front door. By using strongly secured accounts alongside analytics that monitor how accounts are used, the risk of these breaches can be better mitigated.

There’s also a significant requirement to use external threat analysis to better understand what is happening in the world.

Yoran noted one of the “least sexy” but incredibly important actions infosec professionals need to take is to know what systems you have and to prioritise your efforts. It’s not possible to protect every single thing.

Yoran told the audience RSA is completely reengineering the business to better meet the changing needs of the world. As he put it, in the past when explorers reached the end of their maps, they needed to create new maps. In cybersecurity, we have reached the end of the map and we are in a new world. It’s time to write a new map.

Anthony Caruana travelled to RSA Conference as a guest of Symantec.

Join the CSO newsletter!

Error: Please check your email address.

Tags RSA Conference 2015symantecdata. security#RSACMoscone CenterSa FranciscoIT landscapecybersec versionLoud musicAmit Yoran

More about NSARSASymantecVerizon

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place