RSA president questions government's role in cybersecurity

Amit Yoran also says the need for intelligence shouldn't slow down the use of encryption

Amit Yoran, president of RSA, speaks at the RSA Conference in San Francisco on April 21, 2015.

Amit Yoran, president of RSA, speaks at the RSA Conference in San Francisco on April 21, 2015.

The president of one of the world's biggest computer security vendors says he is skeptical that a stronger government role in cyberdefense will abate the growing number of attacks.

In an interview with IDG News Service, Amit Yoran, president of RSA, also rejected calls by U.S. intelligence chiefs for industry to tread carefully in deploying more encryption in case it cuts off their ability to eavesdrop on communications by suspected criminals.

"The government is not the answer here," he said, when asked about White House proposals for sharing of cybersecurity information. Despite the growing severity of attacks and a feeling that the government should "do something," the issue is best left to private companies, because they are the ones developing networks and the technology that defends them, he said.

"Nobody is going to say information sharing is bad, but I've yet to see what is being asked to share by whom, for what purpose, to which parties, how will it be protected, how will it be used and then what is the value proposition back for sharing information," Yoran said.

Instead, he said the government might better help by sharing some of its own threat intelligence with the private sector.

Yoran's comments might come as a surprise to some. A graduate of the U.S. military academy at West Point, he served in the Department of Homeland Security as national cybersecurity director for a year in 2003 and also helped found the Defense Department's Computer Emergency Response Team. He's been at RSA since 2011, when it acquired NetWitness, a company he started in 2006.

The proposed information-sharing hubs are part of the government's response to the devastating cyberattack on Sony Pictures Entertainment last year. Less than three months after that attack, they were proposed by President Obama at a White House Cybersummit at Stanford University in February.

As envisioned, they would feed information into a central government clearing house that would coordinate among industries and various arms of government.

U.S. industries are bombarded with thousands of attacks each day, but these usually only make headlines when a large amount of personal information is stolen. Millions of Americans experienced the result of attacks last year when they had credit and debit cards reissued in the wake of breaches at retailers such as Target and Home Depot.

Despite acknowledging that the situation seems to getting worse with regard to cyberattacks, Yoran is also firmly against the government gaining the ability to block Internet traffic.

"Do we imply that the government is going to be intercepting and blocking what they believe to be attacks?," he said. "Unless you are operating the system and you own the system and you know what it's for ... I don't see how you can have any government entity take an operational role in defending the networks themselves."

Many of these issues were at the fore last week, when industry experts gathered for the RSA Conference in San Francisco.

One of the conference speakers was Jeh Johnson, the Homeland Security Secretary, who addressed increased use of encryption in the last couple of years -- something that has been largely triggered by revelations over U.S. intelligence collection programs.

"Encryption is making it harder for your government to find criminal activity, and potential terrorist activity," said Johnson, before appealing to the crowd of security experts to "help find a solution."

But Yoran isn't persuaded.

"It's absolutely the wrong direction, he said, underlining that this was his personal view. "By every measure, the increased use of technology has made intelligence collection and surveillance far greater and more effective than it has ever been before and reduced privacy by every possible measure."

"Given how badly the security industry is being beaten by the bad guys, anything which in any way, shape or form reduces the effectiveness of protections available to network defenders is a step in the wrong direction," he said.

Yoran, who describes himself as a "pretty sensitive privacy guy" has already made a move to encryption in his personal life. He said he stopped using What's App when it was acquired by Facebook and started using Wickr, an instant messaging client that features end-to-end encryption and self-destructing messages.

Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address is

Join the CSO newsletter!

Error: Please check your email address.

Tags securitygovernmentrsa

More about Computer Emergency Response TeamFacebookHome DepotIDGNewsRSASonyStanford UniversityWest

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Martyn Williams

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts