New Cybersecurity Practices Need Heightened Collaboration: RSA Chief

by CXOtoday News Desk    Jul 22, 2014


RSA executive chairman Arthur W. Coviello has called for an end to cyber warfare as private enterprise is the victim of the erosion of trust between nation states struggling to agree on norms of behaviour in the digital world. Speaking at the RSA Asia Pacific & Japan conference in Singapore, Coviello stressed that the evolving threat environment exacerbated by digital interdependence, calls for new cybersecurity “norms of  behavior,”  better security measures, heightened collaboration. 

Coviello advanced recommendations for organizations to fortify their security measures across the three key areas - visibility, analysis and action. He explained the need for security organizations to develop deep visibility, beyond what traditional solutions currently deliver, to enable a better understanding into how information is being accessed and used, and to expose vulnerabilities across the enterprise.  He underscored the urgency for more advanced analysis capabilities to decipher “patterns in the noise” to detect and ultimately thwart stealthy attacks. Finally, Coviello asserted that, together, deep visibility and advanced analysis enable security organizations to take the right actions needed to actively engage in faster, more seamless defensive measures.

Coviello also stressed the mandate for new levels of cooperation and information sharing among organizations and the unprecedented layers of protection that Intelligence Driven Security strategies can bring to organizations of every type and size.  

“For too long, we have approached our interdependence with fear and trepidation,” Coviello said.  “We have viewed it as a threat to our organizations. The truth is anything but if we begin to engage with and leverage our interdependence, a world of benefits opens up for us.”

 Amit Yoran, RSA’s Senior Vice President, Unified Products, shared key insights for how to operationalize Intelligence Driven Security through a four-part Intelligence Driven Security “stack.”

He detailed a model to aid organizations in operationalizing Intelligence Driven Security. Yoran explained that when Intelligence Driven Security technologies are embedded in an organization’s security operations stack, unparalleled visibility results. Organizations are then equipped to better analyze the situation, spot anomalies and execute a plan to prevent or mitigate potential damage from cyber-attacks.

According to Yoran, the Intelligence Driven Security stack starts with policy-based authentication and identity management, access control, and governance.  Yoran outlined a 10-step roadmap designed to help guide organizations to pursue the Intelligence Driven Security strategy required to defend against advanced cyber-attacks.

“Our adversaries will continue to adapt their attack methods, faster than our traditional methods can keep up,” Yoran said. “We need to give up the losing battle and instead shift the rules of the game so we fight them on our own terms.  We can fight them more effectively, and more importantly, we can win.”