Even advanced protections can be insufficient: RSA CEO

|July 24, 2015 0
'Threat intelligence should be machine-readable and automated for increased speed and leverage'

SINGAPORE: South East Asian companies and governments should re-think on their traditional approaches to cyber defense as they increasingly turn to mobile and cloud technologies to store and access data and systems, suggests Amit Yoran, president of RSA, The Security Division of EMC Corporation.

As mobile and cloud technologies decentralize organizations’ digital environments, the perimeter on which traditional cyber defenses is disappearing, he points out point out that the security landscape today is highly complex and sophisticated and organizations are struggling to figure out who’s who and provide information access to users who are supposed to have access to that information.

Yoran reminded the audience at the RSA 2015 Asia Pacific & Japan event that the technologies already exist for companies to move to a more effective approach to security focused on faster detection and response to security threats. “What is lacking is the will. This is not a technology problem. This is a mindset problem,” he concluded.

___________________________________________________________________________________________________________

The RSA president while stating that the advanced protections are insufficient for today’s threats suggest a few important security  tips for organizations. They are as follows;

Advanced protections are insufficient
“No matter how high or smart the walls, focused adversaries will find ways over, under, around, and through.”

Deep, pervasive visibility from the endpoint to the network to the cloud is necessary.
“The single most common and catastrophic mistake made by security teams today is under-scoping an incident and rushing to clean up compromised systems before understanding the broader campaign.”
Identity management matters more than ever
“In a world with no perimeter and with fewer security anchor points, identity and authentication matter more than ever . . . At some point in every successful attack campaign, the abuse of identity is a stepping stone the attackers use to impose their will.”
Organizations must leverage external threat intelligence
“[Threat intelligence] should be machine-readable and automated for increased speed and leverage. It should be operationalized into your security program and tailored to our organization’s assets and interests so that analysts can quickly address the threats that pose the greatest risk.”

Security programs must be guided by an understanding of risk
“You must understand what matters to your business and what is mission critical. You have to . . . defend what’s important and defend it with everything you have.”

No Comments so fars

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.