LONDON, Oct. 9, 2012 /PRNewswire/ --
In a joint opening keynote at RSA Conference London 2012, the top two executives at RSA®, The Security Division of EMC (NYSE: EMC), shared ideas and experiences about the critical issues affecting security organizations throughout the world – that outdated strategies, approaches and technologies are holding back security organizations from effectively protecting against rapidly evolving risks and advanced threats.
While addressing the crowd, Art Coviello, Executive Vice President for EMC and Executive Chairman of RSA attributed unbalanced security budget allocations, a shortage of skilled talent and the "perception versus reality gap" as key challenges hampering the effectiveness of security organizations.
Coviello offered an intelligence-driven security model based on a thorough understanding and reprioritization of business risk that results in risk mitigation strategies that when implemented produce threat-resistant organizations that also meet compliance mandates. This model requires agile controls based on pattern recognition and predictive analysis, and the use of big data analytics to give context to vast streams of data from numerous sources.
RSA President Tom Heiser echoed Coviello's call for an intelligence-driven security model and drew from his many discussions in 2012 with security practitioners, leading government experts, law enforcement and others in the industry to offer insights and best practices. Heiser pointed out several noteworthy examples of progress being made by organizations on the leading edge of employing a risk-based, intelligence-driven security strategy:
Heiser concluded by explaining that the progress in security may seem to be met with new challenges but in aggregate, he sees evidence that mindsets are changing. There is a clearer view of the new risks facing the industry and there is an increase and new urgency in information sharing. Finally, perimeter–centric approaches to security are being replaced by a more mature model that if done right can offer organizations confidence in their ability to defend today's open, hyper-connected and distributed digital infrastructures.
Executive Quotes from the Keynote:
Art Coviello, Executive Vice President, EMC and Executive Chairman, RSA
"The implication of these forces is that security models are not moving fast enough to make the transition from perimeter-based to intelligence-based security while adversaries become more sophisticated. Confusion about what to do abounds because of this 'perception versus reality' gap as well as an increasing spread between sophisticated and naïve organizations, largely based on the aptitude of personnel."
"In an age of openness where successful breaches are to be expected, if not inevitable, the balance of security spending must shift. Without rebalancing this spend it will become increasingly difficult, if it isn't already, for organizations to have the ability to timely detect a breach and have the capability to respond fast enough to avoid loss."
Tom Heiser, President, RSA
"One thing that's evident in my discussions with customers is that many of them do recognize the need to change their mindset and how they approach security. More companies every day are acknowledging that in order to survive in this new era of attacks we all have to accept the fact that bad guys are in our network. Period. It is a fact of life in our connected, consumerized digital world."
"Fortunately I am seeing more companies move past the knee-jerk reaction that says any form of breach is a catastrophic failure. Customers, more executives and more boards of directors are starting to understand that accepting the fact that intrusions will occur is not the same as accepting that losses of sensitive information, malicious vandalism or other harm have to occur. They are adopting new tools and new tactics to balance broad, easy access to information with agile, effective security."
Additional RSA News at RSA Conference Europe 2012:
RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.
Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA.
EMC and RSA are registered trademarks of EMC Corporation in the United States and other countries. All other products and/or services referenced are trademarks of their respective companies.
SOURCE EMC Corporation