During an exclusive Q and A with RSA‘s President Amit Yoran, we wanted to find out whether the infosec industry was getting better at fighting off adversaries and stemming the tide of mega-breaches and other security incidents.
Online security picture from Shutterstock
Over the last few years, security reports from several vendors have delivered two damning statistics: the time it takes between breach and detection hovers at around eight months (and has for some time) and most breaches are “detected” when a third party such as a customer, supplier of the media, report the breach.
We asked Yoran whether security vendors are doing a good job or whether the marketing hype is hiding an uncomfortable fact – either the bad guys are smarter than us or we’re incompetent.
“I’m wondering if the truth is buried into the roll-up of the statistics,” said Yoran. “I think the roll-up may tell you it’s eight and half months but I think it’s wildly different in different industries.”
As an example, Yoran cited financial services. Although breaches may happen in that sector, their focus on security and detection means the detection period of other sectors, such as health care which have traditionally been less focussed on information security.
“My intuition would tell me that if you dissect that number there’s really a tale of haves and have nots.”
Although that supposition makes sense, Yoran didn’t have data to support that intuition.
The author of this article travelled to Singapore to attend the RSA Conference as a guest of RSA.