During today’s opening keynote for the 2015 RSA Conference, delivered by RSA CEO Amit Yoran at Singapore’s Marina Bay Sands Convention Centre, the approximately 4500 delegates were told that the "old" approach to security was done. It's time to approach security from a new perspective with the old methods ineffective.
Padlock picture from Shutterstock
The five big takeaways from Yoran’s keynote were:
Advanced protections are insufficient for today’s threats
"No matter how high or smart the walls, focused adversaries will find ways over, under, around, and through."
Deep, pervasive visibility from the endpoint to the network to the cloud is necessary
"The single most common and catastrophic mistake made by security teams today is under-scoping an incident and rushing to clean up compromised systems before understanding the broader campaign."
Identity management matters more than ever
"In a world with no perimeter and with fewer security anchor points, identity and authentication matter more than ever . . . At some point in every successful attack campaign, the abuse of identity is a stepping stone the attackers use to impose their will."
Organisations must leverage external threat intelligence
"[Threat intelligence] should be machine-readable and automated for increased speed and leverage. It should be operationalized into your security program and tailored to our organization’s assets and interests so that analysts can quickly address the threats that pose the greatest risk."
Security programs must be guided by an understanding of risk
"You must understand what matters to your business and what is mission critical. You have to . . . defend what’s important and defend it with everything you have."
The author of this article travelled to Singapore to attend the RSA Conference as a guest of RSA.