Security model is failing, claim RSA speakers

Technology leaders at the RSA Conference in San Francisco have said that security needs to change - but exactly how was up for some debate.

The current security model isn't working, according to technology leaders speaking at the RSA Conference in San Francisco.

While keynote speakers agreed on that point, what's to be done about it remained a topic of much debate.

Symantec's new chief executive Enrique Salem, who took the company's reins on 4 April, called for security managers to "operationalise" their efforts by creating "a bridge between day-to-day operations and security departments" to create shared plans and goals.

Advertisement - Article continues below

"We know that the most effective programs are those that bring together security, storage, and systems management to automate the repetitive tasks that consume most of your time," he noted.

"When you bring together these areas, it's possible to be more proactive and policy-driven."

Microsoft's corporate vice president for trustworthy computing Scott Charney insisted that it's time for hardware vendors to recognise their role in maintaining security.

Trust is crucial to continued growth on the internet, he said, and "we have to root trust in hardware, because it's less malleable than software." That requires collaboration and cooperation across the board software and hardware vendors, consumers, enterprises, and society as a whole.

"We need to have alignment," he said. "We need alignment between social forces, economic forces, political forces, and IT. Too often the information technology community has a solution, but they can't figure out how to monetise it or it's not acceptable for some other reason."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"Too often the politicians may have an objective, a worthy one like protecting children online, but the technology is not supportive and it has too many unintended consequences," he added. "Too often good ideas fail because the alignment isn't there."

What Charney referred to as "alignment," others called standardisation.

Art Coviello, executive vice president of EMC and president of the company's security division RSA, warned that cyber criminals are evolving faster than the industry intended to stop them. With new malware and cyber-attacks arising daily, the security industry needs to develop an ecosystem to support the strengths of every player.

"Security cannot be solved by products from a single vendor," he said. "It must be solved by the vendor community, what I call inventive collaboration. It's about taking expertise of one technology organisation and interweaving it with another."

To start things off, Coviello said he would make more of RSA's tools and research publicly available. "We need to be far faster and flexible than cybercriminals," he said. "We need a common development process to support risk management."

Advertisement - Article continues below

Part of the problem, Symantec's Salem noted, is that virtualisation and cloud computing are separating information from the infrastructure and hardware that once protected it. Where security once required blocking threats to hardware, modern security requires tracking where information goes, who is manipulating it and how to move bits quickly and securely between various systems.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354801/dell-sells-rsa-security-business-to-private
mergers and acquisitions

Dell sells RSA security business to private equity firm

19 Feb 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Most Popular

Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/mobile/mobile-phones/355088/apple-lifts-iphone-purchase-restrictions
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020