In a keynote address at RSA Conference Europe 2013, Art Coviello, executive VP for EMC and executive chairman of RSA, along with Amit Yoran, senior VP, unified products, RSA, outlined new approaches to enable safe and trusted digital infrastructures to help defend today's highly interconnected and open enterprises.
Coviello drew parallels between the Dutch economic history and trading innovation and what is needed in today's digital world. He also affirmed how security and privacy must be properly aligned to enable productivity opportunities in the digital economy.
By leveraging an intelligence-driven security model using Big Data and analytics technologies, Coviello explained that security professionals can derive the necessary context to better defend enterprise networks and data from sophisticated cyber attacks.
Coviello emphasised that standalone controls are siloed and one-dimensional, thereby not adding value - but that context can be developed by integrating discrete security controls and enabling them to interact with and inform each other.
He noted: "When we understand the context of people's 'normal' behavior or how information flows on our networks, we can more clearly and quickly spot even a faint signal of any impending attack or intrusion. This is what makes intelligence-driven security future-proof. It eliminates the need for prior knowledge of the attacker or their methods."
The right tools to help the industry move in this direction are now becoming available, according to the RSA executives, who also went on to assert the need for an open, responsible dialogue on security, governance and privacy. Coviello argued that both good security and trusted privacy are possible through the appropriate application of transparency and governance.
Yoran drove home the need for enterprises to adopt an intelligence-driven security model, specifically from the three vantage points of visibility, analysis and action.
1. Visibility - Organisations need to have the right level of visibility into traditional networks, endpoints and log data, but also new levels of information derived from identities, applications, assets and the data itself. Visibility becomes more complicated by the migration to mobile and cloud-based platforms and services.
2. Analysis - Visibility and advanced analytics must come together to deliver meaningful insight for decision-making. Increasingly, decisions are not a binary process but instead must be analyzed from multiple perspectives and use cases to achieve larger organization and business goals.
3. Action - Organisations must be able to respond with agility and speed to the insights that greater visibility and analysis afford us. This requires an efficient method for event management and a dynamic ability to adjust security controls across a diverse set of proactive layers and capabilities. Identification of a threat should flow seamlessly into response and remediation. Derived insight must transform into action.
Yoran explained that capturing visibility, analysis and action in a technology platform results in operational intelligence working seamlessly across security management, controls and governance, risk and compliance, and one that can unleash the full power of an intelligence-driven security approach.
He added: "Security and privacy can be successfully aligned within a framework of transparency and good governance. An intelligence-driven security model built on tools and capabilities that provide context through analytics can help organizations protect individual privacy, customer data and intellectual property."