SINGAPORE, July 22, 2015 /PRNewswire/ --
STORY HIGHLIGHTS
- Recognizing SE Asia's rapid
mobile and cloud technology growth and the security challenge it
represents, RSA President Yoran calls for region's organizations to
re-think their approach to cyber defense
- Yoran outlines five key principles of a next generation
approach to security based on faster detection and more effective
response
- Keynote address reaches largest audience yet at RSA Conference
Asia Pacific & Japan in Singapore
RSA CONFERENCE ASIA PACIFIC
& JAPAN
Amit Yoran, president of RSA, The
Security Division of EMC Corporation (NYSE: EMC), today issued a
call for SE Asian companies and governments to re-think their
traditional approaches to cyber defense as they increasingly turn
to mobile and cloud technologies to store and access data and
systems. Yoran addressed his comments to government and
private industry cybersecurity experts in Singapore at the RSA Conference Asia Pacific
& Japan. In his speech, Yoran discussed how the rapid
growth of mobile and cloud technologies in Asia represent a boon to the organizations and
industries of the region but also a significant threat to their
legacy security operations. As mobile and cloud technologies
decentralize organizations' digital environments, the perimeter on
which traditional cyber defenses are based is disappearing.
Despite the disappearing perimeter, Asian businesses and
businesses around the world continue to rely primarily on perimeter
protection technologies like firewalls, anti-virus, and intrusion
detection systems to prevent breaches, only to see those tools
invariably fail under the onslaught of today's advanced attacks,
Yoran said. Compounding that failure is the current practice
of relying on SIEM and other signature-based tools that require
historical experience to detect advanced threats, which oftentimes
have no precedent. This combination of antiquated
technologies and misguided practices is the root of the vast
majority of today's security failings.
Yoran asked the audience to re-think their approach to security,
using the dramatic digital evolution of Singapore Post and the
region's other postal services as an example of the level of change
required in cybersecurity. The top executive at RSA went on
to outline a new approach to security focused on faster detection
of and more effective response to cyber threats in a series of five
principles:
- Acceptance that even advanced protections are insufficient
for today's threats - "No matter how high or smart the walls,
focused adversaries will find ways over, under, around, and
through."
- Deep, pervasive visibility from the endpoint to the network
to the cloud is necessary – "The single most common and
catastrophic mistake made by security teams today is under-scoping
an incident and rushing to clean up compromised systems before
understanding the broader campaign."
- Effective management of identities matters more than
ever - "In a world with no perimeter and with fewer security
anchor points, identity and authentication matter more than ever .
. . At some point in every successful attack campaign, the abuse of
identity is a stepping stone the attackers use to impose their
will."
- Organizations must leverage external threat intelligence
- "[Threat intelligence] should be machine-readable and automated
for increased speed and leverage. It should be
operationalized into your security program and tailored to our
organization's assets and interests so that analysts can quickly
address the threats that pose the greatest risk."
- Security programs must be guided by an understanding of
risk - "You must understand what matters to your business and
what is mission critical. You have to . . . defend what's
important and defend it with everything you have."
Yoran concluded by reminding the audience that the technologies
already exist for companies to move to a more effective approach to
security focused on faster detection and response to security
threats. What is lacking is the will. "This is not a
technology problem. This is a mindset problem," Yoran said.
Additional Resources
- Download Amit Yoran's RSA
Conference Asia Pacific & Japan keynote transcript
- Watch Amit Yoran's keynote
address.
- Find keynotes videos, schedules, events and sessions at RSA
Conference Asia Pacific & Japan
- Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and
the RSA Speaking of Security Blog and Podcast.
About RSA
RSA's Intelligence Driven Security solutions help organizations
reduce the risks of operating in a digital world. Through
visibility, analysis, and action, RSA solutions give customers the
ability to detect, investigate and respond to advanced threats;
confirm and manage identities; and ultimately, help prevent IP
theft, fraud and cybercrime. For more information on RSA,
please visit www.rsa.com.
RSA and EMC are either registered trademarks or trademarks of
EMC Corporation in the United
States and/or other countries. All other company and product
names may be trademarks of their respective owners.
This release contains "forward-looking statements" as defined
under the Federal Securities Laws. Actual results could
differ materially from those projected in the forward-looking
statements as a result of certain risk factors, including but not
limited to: (i) adverse changes in general economic or market
conditions; (ii) delays or reductions in information technology
spending; (iii) the relative and varying rates of product price and
component cost declines and the volume and mixture of product and
services revenues; (iv) competitive factors, including but not
limited to pricing pressures and new product introductions; (v)
component and product quality and availability; (vi) fluctuations
in VMware, Inc.'s operating results and risks associated with
trading of VMware stock; (vii) the transition to new products, the
uncertainty of customer acceptance of new product offerings and
rapid technological and market change; (viii) risks associated with
managing the growth of our business, including risks associated
with acquisitions and investments and the challenges and costs of
integration, restructuring and achieving anticipated synergies;
(ix) the ability to attract and retain highly qualified employees;
(x) insufficient, excess or obsolete inventory; (xi) fluctuating
currency exchange rates; (xii) threats and other disruptions to our
secure data centers or networks; (xiii) our ability to protect our
proprietary technology; (xiv) war or acts of terrorism; and (xv)
other one-time events and other important factors disclosed
previously and from time to time in the filings of EMC Corporation,
the parent company of RSA, with the U.S. Securities and Exchange
Commission. EMC and RSA disclaim any obligation to update any
such forward-looking statements after the date of this release.
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/rsa-president-outlines-steps-to-bolster-cyber-defense-in-asia-and-beyond-300116805.html
SOURCE RSA