RSA: 'Security technology needs to be more risk-based'
The security system should be advanced so that it is risk-based, agile and have a contextual capability.
Speaking at the RSA Conference Europe, executive president Art Coviello said current conventional security technology is ineffective. He said: "While we may try, we will never keep up with individual attacks, but we can create a system to withstand certain attacks."
He said the new security technologies should be risk-based, adding: “If you have information, it is probable that you will be attacked, and most replace vulnerabilities with degrees of openness that exist in the IT environment. Intelligence on attacks encourage you to develop risk-mitigation policies and develop a governance, risk and compliance formula.”
Regarding agility, Coviello said that the current system lacks agility to thwart attacks and needs to be deployed more pervasively. Finally he said that a system must have contextual capabilities.
“Systems need to rely on more than security incident and event management (SIEM) that rely on log data; you must adapt a data view to access the entry of the malware. It is not just having it available, it must be aggregated and visual,” he said.
He concluded by saying that "the age of big data has arrived" and that moves must be made to "shrink the window of vulnerabilities".