Art Coviello, the President of RSA welcomed delegates to the RSA Conference Europe 2008 by calling for a radical approach to information security and appealed to vendors to develop intelligent adaptable solutions.
“Security practitioners need to master the risk/reward equation and adapt to the changing nature of risk or be exposed to failure.” he warned.
He also said that organisations may shrink back from investment in the current economic climate but that just as experts were saying that the way out of the financial crisis is likely to be innovation then the same should be true for security.
Addressing his audience as the “best and brightest” he told them that information systems need to enable innovation and not inhibit it. According to IDC, security is likely to reach 5% of overall IT spend in 2009 but Coviello argued that businesses were spending “way too much” and in often the wrong direction.
“We are paying more but not feeling more secure as a result. There is too much spending on the wrong things. Security strategies have been driven and sold on fear and compliance issues with spending on perceived rather than genuine threats.” he said.
Coviello also appealed to vendors to develop solutions and mechanisms that last. Reflecting on the Turing theme that the organisers have given to the conference he said they needed to develop a “kind of thinking security system”.
“We need to look at the work being done on the web by Amazon and others in user behaviour data collection. Vendors need to develop behaviour and content-based solutions and technologies need to be adaptable to threats we have not yet conceived.
“The burden on the end user and the practitioners needs to be eased. Practitioners need systems that are easy to implement and maintain so that they can concentrate on policy.” he said.
The RSA Conference Europe 2008 is being held at the ExCel Centre in London from 27 – 29 October.