Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Is security really stuck in the Dark Ages?

Taylor Armerding | May 25, 2015
Amit Yoran’s colleagues didn’t agree with everything the RSA President said at his keynote last month. But most say he got the essentials right – things are bad and getting worse, and the industry needs a new mindset.

Anit Yoran

It had to be a bit of a jolt for more than 500 exhibitors and thousands of attendees at RSA Conference 2015 last month, all pushing, promoting and inspecting the latest and greatest in digital security technology: The theme of RSA President Amit Yoran's opening keynote was that they are all stuck in the Dark Ages.

To make the point "visually," Yoran even spent his first minute or so on stage speaking in pitch darkness, "stumbling around," backed by the sound of an ominous, moaning wind.

This, he insisted, was an apt metaphor, "for anyone trying to protect and defend a digital infrastructure today. Every alert that pops up is like a bump in the night," he said. "Often we don't have enough context to realize which ones really matter and which ones we can ignore."

It is easy to make the case statistically. The Identity Theft Resource Center reported in January that there were 738 data breaches in 2014, up 25% from the prior year.

Or, as Yoran put it, 2014 was, "yet another year of the breach. Or, have we agreed to call it the year of the mega breach? That might connote that things are getting worse, not better," he said, adding sardonically that 2015 is likely to become, "the year of the super-mega breach. At this pace we are soon going to run out of adjectives."

That, he contended, is because the defensive mindset of Internet security today is "fundamentally broken ... (and) very much mimics the Dark Ages. We're simply building taller castle walls and digging deeper moats."

All of which may have sounded a bit insulting to hundreds of vendors and experts who have been saying for years that "the perimeter is dead." Or, that, "it's not a question of if you've been breached, but when." Or, that intruders are quite likely inside your organization right now, and that a stronger perimeter will do nothing to eliminate them.

Indeed, many of them were there promoting solutions to detect and respond to insider threats.

But Yoran insisted that the rhetoric is not matched by actions. "We say we know the perimeter is dead, we say we know the adversary is on the inside, but we aren't changing how we operate," he said.

In an email interview this week, Yoran acknowledged that the industry is beginning to move in the direction of monitoring and response, but said, "today's reality" is that, "by every measure, a vast, supermajority of security expenditures focus on prevention."

Citing his military training at West Point, he said in his keynote that the security industry is trying to use "maps" that no longer apply to the current threat landscape.

 

1  2  3  4  Next Page 

Sign up for MIS Asia eNewsletters.