Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

A New Approach, A New Era for Security

I just got back from another year at the RSA Conference with my colleagues and peers talking about all that is new and upcoming in security.

I just got back from another year at the RSA Conference with my colleagues and peers talking about all that is new and upcoming in security. While some continue to debate the time and resources invested in conferences such as these, what cannot be discounted is the value in spending time with, and talking to, other 20+-year veterans of the industry. Though there is never a shortage of information in the security business, what can sometimes be missing is the context. These types of interactions and information exchanges are where new ideas are shaped and where new strategies are formed.

Now, whenever I am on the road attending a conference or for other types of meetings, I always try to multi-task, and meet with as many customers and partners as possible. I like to hear firsthand the issues they are struggling with and where we can provide them with the most value. I mention this because as I was meeting with several customers in advance of RSA, I noticed a pattern emerging among their commentary that carried over into the conference. While they all expressed the sentiment in different ways, they all came to the conclusion that they are tired of constantly “playing defense” with their security by preparing and waiting for the inevitable breach to happen. The prevailing thought was that while hackers are always “a step ahead” of the game, that doesn’t mean that we, as an industry, should just accept it and take a passive approach to our security.

Managing Information SecurityIt struck me that while the clear theme of last year’s RSA show was centered on security intelligence and analytics, this year the concept has evolved from simply processing events to detect when an attack is occurring towards the ability to use data to anticipate attacks and avoid them before they happen. As I walked the halls of RSA, attended several of the sessions, and spoke with long-time acquaintances about my observations, most of them concurred that it was time for a new era in security where we take on a more aggressive posture in defending our most critical data.

So what does this mean exactly? Being more aggressive shouldn’t be confused with going on the offensive. I am not of the opinion, nor was anyone I spoke with, that launching any preemptive strikes against would-be hackers is a good idea. It’s about being aware of your security posture. It’s more about not sitting back and hoping you were right when you built your security infrastructure, but rather taking an aggressive approach to testing your security processes and matching wits with those seeking to do harm.

This concept we’ve been encouraging our customers to adopt is thinking more like the attacker. The reason hackers or hacking groups are able to stay ahead of the security teams is that they are constantly scanning and probing defenses to find some type of vulnerability or security loophole that will create an opening for them to exploit. Then, when the security team is busy “playing catch-up” and plugging these holes, they’ve already moved on to the next exposure point.

By allowing the hackers to dictate the rules of engagement, security teams are put in a defensive posture. Security teams that are thinking like an attacker are constantly evaluating networks through the same lens in which the hackers analyze them for vulnerabilities, and this perspective allows them to identify and close exposures more quickly. This is the best way to close the gap between enterprise security and those working to undermine their efforts.

During RSA we heard a lot about the changing landscape of threats and how the hacking community is becoming more sophisticated and better funded every day. So naturally the debate ensued around whether keeping pace and ultimately closing the gap is a question of technology, spend or approach. We’ve already beat the spend issue to death. The reality is that enterprises are already spending to their limit when it comes to security and are looking for ways to spend smarter, not more. While changes and enhancements are certainly needed on the security front, as highlighted by recent high-profile breaches, these changes will need to be initiated through better technology and more innovative approaches.

After having spent a few days speaking with my colleagues in the industry, I feel pretty confident about where we are at in terms of technology. While software development is inevitably flawed, the advancements being made to quickly identify and close vulnerabilities are reasons to be optimistic.

Addressing security more aggressively and working to identify areas of weakness is a more sensible, and ultimately, more effective approach than working to build a “bigger wall” that you hope attackers can’t get through.

I’ll be interested in hearing from our customers and peers at the next big industry gathering to see how this approach is working for them. To borrow a line from a movie many years ago: “to catch a thief you need to think like a thief.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.

CISO Conversations

In this edition of CISO Conversations, SecurityWeek speaks to two city CISOs, from the City of Tampa, and from Tallahassee.