Connect with us

Hi, what are you looking for?


Management & Strategy

A New Approach, A New Era for Security

I just got back from another year at the RSA Conference with my colleagues and peers talking about all that is new and upcoming in security.

I just got back from another year at the RSA Conference with my colleagues and peers talking about all that is new and upcoming in security. While some continue to debate the time and resources invested in conferences such as these, what cannot be discounted is the value in spending time with, and talking to, other 20+-year veterans of the industry. Though there is never a shortage of information in the security business, what can sometimes be missing is the context. These types of interactions and information exchanges are where new ideas are shaped and where new strategies are formed.

Now, whenever I am on the road attending a conference or for other types of meetings, I always try to multi-task, and meet with as many customers and partners as possible. I like to hear firsthand the issues they are struggling with and where we can provide them with the most value. I mention this because as I was meeting with several customers in advance of RSA, I noticed a pattern emerging among their commentary that carried over into the conference. While they all expressed the sentiment in different ways, they all came to the conclusion that they are tired of constantly “playing defense” with their security by preparing and waiting for the inevitable breach to happen. The prevailing thought was that while hackers are always “a step ahead” of the game, that doesn’t mean that we, as an industry, should just accept it and take a passive approach to our security.

Managing Information SecurityIt struck me that while the clear theme of last year’s RSA show was centered on security intelligence and analytics, this year the concept has evolved from simply processing events to detect when an attack is occurring towards the ability to use data to anticipate attacks and avoid them before they happen. As I walked the halls of RSA, attended several of the sessions, and spoke with long-time acquaintances about my observations, most of them concurred that it was time for a new era in security where we take on a more aggressive posture in defending our most critical data.

So what does this mean exactly? Being more aggressive shouldn’t be confused with going on the offensive. I am not of the opinion, nor was anyone I spoke with, that launching any preemptive strikes against would-be hackers is a good idea. It’s about being aware of your security posture. It’s more about not sitting back and hoping you were right when you built your security infrastructure, but rather taking an aggressive approach to testing your security processes and matching wits with those seeking to do harm.

This concept we’ve been encouraging our customers to adopt is thinking more like the attacker. The reason hackers or hacking groups are able to stay ahead of the security teams is that they are constantly scanning and probing defenses to find some type of vulnerability or security loophole that will create an opening for them to exploit. Then, when the security team is busy “playing catch-up” and plugging these holes, they’ve already moved on to the next exposure point.

By allowing the hackers to dictate the rules of engagement, security teams are put in a defensive posture. Security teams that are thinking like an attacker are constantly evaluating networks through the same lens in which the hackers analyze them for vulnerabilities, and this perspective allows them to identify and close exposures more quickly. This is the best way to close the gap between enterprise security and those working to undermine their efforts.

During RSA we heard a lot about the changing landscape of threats and how the hacking community is becoming more sophisticated and better funded every day. So naturally the debate ensued around whether keeping pace and ultimately closing the gap is a question of technology, spend or approach. We’ve already beat the spend issue to death. The reality is that enterprises are already spending to their limit when it comes to security and are looking for ways to spend smarter, not more. While changes and enhancements are certainly needed on the security front, as highlighted by recent high-profile breaches, these changes will need to be initiated through better technology and more innovative approaches.

After having spent a few days speaking with my colleagues in the industry, I feel pretty confident about where we are at in terms of technology. While software development is inevitably flawed, the advancements being made to quickly identify and close vulnerabilities are reasons to be optimistic.

Addressing security more aggressively and working to identify areas of weakness is a more sensible, and ultimately, more effective approach than working to build a “bigger wall” that you hope attackers can’t get through.

Advertisement. Scroll to continue reading.

I’ll be interested in hearing from our customers and peers at the next big industry gathering to see how this approach is working for them. To borrow a line from a movie many years ago: “to catch a thief you need to think like a thief.”

Written By

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

More People On The Move

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...