SAN FRANCISCO- RSA chairman Art Coviello, didn’t mince words during his keynote at the company’s annual security conference this year. “We need to stop wasting money on obsolete controls,” he said. “We are woefully short of the human resources to realize this vision.”
What Coviello was addressing was the old guard of security management, one that relies purely on bodies and management to handle security. The future, as with most of tech, is in the clouds.
“After years of talk, I’m happy to report something good is starting to happen here,” he said. Using big data “they’ll have what they really need to do their jobs effectively.”
Related story: HP rolling security products at RSA Conference
Coviello called for the security industry to stop neglecting analytics, something which might help predict vulnerabilities in the future.
Info-Tech Research Group analyst, James Quin, echoed this statement. In an interview he observed the message in a unique way. “What I heard this year was, ‘Oh my god the cloud’s here and we can use it to be more secure’.”
Coviello, and RSA are arguing for better implementation of analytics in security. With the cloud and big data, companies can better map their network traffic, making it easier to identify breaches because of the abnormal traffic it spawns.
Behavioral security surveillance isn’t new but it also isn’t the most adopted technology. The problem is that it takes a whole lot of infrastructure and a whole lot of manpower to make it work. Trends need to be tracked and acknowledged, data needs to be collected and then the whole thing needs to be monitored so that breaches can be detected.
Quin said that’s why it still hasn’t been widely adopted. While some companies have the manpower, and the money, to use security options like this, for small businesses, Quin said they might not even have a dedicated person for security, let alone the resources for endeavors of this kind.
Branden Williams, global CTO of marketing at RSA, also confirmed this. He said that companies should look to utilize analytics and social media data because that same data is being used in threats against them. Williams said that hackers can construct employee profiles using information shared over social networks and on the web, so companies need to use the same tactics to know what the hackers know and keep them out.
RSA is a division of EMC Inc.