Thursday, 3 March 2016

RSA’s Amit Yoran Calls for Technologies that Enhance Analyst Hunting Capabilities


Amit Yoran, president of RSA, The Security Division of EMC kicked off RSA Conference 2016 with an opening keynote to another record crowd of cybersecurity professionals. This year, Yoran urged the overflow crowd to step back and assess the industry’s challenge from a different perspective. Yoran called for organizations to focus technology investments on supplementing and enhancing their security teams’ native capabilities to make them smarter, more efficient, and more scalable.

“Allow, train and equip your people to track down and hunt your opponents. Let them evolve into the hunters you need,” Yoran said.

Highlighting the industry’s ongoing failure and some of the most painful security breaches of 2015, Yoran placed the blame on outdated approaches to security and a lack of alignment between technology solutions and the human problem they seek to address.

Acknowledging that organizations will never have as many cybersecurity professionals as are needed, Yoran detailed cybersecurity priorities for organizations and governments to better empower security teams to secure themselves against advanced threats.

Create a Culture of Hunters

Organizations need to create a culture that embraces the smart creative, the free thinker, and the curious.  If your security program is focused first and foremost on compliance, then you are doing it wrong.  Embrace the freedom to actively hunt for adversaries, you’ll attract the right team, and in doing so, create the right culture.

Better Align Technology Investments with the Problem at Hand

Yoran called for organizations to focus their technology investments on technologies that enhance rather than replace human creativity and problem solving. We need tools that give us comprehensive visibility and perspective.

Yoran also indicated that the international public sector has an important role to play in creating policies that help rather than hinder security efforts. He called for additional emphasis on talent development and greater alignment between the public and private sectors’ cybersecurity agenda in terms of leadership, transparency and policy development. Yoran was highly critical of any proposed weakening of encryption suggesting any policy that does is severely misguided.

Yoran concluded that the security industry needs to “wake up” and think as creatively as those who founded the industry. “Our industry was founded and built by mischievously creative, almost eccentric, pioneering ‘renegades.’ He challenged the audience with the final question “So what are you going to do differently this year?”