In the opening keynote of RSA Conference, Amit Yoran, President of RSA Security admitted that the challenge of technology to prevent breaches was a failing one but with advances in artificial intelligence there is a brighter future.
Calling the 2016 RSA Conference, the 25th anniversary of the annual event “the greatest conference ever”, Yoran focused on technologies in his opening keynote and how despite investment, problems still occur. Looking at the Anthem and Ashley Madison breaches, Yoran said that these stories proves cyber is not only a booming career field, but “a powerful conversation starter at home too”.
He said: “The general focus is that paradigms cannot be protected and with the emergence of IoT, our challenges are only going to get exponentially worse. Yet we push collaboration online and rely on technology like anti-virus, sandboxing, firewalls and next-generation firewalls and hope that they will keep us safe when we know that they won’t. But this is not translating into change behavior fast enough.”
Yoran referred to RSA Security’s own research that found that two-third rely on SIEM technology for detection, and said “of course we are not satisfied, prevention is a failed strategy but we only invest in that.”
Looking to the future, Yoran said that the future is in monitoring and “knowing that there will be a fail”. He also said that we need “full packet analysis on networks” as “logs are simply not enough” and “comprehensive visibility is the base block for truly insightful analytics and scoping out incidents correctly”.
Referring to the acquisition of RSA parent EMC by Dell last year, Yoran said that he had dinner with Michael Dell and the Dell President said that while Yoran did a good job of addressing the problems facing the industry, “I didn’t do it in a way to promote RSA products so please buy both of these” showing an image of RSA Security Analytics and Enterprise Compromise Assessment Tool (ECAT).
Yoran said: “I am excited that RSA has announced availability for the behavioral analytics module and how to detect and highlight sophisticated attacks not seen before. While artificial intelligence is sophisticated, it is not magic. All items can be bypassed and that is why pervasive visibility and understanding is foundational, and there is no actual magic which will save us.