Share

Top 5 Stories

News

RSA 2012: Coviello's mea culpa

28 February 2012

Looking none the worse for wear from the huge RSA data breach last year, Chairman Arthur Coviello Jr. said he and his team felt the breach “personally” and have struggled to regain the company's reputation in the security community.

The annual RSA Conference kicked off with a rousing opening that included a “documentary” about the cryptologist to French King Louis XIV and a gospel choir singing the Rolling Stones’ You Can’t Always Get What You Want” using information security-related lyrics.

Coviello then came onto the stage dressed for the occasion, wearing a sharp suit and a snappy grey tie. But his message was far from snappy and upbeat. He warned that the world is “at serious risk of failing” at the entire information security enterprise, noting that his company’s breach kicked off a year between RSA conferences in which there were “never so many high profile attacks.”

The RSA chairman admitted that the information security community, including RSA, has failed to recognize the magnitude of the cybersecurity threats and has been slow "to recognize the potency of the emerging threat landscape and our inability to ban together….We need to understand that an attack on one of us is an attack on all of us.”

Coviello said that the security industry has to stop working on new controls for failed security models. “We need to recognize once and for all that perimeter-based defenses and signature-based technologies” are no longer adequate.

“Our networks will be penetrated. We should not be surprised by this….Human nature being what it is, people will still make mistakes. Inevitably, attackers will pounce on those mistakes and exploit them”, he said.

The RSA chief stressed that the security industry has to shift its focus from defense to offense. He called on the community to develop capabilities to sift through mountains of intelligence “lightning fast” and create “predictive and preemptive counter intelligence to spot the faint signals that might be all that is visible in a sophisticated, stealthy attack.”
 

This article is featured in:
Data Loss  •  Industry News  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×