RSA 2017: Special conference coverage
Reporting and analysis from IT events
SAN FRANCISCO -- Dell founder Michael Dell introduced RSA's new president, Rohit Ghai, and stood with him as Ghai...
and RSA Senior Vice President Grant Geyer laid out the blueprint for RSA's new strategy.
Ghai faces the challenge of moving RSA forward, again, barely a month after having taken the reins as RSA's third president in three years.
"We are in the fight of our digital lives, and the fight's getting tougher," Ghai said. "The bad guys are getting really good, and there's more of them, and we don't have enough trained good guys in the industry to fight on our behalf. So, clearly, we need a technology assist."
Ghai said machine learning, artificial intelligence and data science are already having a profound effect on the security industry. "But for far too long, we have kind of been on the technology treadmill and thrown technology at the problem. But the reality is all the bad guys have access to the same technology that we do, so to win this fight, it's going to take a new approach -- something different. We have to play to our advantage, our strength. And I believe that our advantage is our knowledge, our understanding of our business context."
Geyer invoked the 1986 Challenger space shuttle disaster to show that engineers are often challenged to communicate the potential for catastrophic failure to administrators, like those at NASA, who were more comfortable talking about "mission risk" and "operational risk."
"Fast-forward 30 years, and we at RSA believe that we're struggling with the same problem today when it comes to the world of cyber. You see, security teams talk in language like buffer overflows or Angler toolkits or rootkits. Yet, the business executives think about risk as something with a start date and an end date when it comes to cyber, and don't think of it as a risk like liquidity risk or supply chain risk," Geyer said.
"We believe at RSA that this situation is something we call the 'gap of grief,' where the teams are unable to talk the same language and translate the world of security incidents into the language of risk." RSA's answer is Business Driven Security, which provides a platform that can combine components from RSA, as well as third parties, "to work in concert and close the gap of grief."
The Business Driven Security initiative was first detailed in August 2016, but details of the rollout have been spotty until now.
Geyer described the four pillars of the new RSA cybersecurity architecture, starting with gaining visibility into the organizational environment through the ability to capture telemetry across that environment, whether it comes from a mainframe or a mobile device. The second pillar is "rapid insight," which involves using security analytics to "spot the needle in the stack of needles when it comes to all this data you're bringing in."
The third pillar, business context, provides tools for the prioritization of security events and response to the most critical events, especially when there may be hundreds of incidents occurring each day. Finally, the fourth pillar involves orchestration and response, because "security is a problem that can never be solved; it's a risk that must be mitigated," Geyer said.
In support of the new RSA cybersecurity initiative, RSA revealed five additional product announcements, starting with improvements to the RSA SecurID authentication service; expansion of capabilities to support security in the cloud and in virtual environments in the RSA NetWitness suite portfolio for analytics, forensics and endpoint response; RSA Fraud and Risk Intelligence suite will be a centralized console for cross-channel fraud detection; RSA Archer for faster, easier and prepackaged services for getting into risk management; and, finally, a set of services to operationalize business security capabilities to link it all together.
Ghai replaced former RSA President Amit Yoran, who was tapped to lead the company in October 2014 following the retirement of the former executive chairman of RSA and executive vice president of EMC, Art Coviello, who left in February 2014 for health reasons. Ghai had served previously in various roles in RSA's parent company, EMC, since December 2009, including COO of EMC's information intelligence group and, most recently, president of EMC's enterprise content division. Ghai was appointed president of RSA on Jan. 9, 2017.
Geyer was previously vice president of threat and risk management for Symantec, and he joined RSA as vice president for analytics after its acquisition by EMC.
Check out RSA Conference predictions and expectations
Read about RSA's multifactor authentication and SecurID products
Find out more about implementing data center best practices for security