RSA 2012: Coviello's mea culpa

The annual RSA Conference kicked off with a rousing opening that included a “documentary” about the cryptologist to French King Louis XIV and a gospel choir singing the Rolling Stones’ You Can’t Always Get What You Want” using information security-related lyrics.

Coviello then came onto the stage dressed for the occasion, wearing a sharp suit and a snappy grey tie. But his message was far from snappy and upbeat. He warned that the world is “at serious risk of failing” at the entire information security enterprise, noting that his company’s breach kicked off a year between RSA conferences in which there were “never so many high profile attacks.”

The RSA chairman admitted that the information security community, including RSA, has failed to recognize the magnitude of the cybersecurity threats and has been slow "to recognize the potency of the emerging threat landscape and our inability to ban together….We need to understand that an attack on one of us is an attack on all of us.”

Coviello said that the security industry has to stop working on new controls for failed security models. “We need to recognize once and for all that perimeter-based defenses and signature-based technologies” are no longer adequate.

“Our networks will be penetrated. We should not be surprised by this….Human nature being what it is, people will still make mistakes. Inevitably, attackers will pounce on those mistakes and exploit them”, he said.

The RSA chief stressed that the security industry has to shift its focus from defense to offense. He called on the community to develop capabilities to sift through mountains of intelligence “lightning fast” and create “predictive and preemptive counter intelligence to spot the faint signals that might be all that is visible in a sophisticated, stealthy attack.”
 

What’s hot on Infosecurity Magazine?