SAN FRANCISCO – Chaos is the word infosec pros might use to describe the challenges thrown at them daily. Usually they pray to avoid it.
However the chief technology officer of security firm RSA told the industry Tuesday they have to embrace and tame chaos to do their jobs.
The way to do it, Zulfikar Razman told the annual RSA Conference here, is to forge what he called a business-driven security strategy, a catch-phrase the company is increasingly using as it tries to move it from being seen as a provider of security tokens to one that offers solutions.
For example, this week it announced what it calls a Business-Driven Security architecture – a group of new or updated products — to help customers manage cyber risk and protect what matters most to the enterprise.
Infosec pros have to do three things to tame the chaos of cyber problems:
–Treat risk as a science, not a dark art. Think things through all the way to the end, then ask ‘What if …?’
While there are several risk frameworks that can be used, every organization should use a consistent and rigorous methodology to reason about risk, he said;
–Simplify what you control. Got dozens of security products? Tame chaos by consolidating vendors. Double down on those that do well and dump everyone else. “Don’t adopt a no vendor left behind policy;”
— Plan for the chaos you can’t control through an incident response plan. The plan has to include the ABCs: availability (Only leverage what you have; an IR plan can’t be a wish list); an IR budget for meeting unexpected costs; and ensuring collaboration between all departments (A crisis isn’t the time to meet the rest of the staff).
“Security isn’t just a technology problem, it’s a business problem,” Razman added. Any enterprise is a joint venture between business and security, he argued. “We can’t have the security folks on one side of the room and the entrepreneurs and everyone else on the other. This isn’t a middle school dance… people can’t be afraid to mingle.”
“Chaos creates amazing moments of truth,” he said. “Chaos forces progress that can be painful.” On the other hand “in the depths of chaos are amazing opportunistic to adapt, learn and grow. To find them we must turn to each other for clarity, advice and inspiration, which is why this conference was created, to foster connections that strengthen our abilities to meet the complex cyber security challenges of the future.”
RSA, now a division of Dell Technologies, announced
–new capabilities for the NetWitness network monitoring suite including the ability to collect data from public clouds (Amazon Web Services and Microsoft Azure) and virtual environments (VMWare virtual solutions and the Gigamon platform) to spot advanced threats;
–enhancements to the SecurID Access offerings, including the ability to buy it as a subscription service;
–a new release of RSA Fraud & Risk Intelligence Suite;
– and a new risk and cyber security consulting services practice.