“Allow, train and equip your people to track down and hunt your opponents. Let them evolve into the hunters you need.”
That’s the view of Amit Yoran, president of RSA, who kicked off RSA Conference 2016 with an opening keynote to another record crowd of cybersecurity professionals.
This year, Yoran urged the overflow crowd to step back and assess the industry’s challenge from a different perspective, calling for organisations to focus technology investments on supplementing and enhancing their security teams’ native capabilities to make them smarter, more efficient, and more scalable.
Highlighting the industry’s ongoing failure and some of the most painful security breaches of 2015, Yoran placed the blame on outdated approaches to security and a lack of alignment between technology solutions and the human problem they seek to address.
Acknowledging that organisations will never have as many cybersecurity professionals as are needed, Yoran detailed cybersecurity priorities for organisations and governments to better empower security teams to secure themselves against advanced threats.
“Organisations need to create a culture that embraces the smart creative, the free thinker, and the curious,” Yoran says.
“If your security program is focused first and foremost on compliance, then you are doing it wrong. Embrace the freedom to actively hunt for adversaries, you’ll attract the right team, and in doing so, create the right culture.”
Yoran called for organisations to focus technology investments on technologies that enhance rather than replace human creativity and problem solving.
“We need tools that give us comprehensive visibility and perspective,” he adds.
Yoran also indicated that the international public sector has an important role to play in creating policies that help rather than hinder security efforts.
“There needs to be an additional emphasis on talent development and greater alignment between the public and private sectors’ cybersecurity agenda in terms of leadership, transparency and policy development.”
Consequently, Yoran was highly critical of any proposed weakening of encryption suggesting any policy that does is severely misguided.
Yoran concluded that the security industry needs to “wake up” and think as creatively as those who founded the industry.
“Our industry was founded and built by mischievously creative, almost eccentric, pioneering ‘renegades’.”
In closing, Yoran challenged the audience with the final question; “So what are you going to do differently this year?”