Why your security system is broken: Takeaways from the RSA Conference

Last week, the themes, keynotes and messages at the 2015 RSA Conference confirmed something we’ve known for a long time: security is broken, and it needs to change. Rising inbound threats and shifting industry expectations are pulling new people and teams into these conversations, and while the general consensus is that improved risk mitigation is necessary for today’s climate, few are sure of their own next steps. This means that despite an increased awareness of security risks, some companies will continue to fall victim to attacks before actionable solutions and new behaviors can take hold.

This need for change was the primary theme throughout the conference, but it manifested in a few other top takeaways and predictions. Below are a few examples that resonated with our team.

Every company needs a holistic security approach.

The threat environment has evolved to the point where the status quo for data protection, security and compliance has changed. You need to protect data at the hardware level, while complementing these actions with user behavior auditing and endpoint security tactics.

This is not the time for caution.

Major IT and security upheavals take time for any company – time to research, plan, approve, implement, test and educate users. However, the depth of many organizations’ security issues demands radical action to reverse its effects, and the more time your organization spends on this process, the more your personal and sensitive data is at risk. Having the courage to pilot new products and ideas, and make sure any security policies are fully enforced will protect many companies in the coming months.

Get ready to improve your offensive line.

The security industry traditionally upheld a defensive mentality, grasping for innovation by building taller walls and digging deeper moats in hopes of eradicating threats. However, these measures are dictated by companies’ existing understanding of threats, leaving them unprepared for new and more sophisticated breaches and attacks. Your team needs to be data-aware and data-secure to fully assess risk potential and identify vulnerabilities that need to be addressed.

The same core problem is plaguing the entire security industry.

Most companies have no idea what data they’re storing. The ability to find information, visualize it and protect it is fundamental to increasing holistic security. This doesn’t just apply to your hardware, either. Every file, email or other segment of data that touches your employees or your intellectual property should be accounted for, and the only way to do this is to analyze and protect data at its core.

Start improving your company’s security by addressing the five reasons your CSO should be more involved with your data center.

  Like This

Perry Dickau

Former Director of Product Management for DataGravity, Perry provided guidance on product direction and development, as well as on technologies, standards, best practices, and industry trends for data governance, risk management, and compliance. He previously served as a product manager at AvePoint and holds a Bachelor of Science in electrical and computer engineering from the University of New Hampshire.