ORLANDO, Fla.--The advanced, targeted nature of cyberattacks requires security to be more resilient, and enterprises can’t abdicate that responsibility to cloud providers, Art Coviello, executive chairman of RSA, the Security Division of EMC Corp., said Wednesday.
Coviello talked about changes in technology, attack trends, and elements for building a
The massive changes in technology over the past 10 years, including the rise of social networking, have made enterprises more open than ever before and attackers are taking advantage, he said. They’re waging more targeted attacks, he said, adding that APT isn’t a security industry conspiracy to sell more products, but rather a methodology used by nation-state attackers that involves stealthy, persistent intelligence gathering over long periods of time.
Oftentimes, the attacker compromises one organization to infiltrate another, he said. The phishing emails used in the attack against RSA came from a legitimate organization known to RSA but had been compromised.
“All of us as security professionals need to change the way we think,” Coviello said. Security needs to be made resilient enough to detect attacks and mitigate damage – a responsibility cloud customers can’t hand over to their providers, he added.
The new resilient security model involves aggregating information and contextual capabilities to get better visibility, Coviello said. This visibility also includes gathering Big Data from every part of the enterprise, not just logs, to enable real-time analysis and a contextual view, he said. “Security must adopt a big data view. … The age of Big Data has arrived in security management.”
Enterprises need to make sure their cloud providers have Big Data, real-time response capabilities and monitor their ongoing compliance, Coviello said.
Reaching the goal of trust in the cloud involves security becoming logical and information-centric, automated (by building security into virtualized environments), risk based and adaptive, Coviello said.
Coviello also noted security technologies – ones that RSA provides, naturally -- that are necessary as companies move applications and infrastructure to the cloud, including identity and access management and DLP.
Building a trusted cloud will require a more mature ecosystem of providers along with a change in the enterprise security model, he said. “All of us here are responsible for building the trusted cloud.”
Earlier in his talk, Coviello said there hasn’t been a single instance in which the information stolen from RSA was used in a successful attack. “We were able to see the attack in progess and come up with mitigating steps,” he said. “Ultimately, nobody got hurt from the attack.”