Vincent Goh, VP, Asia Pacific & Japan, RSA, The Security Division of EMC
Customers from across Asia thronged to the inaugural RSA Conference Asia Pacific in Singapore. The conference also served as a platform for hosting 13 government officials from ASEAN (Association of South East Asian Nations) for a round table discussion on cybercrime. This was the first time ASEAN senior officials had met with a technology vendor on this topic.
RSA’s Executive Chairman Art Coviello and Chief Information Security Officer Eddie Schwartz led the session, which focused on the changing security landscape and how governments can work closer together to battle against the rise of cybercrimes. It was a rare glimpse into a very sensitive topic, and it was great to hear that governments are joining forces to learn how to deal with this new landscape.
The strong interest shown by the ASEAN members and large turnout for RSA Conference Asia Pacific (twice what we anticipated) reinforce one thing: The deep desire and need to come together to share and learn about security in Asia Pacific. Art’s keynote address struck a chord with the audiences when he outlined how leveraging Big Data approaches to security can help make the much-needed intelligence-driven security model a reality for organizations in the face of growing and sophisticated cyber attacks.
Art also pointed out that many organizations today operate IT security models that rely heavily on traditional perimeter-based defenses, making it nearly impossible for them to anticipate or spot unknown threats. An intelligence-driven security model, on the other hand, leverages Big Data analytics for pervasive monitoring, threat information sharing, and intelligent controls and is designed to allow for more rapid detection of attacks and shortening an attacker’s dwell time within a breached enterprise.
The crowd was very interested to hear Art’s five major recommendations for security practitioners:
- Create a transformational security strategy – Practitioners must look critically at their budgets and design a plan that transitions the existing infrastructure to an intelligence-driven approach that incorporate Big Data capabilities.
- Create a shared data architecture – Due to the many sources and formats of data, create a single architecture to allow all information to be captured, indexed, normalized, analyzed, and shared.
- Migrate to Big Data controls – Migrate from point products to a unified security architecture using open and scalable Big Data tools.
- Strengthen Data Science skills – Security leaders should add data scientists or outside partners to manage the organization’s Big Data requirements.
- Leverage external threat intelligence – Augment internal analytics programs with external threat feeds from as many sources as possible to help get a composite view of threats.
Lastly, Art concluded his keynote with a call to action for governments to extend their information sharing among networks of countries to help facilitate the tracking and capture of adversaries. He also mentioned that governments should develop rules of conduct around intellectual property and create enforcement mechanisms to ensure all nations adhere and most importantly, eliminate the prospect of destructive attacks and cyber warfare.
In his 2009 RSA Conference San Francisco keynote Art had said, “If you want to go fast, go alone. If you want to go far, go together.”
Looking back, the statement could not be more true. The only way to have a shot at managing current cybercrime activities is if governments, organizations, and individuals come together to fight it as a community, before it’s too late.