 |
| The RSA booth on the showfloor underlines the focus on digital risk. |
RSA is the do-it-yourself (DIY) for security operations, and has the technology, methodologies and supporting services to offer companies of all sizes the protection they need. Managing digital risk will be the key to success. This was one of the takeaways from a press and analyst day ahead of the RSA Conference Asia Pacific & Japan 2018.
Collaboration is important
"Security teams cannot win alone. Security is a team sport. They need contribution from IT, they need
contribution from the business," Ghai shared at the event.
Security operations must be adaptable
Security is a business conversation
"These teams are ill-prepared today to translate cybersecurity risk to business risk. We at RSA want to solve that problem, we want to enable the teaming in this world of digital risk," he said, referring to the various teams that contribute to enterprise cybersecurity, from security operations to identity access management. "It is a multifaceted challenge and a multiorganisational challenge in the industry."
RSA feels that successful digital risk management can be described with the acronym VIA, and the 'V' in VIA stands for delivering pervasive visibility. "You must see everything," Ghai said, as opposed to padlocking the front door and leaving the back door open.
'A' is about actions, especially what must be acted upon immediately. Ghai championed automated responses, because manual responses "just won't be fast enough".
"That's how you solve security in the modern digital world," Ghai concluded.
Hashtag: #RSAC
Security must be baked in from the beginning
"When you start something new, you have
to design security in, not as an afterthought," he said.
 |
| Ghai introduces the digital risk maturity continuum and how RSA views risk in cybersecurity across four focus areas: cyber incident/risk management; third party governance; data privacy risk; and digital business resiliency. |
Security operations must be adaptable
"It's about automation, it's about data
science," Ghai said.
There will never be enough talent
There will never be enough talent
"There isn't enough talent to fight the good fight," Ghai observed. This means businesses have to rely more on other aspects of cybersecurity such as the technology and processes to protect themselves.
Security is a business conversation
"These teams are ill-prepared today to translate cybersecurity risk to business risk. We at RSA want to solve that problem, we want to enable the teaming in this world of digital risk," he said, referring to the various teams that contribute to enterprise cybersecurity, from security operations to identity access management. "It is a multifaceted challenge and a multiorganisational challenge in the industry."
The risk burden is now digital
According to Ghai, the war against digital risk will be the largest proportion of risk management going forward. "It'll be more digital risk than physical risk," he said.
According to Ghai, the war against digital risk will be the largest proportion of risk management going forward. "It'll be more digital risk than physical risk," he said.
As an example he described a mining operation where physical dangers might be assumed to take centre stage. Instead, the mining company is more worried about the weaponisation of their automated trucks than about the safety of the humans working there.
"Everyone realises that digital risk is real and on the rise," he said. On the other hand, "most organisations feel ill-prepared to deal with that digital risk and they have the expectation that they'll face consequences because of digital risk," he added.RSA feels that successful digital risk management can be described with the acronym VIA, and the 'V' in VIA stands for delivering pervasive visibility. "You must see everything," Ghai said, as opposed to padlocking the front door and leaving the back door open.
'I' stands for "insights". "Data is the fuel. There's too much of
it, we can use machine learning to build insights to analyse that data and
cook it so humans who are acting on that data have machines who are
augmenting their capability," Ghai explained.
'A' is about actions, especially what must be acted upon immediately. Ghai championed automated responses, because manual responses "just won't be fast enough".
RSA now provides a unified phased approach - phased because companies could be at different places along a digital risk maturity continuum - to provide the pervasive visibility, continuous insights and action to manage digital risk or VIA to the world.
The company's portfolio, which includes omnichannel fraud prevention, advanced risk and cyberdefense services, integrated risk managment, as well as SIEM and advanced threat defense, can all be viewed within the VIA framework.
The company's portfolio, which includes omnichannel fraud prevention, advanced risk and cyberdefense services, integrated risk managment, as well as SIEM and advanced threat defense, can all be viewed within the VIA framework.
"That's how you solve security in the modern digital world," Ghai concluded.
Hashtag: #RSAC
No comments:
Post a Comment