Businesses in Asia Pacific are still relying on perimeter protection such as firewalls, anti-virus and intrusion detection systems, but these tools are failing to prevent advanced cyber attacks according to RSA president Amit Yoran.
“As mobile and cloud technologies decentralize organisations’ digital environments, the perimeter on which traditional cyber defences are based is disappearing,” he said in remarks prepared for the APAC & Japan RSA conference.
“Compounding that failure is the current practice of relying on security information and event management [SIEM] and other signature-based tools that require historical experience to detect advanced threats, which oftentimes have no precedent.
“This combination of antiquated technologies and misguided practices is the root of the vast majority of today’s security failings.”
He said that technologies already exist for companies to move to a more effective approach to security focused on faster detection and response to security threats.
“What is lacking is the will. This is not a technology problem, this is a mindset problem.”
According to Yoran, visibility from the endpoint to the network to the cloud is necessary.
He said that the most common mistake made by security teams today is under-scoping an incident and rushing to clean up compromised systems before understanding the broader problem.
In addition, security teams need to manage people’s identities.
“In a world with no perimeter and with fewer security anchor points, identity and authentication matter more than ever. At some point in every successful attack campaign, the abuse of identity is a stepping stone the attackers use to impose their will,” said Yoran.
He added that security programs must be guided by an understanding of risk.
“You must understand what matters to your business and what is mission critical. You have to defend what’s important and defend it with everything you have.”