- Tools & Templates
- Security Jobs
- Data Protection
- Identity & Access
- Business Continuity
- Physical Security
- Security Leadership
Cheers to Coviello for 'Cyber Pearl Harbor' rebuke
I haven't always agreed with Art Coviello's take on the security industry. But I give RSA's top dog a lot of credit for shooting down one particular piece of FUD.
Truth be told, I haven't always agreed with Art Coviello's take on the security industry's future. One of the best examples came from RSA Conference 2007, when he predicted in his keynote that the stand-alone security industry would cease to exist within three years. Six years later, we've seen many security companies integrated into the larger IT providers. But there are still many stand-alone security companies.
But I give the man full credit for this: His reaction to the threat landscape has always been balanced and reasonable.
He scored some more points in my book Tuesday when, during a press event for the rollout of RSA Security Analytics, he said:
"I abhor the term Cyber Pearl Harbor. It's not security awareness we need, but a higher level of understanding. Language like 'Pearl Harbor' doesn't get us that understanding."
He added that while the outright destruction of the Internet from an attack is unlikely, "you don't need destruction to have a serious problem." In the case of banks and other businesses, the problem is the downtime caused by DDoS attacks, which translates into serious revenue losses.
That's the right message. We shouldn't be predicting outright doom and destruction, otherwise known as FUD. We should be focusing on the potential damage individual companies could face from DDoS-based downtime, and ways to mitigate the risks. In Coviello's case, the proposed solution was to buy RSA Security Analytics, the company's big push into the Big Data security market. Fair enough. The event was a product launch, after all.
In my opinion, cooler heads and lots of data will always be the best approach to managing risk. Vendor-based FUD only scares companies into buying so-called all-in-one solutions that don't really get the job done.
Having seen a lot of that in the last decade, I found Coviello's talk refreshing.
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.