Just six months after his appointment as president of EMC subsidiary RSA, Amit Yoran had big shoes to fill in his opening keynote at the RSA Conference on Tuesday morning — his first since replacing longtime RSA chief Art Covellio.
Yoran proved a rousing speaker in his debut, diagnosing the central failing of today’s security industry as a “mindset” problem rather than a technology gap. But specifics were somewhat lacking in the talk, titled “Escaping Security’s Dark Ages.”
“Our industry has adopted a defensive mindset that very much mimics the Dark Ages,” said Yoran from the stage at San Francisco’s Moscone Center. “But taller walls are not solving our problem.”
In place of the perimeter security mindset, Yoran called for more agile incident response and information sharing practices.
“The single greatest mistake made by security teams today is underscoping incidents and rushing to respond” without properly understanding the nature of an attack, he said.
As expected, Yoran called for standards-setting in threat intelligence and for the sharing of vulnerability and incident data.
“For god’s sake, do away with PDF and email sharing of threat intelligence,” he said, calling for standardized use of a machine-readable format for rapid dissemination and analysis.
Responses to Yoran’s debut were mostly positive:
Inspiring keynote from Amit Yoran at #RSAC. There is no such thing as blasphemy in InfoSec.
— Edward Clower (@ParanoidSkeptic) April 21, 2015
Though others were more lukewarm:
And Yoran is done. Some good points re: not rushing IR, adv protections don’t often work, etc. Hardly a home run; a double at best #rsac
— Eric Parizo (@EricParizo) April 21, 2015