The security industry needs a 'game changer' to effectively go on the offence, as it is being outplayed by cyber criminals.
"However, it's difficult for us to change when we're merely just trying to survive the status quo in our industry," said Christopher Young, senior vice-president and general manager of Intel Security Group, speaking during his keynote address at RSA Conference 2015 in San Francisco on Tuesday.
He said despite plenty of innovation, new products and smart people, security is still not being effectively addressed.
"We have better tools than ever, and are uncovering more and more threats. We are also better at sharing information, but in reality, we are not getting enough new insight from that information. Are we asking ourselves the right questions?"
During the keynote, Young referred to Billy Beane, the GM of the Oakland Athletics Major League Baseball (MLB) team since 1997, who introduced sabermetrics, the empirical analysis of baseball, in particular baseball statistics that measure in-game activity, to improve his team. The team went on to win 20 consecutive games.
He drew the parallel between this decision, and what the security industry should be doing, going on the offensive.
"Security practitioners need to think differently about the data points that help predict and fight breaches. Instead of wasting hours of time, tracking down alerts, professionals need to find the data that uncovers any attacks in the planning stages."
Young added that although the industry has long recognised the value of data analytics when it comes to threat intelligence, the right types of insights are not being gained from the data.
According to Young, the industry needs to think differently about the data it has. "We need to stop chasing down massive amounts of information with no purpose. We need to map specific malware to a specific campaign. It is possible to change how we look at the information that is available to us, and look at it to uncover the probable path of an attack."
Share