[RSAC 2022] Reframing security as innovation

By Kuksung Nam, The Readable
Jun. 9, 2022 9:16AM PDT

RSA Conference 2022 ― San Francisco ― "Imagine that someone was to break into your house and stay for nine months. It is unthinkable in the real world, but in cyber this is the problem that we are up against," said Tom Gillis during the opening keynotes at the RSA conference Monday.

The senior vice president and the general manager of VMware's networking and advanced security business group is not the only one, who is concerned about current cyber threats. Another keynote speaker, Avril Haines, the U.S. Director of National Intelligence mentioned that effective cybersecurity is becoming more difficult. The top U.S. intelligence official also stated that figuring out how to prevent intrusions into sophisticated networks is a challenge from an intelligence community perspective.

Tom Gillis, the senior vice president and the general manager of VMware's networking and advanced security business group, is delivering an opening speech at the RSA Conference on June 6, 2022. Photo by RSAC 2022

After one year of being remote, the RSA conference finally brought together cyber security professionals at the Moscone Center in San Francisco. During the opening keynotes, held on June 6, speakers expressed their concerns on the impact of cyberattacks. "Interconnectedness is something that most of us have learned to expect out of day-to-day life. What you also see is there is a fair amount of security challenges that come along with it," said Jeetu Patel, the executive vice president and general manager of security and collaboration at Cisco.

According to the global risks report issued by the World Economic Forum in January 2022, malware and ransomware attacks increased by 358% and 435% respectively in 2020. 60% of small businesses shut down within six months of a cyberattack, said Patel. Because these companies fail to have the right level of resources for cybersecurity, they are not only putting themselves in danger, but also endangering others in the same ecosystem. If one part of the supply chain is attacked, other parts will be at risk as well.

Patel emphasized that it is crucial for companies not to fall below the security poverty line. The concept, established by Cisco, states the baseline level of minimum cybersecurity posture that every company should maintain. The solution is to induce forces to join and cooperate. "Competitions are good because it makes us all better, but the real competition is not against each other," said Patel.

Rohit Ghai, the Chief Executive Officer (CEO) of RSA, stressed three ideas as a defense against evolving cyber threats. "There will be a new technology. There will be new vulnerabilities. There will be new exploits. What remains relatively constant is us, humans, and how we think and act," said Ghai in the first opening keynote. "We need to build solutions based on the one constant in cybersecurity―identity."

In addition, he cited that people should focus on what matters most in cybersecurity. In his opinion, the veracity of information is the imperative. "Hacked brains are way more dangerous than hacked systems," said Ghai. "It is imperative not to allow different versions of facts. Disinformation can destroy the very fabric of humanity."

Common sense and authenticating the creator of content still stand as powerful weapons against disinformation. Ditching dogmas is another idea the CEO pointed out. Although dogma tells people to value convenience over security, we must stop sacrificing security for convenience, said Ghai. In his opinion, security and convenience are not a zero-sum trade off. "The gluttony of convenience sometimes obscures our ability to see unintended consequences," the CEO said to the audience of cybersecurity professionals. "In cybersecurity, we need to reframe our goal as security, convenience, and innovation. Let's grow the pie, rather than debating how to cut it. We need to ditch the dogma of security or convenience."


Photos by RSAC 2022

Kuksung Nam is a cybersecurity journalist for The Readable. She covers cybersecurity issues in South Korea, including the public and private sectors. Prior to joining The Readable, she worked as a political reporter for one of the top-five local newspapers in South Korea, The Kyeongin Ilbo, where she reported several exclusive stories regarding the misconduct of local government officials. She is currently focused on issues related to anti-fraud, as well as threats and crimes in cyberspace. She is a Korean native who is fluent in English and French, and she is interested in delivering the news to a global audience.