A vendor that doesn’t think AI and ML will fix security? We found one!
RSA reckons crooks know predictability equals death
Machine learning and artificial intelligence will improve security technologies and outcomes, but “won’t move the needle as much as people think”, according to RSA chief technology officer Zulfikar Ramzan.
Speaking to The Register at the company’s Asian conference in Singapore today, Ramzan said that while AI and ML will doubtless help security vendors to spot more threats, good criminals know that the more predictable they are, the easier they will be to detect. They therefore go to considerable lengths to be unpredictable, with the result that it's hard to collect data of sufficient volume or quality to let ML and AI do their thing.
RSA won’t ignore AI and ML as a result, but thinks its clients will be better served if it can help organisations to understand which of their assets deserves different levels of security, based on their importance to the business.
The company likens this approach to a proactive approach to health: those of you with family histories of particular diseases are encouraged to change your lifestyle to avoid the known risks lurking in your genome. RSA wants you to set a security posture in similar ways: if you know a particular asset is attractive to criminals and a breach would make your business very ill, you'll manage your security posture accordingly.
This stuff will express itself in future RSA products. Senior veep for products Grant Geyer told The Register NetWitness suite will soon gain better analytical powers that advise users how best to protect their assets.
Among those new features will be a simplification of its UI so that newly graduated security analysts can gain more insights, an enhancement delivered in recognition of the shallow security talent pool on offer around the globe. SecureID will also change, Geyer said, adding an Azure version to go with its AWS offering and removing the need for cloudy authentication to bounce back into on-prem instances.
Hybrid authentication spanning cloud and on-prem is also on the agenda. ®