Cybersecurity not just an IT problem anymore: Business leaders step up

akshay-bhargava-rsa-live-2017

Cyberattacks are becoming increasingly sophisticated and more prevalent, with every type of organization needing to not only protect itself from intrusion, but employing intelligence, automation and identity solutions as the cornerstones of their security operations.

“Security has become a very relevant and pervasive topic across business leaders, across government leaders around the world,” Akshay Bhargava (pictured), vice president of Oracle Cloud security, said in an interview on theCUBE, SiliconANGLE Media Inc.’s video studio in Palo Alto, California. “It’s a CEO conversation, it’s a board conversation and it’s a presidential conversation.”

Bhargava spoke Wednesday with John Furrier (@furrier), host of theCUBE, about the security landscape and how the industry is combating cyberwarfare, as part of a series of interviews around the RSA Conference this week in San Francisco.

The focus of this year’s conference is the advancing sophistication of the types of attacks the industry is seeing. Bhargava detailed the new technologies, such as cloud, artificial intelligence and mobile, and how the first adopters are attackers who are taking advantage of these new technologies to strengthen their techniques, tools and procedures.

The challenges facing the cybersecurity industry

Encryption has been the standard security method for most organizations. And while encryption is an essential part of an organization’s overall security protocol, Bhargava noted that parts of the infrastructure, such as defense-in-depth architecture and security at every layer of the stack, needs protection that encryption will not afford.

More challenging is the fact that most companies cannot even turn on security for several key reasons. It is cost-prohibitive and impacts performance. However, technology is not the only factor at play.

“You talk about the technology side, but if you talk about the people side, one of the positions that is significantly understaffed today is cybersecurity professionals,” said Bhargava. Pointing to a recent study, he indicated that there are over 1 million jobs opening for cybersecurity professionals, and 66 percent will go unfilled. “There is not enough talent to fill those jobs, so there is a huge gap to fill those jobs,” he added.

Many companies are coming together to share intelligence to improve security. Bhargava said that understanding whom the attackers are, correlating that information and providing response solutions is helping to democratize security intelligence and share it effectively. But while intelligence sharing is effective and important, “there will always be new threats, and those techniques are not going to be sufficient for every type of attack,” he added.

The most advanced attackers are persistent and well-funded, and they will find a way in, according to Bhargava. He pointed out that most security investigations identify breaches, but what remains unknown is if the attacker has stolen data yet.

He also talked about how the playing field has broadened, as he defined the user as the new perimeter due to mobile and cloud. He finds opportunity using identity solutions as a way to help security operations centers “revving up their game” to stay on the same pace as attackers.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference 2017.

Photo by SiliconANGLE