RSA CONFERENCE 2022 – San Francisco – A catastrophic pandemic, an escalating war in Eastern Europe, and the Colonial Pipeline ransomware shutdown are all in their own ways recent seismic disruptions that forced external change on the cybersecurity sector.
That was the word from RSA CEO Rohit Ghai, who used the opening keynote of this year's RSA Conference to encourage cybersecurity leadership to embrace intentional transformation – with the goal of coming out on the other side of these cascading disruptions stronger and better than ever.
"Transforming security will require us to reorient our thinking," Ghai said.
To accomplish that goal, he shared three core ideas he thinks will help set the information-security community on a path that will enable it to use recent events to crystalize and transform into something better.
1. Rethinking Identity
First, Ghai suggested that a focus on user identities is the future, and figuring out how to center access on identity without traditional access mechanisms (i.e., passwords) is the way forward.
"Identity is the one constant in cybersecurity," he said. "It's time to hold a requiem for passwords."
Ghai called for the industry to focus on creating a single, decentralized, infrastructure-agnostic platform that puts control back in the hands of users.
2. Truth Matters
Next Ghai said that protecting the veracity of information is going to be a key role for cybersecurity in the coming years. Fake news and misinformation have emerged as powerful weapons to bring down institutions and more.
"What matters most is the truth, the veracity of information," he said. "Hacked brains are way more dangerous than hacked systems."
Ghai added that a disciplined application of technology is the solution to weeding out bad information, and the only real way to verify whether information is true is to authenticate its creator .
3. Convenience Shouldn't WinWhen it comes to the well-worn debate over whether security is too onerous for users to adopt, Ghai called on the industry to ditch its old "dogmas."
"We need to stop sacrificing security at the altar of convenience," he said.
The answer, Ghai said, will lie with innovators, who have the "most important role."
"Innovation grows the pie and delivers new benefits," he said.
The sector shouldn't wait for a comparable "cybersecurity pandemic" to force change, Ghai added.
"Transforming security will require us to reorient our thinking," he said.