HP’s Role in Cyber Security & Takeaways from RSA

Last month, I gave the keynote address at the RSA Conference in San Francisco. I started my speech with an anecdote about my seven-year-old daughter’s perception of good vs. evil in “Star Wars.” This overarching theme in movies and literature is extremely relevant to what I do every day and the increased security threats we face.

We are clearly at war with bad guys — These adversaries seem to be winning. The 2012 HP Cyber Security Risk report shows that total vulnerabilities – and especially mobile vulnerabilities – are on the rise. It’s obvious that the business need for cyber security is expanding rapidly, creating more customers every day. At HP, we are taking advantage of this growing market and providing customers with cutting-edge solutions. In fact, HP’s security products experienced double digit growth in Q1 of 2013.

As we navigate this complex environment, we will continue to innovate and must help the industry adjust the way it thinks about cyber security. In my keynote, I explained that our implementation of security has become incredibly predictable due – in part – to compliance standards. It seems like we have essentially handed over a roadmap to our defenses, allowing our adversaries to attack in new ways against which we usually aren’t prepared. Additionally, it’s taking us too long to fight back. (It takes an average of 416 days to detect a security breach and the average time to resolve an attack has increased 71 percent just since 2010*).

When talking about cyber security, we also focus too much on the specific actors, whether state-sponsored, a “hacktivist” or a cyber criminal. We need to focus on the full marketplace in which these actors participate. The market organizes these actors around the market processes for breach, enabling disparate parties to collaborate. As actors specialize in this marketplace – and in order to make more money – innovation is extraordinary. This criminal ecosystem is much more efficient at creating, sharing and acting on the security intelligence than the ecosystem that exists to defend our customers. 

If we are going to improve our chances, we need to learn more about our adversaries. As Sun Tzu said, “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” Understanding our adversaries’ processes and building in security capabilities to disrupt their paths will help us defend our information. We also need to make sure our security ecosystem is as efficient at finding, creating and sharing intelligence as that of our adversaries.

There is also a New Style of IT, which promises lower costs, simplicity and speed. Driven by cloud, mobility and Big Data, it is changing how technology is consumed and delivered, and how end users engage with it. For those of us in security, not only will we need to protect this New Style of IT, but its foundations give us tools that will help us be more effective against our adversaries. 

Leveraging the scale, power and collaborative promise of cloud computing and Big Data technologies can help us to more proactively share the burden of creation and the analysis of security intelligence.  This sharing of effort will give us more resources and ability to act on this intelligence. I believe we have the potential to win this war if we work together as an industry, focus on making our intelligence actionable and balance our investments in building capabilities to disrupt the adversaries’ processes.

*Statistics from Mandiant Corporation and Ponemon Insitute research, respectively.