A rapidly evolving threat landscape and fundamental changes in the way information is accessed and used are driving the need for a substantial overhaul of long-held security practices, industry leaders said at the launch of the RSA security conference in San Francisco.
"Our industry is ripe for a transformation," said Art Coviello, president of RSA Security, the security division of EMC. "Security has become much more about imposing limitations, and it is time for that to stop."
Rather than perimeter defences, what is needed is a more "information-centric" security model that still allows for new ways of using information, he said. The approach means making security an integral portion of the business rather than a bolt-on component. "We need to build dynamic security right into our information infrastructure. It is no longer enough to take an outside-in approach by building a fortress," he said.
Delivering the inaugural keynote address, Microsoft chairman Bill Gates urged companies to think beyond traditional "glass-house" and perimeter-centric security strategies focused largely on keeping intruders and malicious activity out of corporate networks. What is needed, he said, is a "far more powerful paradigm" that uses security as a way to secure information access, not as an impediment to access.
"People want more access" to information, and they want that access at any time, from wherever they happen to be, and via whatever device they happen to have, Gates said. "Traditional network perimeters are fading away," mandating new approaches to security, he added.