Application Security , Artificial Intelligence & Machine Learning , Events
State of Security: Are We Moving Forward or Standing Still?
Edna Conway and Wendy Nather Discuss Cybersecurity's Past, Present and FutureIn cybersecurity, blending historical insights with modern strategies is crucial for progress. But in the age of "everything, everywhere, all at once," are we moving forward, backward or are we simply standing still? Edna Conway, CEO, EMC Advisors, and Wendy Nather, director, strategic engagements, Cisco, shared their insights on why despite years of efforts, cybersecurity faces recurring issues.
"If awareness had worked, it would have worked by now. And we think just training harder and louder is going to fix the problem. We have been doing this for 20 or 30 years! It's time to think about maybe working from false assumptions," Nather said.
But we don't always have to start from scratch. "We have folks who have specialized now … we don't always give them the opportunity to understand what has happened before in other constructs and other environments and other technology bases that could be maybe tweaked 10 degrees and would have applicability," Conway said.
In this video interview with Information Security Media Group at RSA Conference 2024, Conway and Nather also discussed:
- How harnessing AI will help organizations get to true predictive risk management;
- How SBOMs have helped in effective cybersecurity;
- Why conversations should be about business risk instead of cybersecurity in isolation.
Conway provides board and advisory services to enterprises and governments globally on technology, security, risk management and supply chain resilience. She served as chief security and risk officer for Microsoft's cloud infrastructure. Prior to Microsoft, she was chief security officer of Cisco's Global Value Chain.
Nather is a strategist, research director, former industry analyst and former CISO with more than 40 years of technical experience in IT operations and security. Her expertise spans security program management, threat intelligence, risk analysis, identity and access management and more.