Art Coviello, the Executive Chairman of RSA, believes privacy advocates are stunting progress in the security industry and are preventing the experts from fully protecting citizens online.
Coviello aired his frustration during the opening keynote speech of RSA Conference Europe 2012, as security firms and the technology press converge on the Hilton Metropole in London this week for one of the key dates on the security calendar.
The abiding theme of the opening keynotes was the importance of moving to an ‘intelligence’ model of security rather than the traditional perimeter strategy, as both Coviello and his colleague Thomas Heiser, President of RSA, stressed the need for behaviour-based controls and a deeper understanding of attacker motives to ensure the latest security threats are dealt with effectively.
But Coviello fears the dissent of privacy advocates is slowing the development of this intelligence model. He said the persistent “cries of Big Brother” to more stringent security measures does the industry no favours, and indeed puts more people at risk.
“Privacy advocates think we should be able to endure reasonable danger to protect privacy,” he said, calling this a “dangerous reasoning”.
Adding that the “true depth of the problem remains hidden” in security discourse, Coviello called excessive opposition to new policies “insanity”, and praised the UK government’s recent calls for businesses to strengthen their network defences.
Another problem holding back development in the field was a lack of skilled professionals, said the RSA boss. He claimed the world needed around 4.25 million security professionals by 2015, yet the figure was at just 2.25 million in 2010, suggesting the industry may fall short of meeting this requirement.
RSA, the security arm of US corporation EMC, entered its conference last year a little more sheepishly, having admitted to suffering an embarrassing security breach of its own internal network at the beginning of 2011. But following on from Coviello, Heiser was keen to emphasise that in the 19 months since the attack, neither RSA nor any of its customers had suffered a breach.