RSA President Amit Yoran: ‘Don’t invest myopically in protection’

Traditional approaches to security “can’t keep out a focused adversary,” so the cyber industry is looking for new strategies to make systems more secure, said the president of a leading American cybersecurity company.

“We need to see a greater level of innovation,” said RSA President Amit Yoran told Kevin Greene, host of “Cybersecurity Insights & Perspectives. “We need to see new concepts, new security paradigms springing up – how should be thinking about our problems and our adversaries differently so that we can be more successful.”

He noted that tried-and-true strategies, like standing up a next-generation firewall or encouraging cyber hygiene, are still key. But for many corporations and federal agencies that face focused adversaries, detection and response are important as well.

“Prevention is absolutely critical. … We need to protect our systems,” he said. “We need to deploy forward-leaning protection measures in a Defense-in-Depth-type of strategy so that these layers of protection can really complement one another.”

He added, “The native approach that I advocate we discontinue is to invest myopically in these preventive technologies. “

At RSA, Yoran is responsible for developing the company’s strategic vision and operational execution across the business. Previously, he served as senior vice president of products, where he provided leadership for RSA’s product development and product management organizations.

Yoran founded and served as the CEO of forensic product provider NetWitness, which was acquired by RSA in 2011. In 2003 and 2004, he served as founding director of the US-CERT program. Prior to that role, Yoran was co-founder and CEO of Riptech, which was acquired by Symantec in 2002 and where he subsequently served as vice president of worldwide managed security services. Yoran is a graduate of the U.S. Military Academy at West Point and George Washington University.

Read Yoran’s thoughts about the 5 cybersecurity trends to watch for in 2016.


FedScoop’s podcast series, “Cybersecurity Insights & Perspectives,” explores the latest news and developments in cybersecurity and information assurance affecting federal agencies, featuring some of the top commercial and academic research experts in the country.

Kevin Greene has more than 17 years of cybersecurity and information assurance experience. His contributions to FedScoop represent his own views and do not reflect the positions or policies of any federal agency. Follow him at @iamkevtorious.