Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Why Trust Is Key for Cyber-Security Risk Management

    By
    Sean Michael Kerner
    -
    March 18, 2019
    Share
    Facebook
    Twitter
    Linkedin

      “Trust” is an often-overused term, but according to Rohit Ghai, president of RSA Security, trust is the key to understanding and managing digital risk.

      In a video interview with eWEEK, Ghai discusses his views on trust, where the concept of an artificial intelligence “digital twin” fits in and why there could well be a need to redefine industry cyber-security categories to better reflect how risk management technologies should work. He also provides insight into how RSA Security’s products, including Archer, Netwitness and SecurID, fit together to help organizations provide trust and manage risk.

      “As long as we pay attention to the idea of risk and trust co-existing and taking a risk orientation to security, I think we’ll be fine,” Ghai said. “Trust is important. We are living in an era where people are losing faith or trust in technology, and we have to act now to restore it.”

      Trust and risk aren’t just abstract terms for Ghai either, as RSA has multiple products that fit into different categories of the cyber-security industry, including SecurID for Identity and Access Management (IAM); Archer for Governance, Risk and Compliance (GRC); and Netwitness for Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA).

      Trustworthy Twins

      A challenge with identity is that it can potentially be compromised by an attacker. One potential solution to that challenge is the concept of having a trustworthy twin. With a trustworthy twin, Ghai said there is a digital twin based on machine learning that understands what the human identity’s normal behaviors are. The combination of the real human identity and the digital twin on the network creates a more trustworthy entity that can be authenticated.

      “We have an early incarnation of that in our risk engine in SecurID, where based on different factors about where you are authenticating from, we assign a level of risk,” he said. “Then based on the level of risk, we either step up or step down authentication, giving you a higher level of identity assurance.”

      The digital twin idea also factors into the RSA Netwitness platform, which is all about the Security Operations Center (SOC), where artificial intelligence will have an increasing presence in the future.

      “Humans are great at figuring out what questions to ask, and machines are great at figuring out answers,” he said. “The SOC of the future will be a digital twin, with humans and machines working together.”

      RSA Archer

      The RSA Archer GRC platform is another core component for helping to provide trust, according to Ghai. In his view, the way to measure trust is in the form of reputation.

      “I don’t trust you because you’re perfect; I trust you because I have a predictable model of how you will behave under different circumstances,” Ghai said. “Risk is a constant in the digital world, and you have to embrace risk, but if you manage it and make it more predictable, that is your pathway to trust.”

      While trust is a cornerstone for security, it doesn’t currently have its own well-defined industry analyst category in the same way that, for example, IAM, GRC and SIEM have for technology. Ghai doesn’t think that trust needs its own market category; rather, he sees trust as an orientation toward the higher order goal of improving security. A category that Ghai and RSA are thinking about is digital risk management, which is different than integrated risk management, which is a category that is tracked by analysts.

      “All customers are facing digital risk, and all of them are on the journey to their future digital state and they are seeking our help to manage digital risk,” he said. 

      Watch the full video interview with RSA President Rohit Ghai above.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×