#RSAC: Netflix Exec Explains Where Infosec Pros are Going Wrong

Information security professionals need to be more open to adaptation and embrace emerging ideas to enhance overall cyber-resiliency, according to expert speakers during an opening keynote on day 1 of the virtual RSAC Conference 2021.

Jimmy Sanders, information security, Netflix DVD, and Angela Weinman, head of global governance, risk and compliance, VMware, set out three “hard truths” about the sector, and how these negative practices can be addressed. 

1. The Security Risk Picture is Out of Focus

This is a major issue, “because if you can’t accurately determine risk, it becomes difficult to rapidly recover from impacts,” explained Sanders. 

Weinman noted that the industry is not currently "managing the risk well enough,” and she cited a recent VMWare study with MIT, which showed that under half (46%) of top executives stated they were happy with how their resiliency risk plans were executed last year.

Weinman said this was as a result of security professionals being “too conservative when predicting risk impacts and necessary treatment,” emanating from their desire to be accurate. She added this was highlighted by the shift to remote working during COVID-19, where planning for critical staff to be working from home for a period of time was not enough – it needed to be for all employees.

The solution to this, according to both speakers, is to “zoom out” and look at a spectrum of impact, rather than a narrowly defined scenario. Sanders explained: “We must broaden our views and prioritize environments so we ensure that not all environments are protected and viewed the same.”

2. Legacy Security Practices Are Slowing ..

Support the originator by clicking the read the rest link below.