RSA 2017: Palo Alto Networks CEO, Cisco VP Call For Next Iteration Of Platform Security

As companies face increasing security challenges, they will need to move to a new platform-based security model, top executives from Cisco and Palo Alto Networks said at this week's 2017 RSA Conference in San Francisco.

This isn't the same platform security model that is being touted by most major security vendors today – it's a next evolution of that model, where the focus is on visibility, analysis and enforcement, Palo Alto Networks CEO Mark McLaughlin said in a keynote address Wednesday.

"We are going to see [the current security model] get turned on its head. I mean that from a business model perspective," McLaughlin said.

[Related: Security Leaders Call For A 'Dream Team' And Highlight The Need For Increased Industry Collaboration At RSA 2017]

Sponsored post

McLaughlin said the current state of security is too complex, too expensive, too slow to adapt to changes and has become increasingly difficult for security professionals to show a return on investment. He said companies need to adapt a "platform of the future," which leverages integration and automation, and encourages cross-vendor sharing of threat intelligence.

That "Platform 2.0" will ultimately lead to more innovation, sharing, automation, software capabilities, ease of deployment, flexibility of usage, and new consumption models, McLaughlin said.

Driving that shift are the clear signs that today's security model isn't working, McLaughlin said, evidenced by a continued onslaught of breaches, new threats and growing inconsistencies in security postures. While the threats alone are bad, McLaughlin said a bigger concern is that continued failure to address security risks will lead to distrust of technology and negate the potential benefits of innovation.

"The existing approach apparently is not going to work out. If we keep doing what we have been doing, we will have some serious and significant problems," McLaughlin said. "Or do we fundamentally rethink how security innovation is encouraged, consumed, delivered? ... I think this is the way things have to go and we are moving very quickly in this direction. It is important that these are conscious decisions and we make these conscious decisions very soon," he said.

Meanwhile, David Ulevitch, vice president of the Security Business Group at Cisco, said the only way to improve security posture is to shorten the time from a threat, to detection, to response using automation. The way to do that, he said, is to remove the silos around point solutions and turn on automation. He said the "secret weapon" to accomplishing that is the cloud, which provides unlimited hardware, compute, storage, and analytics.

"The only way we can have an effective security posture is by moving to automated security…This is about making the cloud a tool in our security toolbox to help automate our security posture … To me, the cloud is an incredible security machine that we aren’t capitalizing on today," Ulevitch said Wednesday.

Ulevitch said the cloud will also help drive security solution connectivity beyond just APIs, as it is "purpose built" to integrate solutions and then act as a management and control plane for disparate security systems.

"When attacks have unlimited attempts and try to attack us, now we have something unlimited too … and through integrations we can tie it all together. That is something powerful that gives us a huge advantage over the current state of affairs," Ulevitch said.

To get to this "platform of the future," McLaughlin said the industry needs lots of sensors to get enormous amounts of data and then the ability to enforce decisions based on that data. That will include the need for capabilities around software-defined security, plus the ability to consume lots of data, machine learning and APIs to integrate with multiple systems, he said.

McLaughlin said we will "know we have arrived" at the next iteration of platform security when there are sensor capabilities with innovative writing to the platform, when customers are using hundreds of capabilities that can just be easily turned on or off, and when companies are able to take advantage of hundreds of security vendors because the consumption model has been changed.