Over a million developers have joined DZone.

Live from RSA Conference 2017: Zulfikar Ramzan's Keynote

DZone's Guide to

Live from RSA Conference 2017: Zulfikar Ramzan's Keynote

The CTO of RSA, Zulfikar Ramzan, spoke at RSA's conference about the culture around security and some simple initiatives to start working on.

· Security Zone
Free Resource

Address your unique security needs at every stage of the software development life cycle. Brought to you in partnership with Synopsys.

Once John Lithgow left the stage, Zulfikar Ramzan, RSA’s CTO, took the stage to talk about business-driven security. He implored the security professionals in the room to not draw lines between departments, but instead create connections for better collaboration and enhanced security. Sounds a lot like DevOps.

Ramzan then spoke a lot about how small events can create larger ripples that have lasting impacts on society. For example, he discussed how foreign governments were able to undermine the trust in our democracy simply by attacking the DNC. This created a ripple that may or may not have swayed voters on election day. The point is, while they themselves did not change votes, their actions may have caused others to vote differently. Veracode’s CTO Chris Wysopal spoke about this issue last fall. 

Chaos theory is not just relevant in the technology world, Ramzan posited; technology amplifies its effects. The connections created by our digital world magnify the ripples and speed up the velocity at which they travel. Yet, we must embrace innovation to succeed in the digital world. And this is why we need what Ramzan calls “business-driven security” strategies. Business-driven security isn’t about how many firewall rules are in place, or how many vulnerabilities are fixed (although I think that is pretty important), it is about connecting security to the rest of the business.

How do we do this? Ramzan had four specific calls to action:

  1. Simplify what you can control, and plan for what you can’t. To start, Ramzan recommends consolidating security vendors. He suggests that having dozens of best-of-breed vendors makes it impossible to manage security.

  2. Take every opportunity to adapt and grow – as individuals and as businesses.
  3. Embrace diversity. This was another key theme I heard in several sessions. The job of the “bad guy” is easier than ours. It is easier to destroy than create or protect, and for every advance we make, the bad guys will find another way to get around it. This is why we need the brightest minds, regardless of race, gender, creed, culture and, yes, place of birth, working in cybersecurity.
  4. Be a mentor. Reach out to young students and encourage them to . We need the next generation to take this challenge on full force, and we cannot underestimate the power of mentorship.

Stay tuned for more from RSA... 

Find out how Synopsys can help you build security and quality into your SDLC and supply chain. We offer application testing and remediation expertise, guidance for structuring a software security initiative, training, and professional services for a proactive approach to application security.

rsa ,security ,conference ,culture

Published at DZone with permission of Jessica Lavery, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.


Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.


{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}