LONDON (10/27/2008) – Enterprises need to rethink their security spend to be more proactive and innovative, according to RSA chief executive Art Coviello.Businesses need to spend on different types of security systems to anticipate problems, said Coviello to delegates at a keynote for the RSA Europe Conference 2008.“Security practitioners need to master the risk/reward equation and adapt to the changing nature of risk or be exposed to failure” he said.Most economists and business leaders see innovation “as a way out of economic hole and the best hope for restoring business prosperity”. Similarly, innovation is required for effective security, Coviello argued. But businesses are struggling with how to strike the right balance between driving new innovations to market and instituting effective IT security practices, according to RSA chief.Instead, security and innovation need to be linked, to release the burden on end user community and provide an intuitive, seamless and transparent security systems that are easier to implement and maintain focus on policy and frameworks. “There is too much spending on the wrong things. Security strategies have been driven and sold on fear and compliance issues with spending on perceived rather than genuine threats” he said, adding that we need to move to an information-centric approach.Most security is piecemeal and static, for instance authentication systems that rely on passwords and user names.Instead, Coviello urged enterprises to look at behavior to match the sensitivity of security to the information that is being protected, apply more stringent controls to sensitive documents than to readily available information.He called on vendors to develop behavior and content-based solutions and technologies that are adaptable to threats “we have not yet conceived”.The RSA Conference Europe 2008 is being held at the ExCel Centre in London from Oct. 27 to 29. Related content feature How cybersecurity teams should prepare for geopolitical crisis spillover CISOs can anticipate and prepare for cyberattacks conducted by participants in geopolitical conflict such as the Israel/Hamas war by understanding the threat actors' motivations and goals. By Christopher Whyte Dec 05, 2023 12 mins Advanced Persistent Threats Advanced Persistent Threats Advanced Persistent Threats news analysis P2Pinfect Redis worm targets IoT with version for MIPS devices New versions of the worm include some novel approaches to infecting routers and internet-of-things devices, according to a report by Cado Security. By Lucian Constantin Dec 04, 2023 5 mins Botnets Hacker Groups Security Practices news Hackers book profit by scamming Booking.com customers Malicious elements are using Vidar infostealer to gain access to Booking.com’s management portal and defraud customers. By Gagandeep Kaur Dec 04, 2023 4 mins Cyberattacks opinion Proactive, not reactive: the path to ensuring operational resilience in cybersecurity The experience of the financial sector in dealing with threats is instructive to anyone in the cybersecurity space — there’s no substitute for getting out ahead of potential risks and problems. By Cameron Dicker Dec 04, 2023 6 mins Financial Services Industry Data and Information Security Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe