Silvano Rebai - Fotolia
This week's Risk & Repeat podcast discusses the MIT CSAIL Securing the Enterprise conference and how experts there advocated for new strategies and approaches to infosec.
Does enterprise security need to be rebuilt from the ground up or can new technologies like machine learning and artificial intelligence help fill in the holes?
Those were some of the questions raised at the Securing the Enterprise conference last week at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL). Co-sponsored by BT Security, the conference addressed the need to re-evaluate current infosec strategies and move away from the patch and pray mindset.
The cybersecurity event featured such experts as Howard Shrobe, director of Cybersecurity@CSAIL and principal research scientist at MIT CSAIL; Mark Hughes, president of BT Security; and David Clark, internet pioneer and senior research scientist at MIT CSAIL.
In his keynote, Hughes said strategies for securing the enterprise should focus on protecting core assets rather than trying to protect the entire environment. Shrobe argued against the current approach of layering security on top of inherently vulnerable systems, which he said amounted to treading water before ultimately drowning. Clark, however, said the idea of building security into software and systems from the start may not be the best answer.
Has machine learning and AI security technology lived up to the hype? Do vendors and security professionals need an entirely new approach for securing the enterprise? Is it better to redesign technology with security built in as opposed to bolting it on later? SearchSecurity editors Rob Wright and Peter Loshin discuss those questions and more in this episode of the Risk & Repeat podcast.