The Cybersecurity Industry's Big Blind SpotTom Kellermann on Why Security Leaders Need to Change Their Strategy
Today's threat actors are more focused, funded and disruptive than ever. But the cybersecurity defense industry is not built to respond appropriately, says thought leader Tom Kellermann. What are security leaders overlooking?
See Also: The Global State of Online Digital Trust
In his new role as CEO of Strategic Cyber Ventures, a cybersecurity technologies investment firm, Kellermann sees lots of new ideas. But too many of them are variations of the same theme: They are focused on developing specific tactical solutions that address only temporary problems that ultimately will morph. There is a systemic, industrywide lack of long-term vision, Kellermann says in this video interview with Information Security Media Group.
"The major cybersecurity vendors are laser-focused on maintaining their brand, their image and their cultural persona," Kellermann says. "With the exception of a few cases, that has become their albatross. Their lack of capacity to morph with the problem ... has been problematic."
In this interview at ISMG's recent Washington Fraud and Breach Prevention Summit, Kellermann discusses:
- His new role at Strategic Cyber Ventures;
- What the top attackers are doing right;
- What cybersecurity defenders are doing wrong;
Kellermann is a cyber intelligence expert, author and professor. He has worked in the highest levels of cybersecurity, having held a seat on the Commission on Cyber Security for the 44th President of the United States and served as an adviser to the International Cyber Security Protection Alliance. Before joining Strategic Cyber Ventures, he was chief cybersecurity officer at Trend Micro Inc., where he was responsible for analysis of emerging cybersecurity threats and relevant defensive technologies. Prior to Trend Micro, he served as vice president of Security for Core Security. He began his career as senior data risk management specialist for the World Bank's treasury security team, where he was responsible for cyber intelligence and security policy as he advised central banks around the world about their risk posture.