IT professionals wishing to protect their systems from sophisticated attacks are receiving mixed messages of how to combat the problem. Their confusion is understandable, but the most important takeaway message is to not accept failure. What a difference time can make. During the period between the San Francisco and London RSA Conference events, RSA itself experienced a breach that exposed its SecurID technology, costing the company millions to replace the tokens.

With the breach acting as the elephant in the room, the initial tone set by the first two RSA keynote speakers was flat, if not serious. Their attitude showed humility. The reality: The security industry has failed us. Their guidance to the audience: Expect failure and be agile.

Is this the right attitude and message? I'm not so sure.

Read the full article at SC Magazine (US).