Explore more publications!
Technology Times Somalia
Got News to Share?

An Open Letter to Security Leaders Ahead of RSA

To security leaders, CISOs, board members, and technology executives preparing for RSA: Let’s discuss our strategy

STAMFORD, Conn., March 23, 2026 (GLOBE NEWSWIRE) -- David Stonehill, NetLib Security CTO, issues the following open letter:

Over nearly two decades, the industry has focused on detection. We’ve sought faster alerts, better dashboards, more telemetry, and smarter analytics. We’ve utilized AI to minimize response times and bring us new insights. On the surface, it seems like we’re doing the right things.

Yet breaches are larger, faster, and more dangerous than ever before.

The uncomfortable truth is this: We are very good at detecting compromise. However, we have not been equally disciplined in preventing its consequences.

Artificial intelligence has transformed intrusion by shortening attack timelines and making it easier for adversaries to breach systems. Ironically, it has made compromise scalable.

In that environment, detection speed is not the key control. The outcome is. If attackers gain access, which statistically they will, is the data they exfiltrate usable?

The answer is, if that data has value, then the breach is a success, regardless of how quickly you detect it. If it is encrypted and controlled centrally, however, the economic impact shifts. That distinction is now practical.

For years, encryption has been viewed as a compliance requirement. It was just a checkbox, a line in an audit, or an extra feature layered onto existing systems. That mindset is outdated. Encryption must be foundational. It should be required, governed centrally, and treated as infrastructure, not as insurance.

Too often, after a breach, consumers get a notification letter and an offer for one year of free credit monitoring. That is not protection; it’s a band-aid. The industry’s job is not to respond more elegantly to exposure. It is to lower the chances that exposed data can be exploited in the first place.

Layered security is important, as is detection, and response time. But layers that do not change the eventual outcome are incomplete.

RSA will showcase incredible innovation this year. AI-driven defenses will be prominent. They should be. But as we come together, we should also ask a tough question: Are we building better alarms, or are we building systems where stolen data is worthless?

This is not a dismissal of detection-first strategies. It recognizes that in the AI era, detection alone is not enough. Breaches may be unavoidable, but catastrophic data exposure is not.

Encryption is not optional. It never was.

David Stonehill

CTO, NetLib Security


press@netlibsecurity.com

Primary Logo

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Share us

on your social networks:
Facebook Facebook LinkedIn LinkedIn
AGPs

Get the latest news on this topic.

SIGN UP FOR FREE TODAY

No Thanks

By signing to this email alert, you
agree to our Terms & Conditions