The Latest RSA News
Product and Solution Information, Press Releases, Announcements

Tuesday, October 11, 2011 - Executives of RSA, The Security Division of EMC (NYSE: EMC) today advised security professionals that the new fact of life for IT organizations is a state of persistent, dynamic, intelligent threats in which it is no longer a matter of if an organization will be compromised, but more likely when and how. The key to combating these threats, they say, is to recognize the different tactics and tools used in these advanced attacks and automate the response of controls to defend information assets, isolate compromised elements of the infrastructure and ensure that network compromise does not lead to damage to the business.

In a joint keynote address, Art Coviello, Executive Vice President for EMC and Executive Chairman of RSA, and Tom Heiser, President of RSA, discussed the evolving threat landscape and urged organizations to create advanced security systems capable of defending against these new threats and agile enough to meet the advanced challenges of today's hyper-extended enterprise.

"2011 has been quite a year for us and for anyone on the security side of IT," said Art Coviello during his keynote address. "It's been a year of headline grabbing attacks across every corner of the world. Organizations are defending themselves with the information security equivalent of the Maginot Line as their adversaries easily outflank perimeter defenses.  People are the new perimeter contending with zero-day malware delivered through spear-phishing attacks that are invisible to traditional perimeter-based security defenses such as Anti Virus and Intrusion Detection Systems. Clearly conventional security is either not effective or not enough. The threat landscape is evolving and our security systems must change to outpace our adversaries."

To defend against advanced threats, security programs must evolve to be risk-based, agile and contextual.

Risk-based – Risk is a function of the threat landscape, including understanding an organization's adversaries and capabilities compared with the relative security exposure of the organization's information assets. Intelligence about your potential attackers and most valuable assets shows you where to focus your efforts, such as what systems to protect and what users to closely monitor.

Agile – The threat landscape will continue to evolve, and a successful outcome requires that organizations have the agility to process, incorporate and analyze new sources of internal and external intelligence - on the fly. Automation is absolutely essential for security to work at the speed and scale of the networks and cyber threats we face.

Contextual – Incident response, investigation and remediation are most effective when a security event is delivered with complete context around it. The success of prioritizing and decision-making is dependent on having the best information available. Organizations must adopt a "big data" view of information security in which their security teams have real-time access to the entirety of information relevant to the detection of security problems. Big data combined with high-speed analytics provides  the contextual view needed to defend against advanced threats.

RSA President Tom Heiser conveyed 'Lessons Learned' from the attack on RSA, and from an insider's vantage point, offered specific advice on what organizations can do to help harden their defenses and adapt appropriately to the evolving threats. He advised, "Sophisticated attackers know traditional security controls and are adapting and changing tactics… determined to find exploits in complex, rapidly evolving IT environments and through people."

Heiser closed his remarks by offering five categories of forward-leaning practices for getting ahead of advanced cyber threats:

• Re-visit your view of risk -- Conduct a risk assessment to identify your high value / high risk information assets, looking at things from an opponent's perspective, and with an eye to real, not theoretical, opponents.
• Re-think zero-day malware protection – don't stop using traditional anti-virus tools, but recognize that they alone will not be sufficient against customized attacks.
• Deploy security and network forensics capabilities for continuous monitoring, for deeper awareness and analysis of network traffic (this is different from traditional intrusion detection, which is past its freshness).
• Harden authentication and tighten access control.
• Increase user and executive education and communication – the human dimension is as important as the tools you deploy.

Additional News from RSA

• The company also announced the availability of RSA NetWitness Spectrum, a state-of-the-art malware analytical workbench that revolutionizes the identification and analysis of zero-day malware. Conference delegates can see the new capabilities in booth #D1.
• RSA is also offering software developers the capability to build in additional layers of security and access control into mobile applications for the leading mobile application platforms through the integration of RSA's award-winning RSA SecurID and RSA Adaptive Authentication solutions. By extending strong and risk-based authentication controls to mobile, developers of mobile applications for business, banking and data access can help increase security and confidence in their mobile products.

Over the course of the two-day conference, RSA executives will also share their perspectives in six sessions covering: Advanced Persistent Threats, PKI in the cloud, securing the Smart Grid, managing compliance from cloud service providers, characteristics of zero-day and targeted malware and an interactive session on dissecting a popular Trojan.