The Latest VMware News
Product and Solution Information, Press Releases, Announcements
|RSA Executives Call for New Approach to Security|
|Posted: Tue Oct 11, 2011 04:15:54 PM|
Tuesday, October 11, 2011 - Executives of RSA, The Security Division of EMC (NYSE: EMC) today advised security professionals that the new fact of life for IT organizations is a state of persistent, dynamic, intelligent threats in which it is no longer a matter of if an organization will be compromised, but more likely when and how. The key to combating these threats, they say, is to recognize the different tactics and tools used in these advanced attacks and automate the response of controls to defend information assets, isolate compromised elements of the infrastructure and ensure that network compromise does not lead to damage to the business.
In a joint keynote address, Art Coviello, Executive Vice President for EMC and Executive Chairman of RSA, and Tom Heiser, President of RSA, discussed the evolving threat landscape and urged organizations to create advanced security systems capable of defending against these new threats and agile enough to meet the advanced challenges of today's hyper-extended enterprise.
"2011 has been quite a year for us and for anyone on the security side of IT," said Art Coviello during his keynote address. "It's been a year of headline grabbing attacks across every corner of the world. Organizations are defending themselves with the information security equivalent of the Maginot Line as their adversaries easily outflank perimeter defenses. People are the new perimeter contending with zero-day malware delivered through spear-phishing attacks that are invisible to traditional perimeter-based security defenses such as Anti Virus and Intrusion Detection Systems. Clearly conventional security is either not effective or not enough. The threat landscape is evolving and our security systems must change to outpace our adversaries."
To defend against advanced threats, security programs must evolve to be risk-based, agile and contextual.
Risk-based – Risk is a function of the threat landscape, including understanding an organization's adversaries and capabilities compared with the relative security exposure of the organization's information assets. Intelligence about your potential attackers and most valuable assets shows you where to focus your efforts, such as what systems to protect and what users to closely monitor.
Agile – The threat landscape will continue to evolve, and a successful outcome requires that organizations have the agility to process, incorporate and analyze new sources of internal and external intelligence - on the fly. Automation is absolutely essential for security to work at the speed and scale of the networks and cyber threats we face.
Contextual – Incident response, investigation and remediation are most effective when a security event is delivered with complete context around it. The success of prioritizing and decision-making is dependent on having the best information available. Organizations must adopt a "big data" view of information security in which their security teams have real-time access to the entirety of information relevant to the detection of security problems. Big data combined with high-speed analytics provides the contextual view needed to defend against advanced threats.
RSA President Tom Heiser conveyed 'Lessons Learned' from the attack on RSA, and from an insider's vantage point, offered specific advice on what organizations can do to help harden their defenses and adapt appropriately to the evolving threats. He advised, "Sophisticated attackers know traditional security controls and are adapting and changing tactics… determined to find exploits in complex, rapidly evolving IT environments and through people."
Heiser closed his remarks by offering five categories of forward-leaning practices for getting ahead of advanced cyber threats:
Additional News from RSA
Over the course of the two-day conference, RSA executives will also share their perspectives in six sessions covering: Advanced Persistent Threats, PKI in the cloud, securing the Smart Grid, managing compliance from cloud service providers, characteristics of zero-day and targeted malware and an interactive session on dissecting a popular Trojan.