Heathrow,12th October 2011

RSA Executives Call for New Approach to Security

Building on Valuable Lessons Learned, Executives Offer Insights and Steps to Develop the Advanced Security Systems Needed to Thwart Advanced Threats

RSA Conference Europe 2011 – London

Following on from the well publicised breach at RSA earlier this year all eyes were on the RSA Excecutives for the keynote speech delivered at the RSA conference in London last week.

“From an Armadillo point of view as one of RSA’s largest partners in EMEA, I was very interested in the steps RSA has taken post the much publicised breach. More importantly I was looking for RSA to further demonstrate their strength in dealing with the ever evolving security threats we now all face. Armadillo has been very much ahead of the game in this area, already discussing various advanced solutions with our clients to enhance the traditional security solutions which have now been proved to be ineffective. ” said Andy Mayle - Technical Manager at Armadillo Managed Services Ltd”

The RSA European conference delivered on both fronts and below is a summary of the main message to be taken from the week.

RSA executives deliver keynote address to IT professionals assembled to gain insights from security leaders’ “Lesson’s Learned” and advice for preparing for and mitigating advanced cyber threats

Company launches RSA NetWitness® Spectrum to accelerate the identification of zero day malware that blocking tools often miss

RSA announces software developer kits (SDKs) designed to help mobile application developers embed strong layers of security and access control into leading mobile application platforms

Executives of RSA, The Security Division of EMC (NYSE: EMC) today advised security professionals that the new fact of life for IT organizations is a state of persistent, dynamic, intelligent threats in which it is no longer a matter of if an organization will be compromised, but more likely when and how. The key to combating these threats, they say, is to recognize the different tactics and tools used in these advanced attacks and automate the response of controls to defend information assets, isolate compromised elements of the infrastructure and ensure that network compromise does not lead to damage to the business.

In a joint keynote address, Art Coviello, Executive Vice President for EMC and Executive Chairman of RSA, and Tom Heiser, President of RSA, discussed the evolving threat landscape and urged organizations to create advanced security systems capable of defending against these new threats and agile enough to meet the advanced challenges of today’s hyper-extended enterprise.

“2011 has been quite a year for us and for anyone on the security side of IT,” said Art Coviello during his keynote address. “It’s been a year of headline grabbing attacks across every corner of the world. Organizations are defending themselves with the information security equivalent of the Maginot Line as their adversaries easily outflank perimeter defenses. People are the new perimeter contending with zero-day malware delivered through spear-phishing attacks that are invisible to traditional perimeter-based security defenses such as Anti Virus and Intrusion Detection Systems. Clearly conventional security is either not effective or not enough. The threat landscape is evolving and our security systems must change to outpace our adversaries.”

To defend against advanced threats, security programs must evolve to be risk-based, agile and contextual.

Risk-based – Risk is a function of the threat landscape, including understanding an organization’s adversaries and capabilities compared with the relative security exposure of the organization’s information assets. Intelligence about your potential attackers and most valuable assets shows you where to focus your efforts, such as what systems to protect and what users to closely monitor.

Agile – The threat landscape will continue to evolve, and a successful outcome requires that organizations have the agility to process, incorporate and analyze new sources of internal and external intelligence - on the fly. Automation is absolutely essential for security to work at the speed and scale of the networks and cyber threats we face.

Contextual – Incident response, investigation and remediation are most effective when a security event is delivered with complete context around it. The success of prioritizing and decision-making is dependent on having the best information available. Organizations must adopt a “big data” view of information security in which their security teams have real-time access to the entirety of information relevant to the detection of security problems. Big data combined with high-speed analytics provides the contextual view needed to defend against advanced threats.

RSA President Tom Heiser conveyed ‘Lessons Learned’ from the attack on RSA, and from an insider’s vantage point, offered specific advice on what organizations can do to help harden their defenses and adapt appropriately to the evolving threats. He advised, “Sophisticated attackers know traditional security controls and are adapting and changing tactics… determined to find exploits in complex, rapidly evolving IT environments and through people.”

Heiser closed his remarks by offering five categories of forward-leaning practices for getting ahead of advanced cyber threats:

Re-visit your view of risk — Conduct a risk assessment to identify your high value / high risk information assets, looking at things from an opponent’s perspective, and with an eye to real, not theoretical, opponents.

Re-think zero-day malware protection – don’t stop using traditional anti-virus tools, but recognize that they alone will not be sufficient against customized attacks.

Deploy security and network forensics capabilities for continuous monitoring, for deeper awareness and analysis of network traffic (this is different from traditional intrusion detection, which is past its freshness).

Harden authentication and tighten access control.

Increase user and executive education and communication – the human dimension is as important as the tools you deploy.

Additional News from RSA

The company also announced the availability of RSA NetWitness Spectrum, a state-of-the-art malware analytical workbench that revolutionizes the identification and analysis of zero-day malware. Conference delegates can see the new capabilities in booth #D1.

RSA is also offering software developers the capability to build in additional layers of security and access control into mobile applications for the leading mobile application platforms through the integration of RSA’s award-winning RSA SecurID and RSA Adaptive Authentication solutions. By extending strong and risk-based authentication controls to mobile, developers of mobile applications for business, banking and data access can help increase security and confidence in their mobile products.