Global Sales Contact List

Contact   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

The world we live in today is the result of an evolution that started back in they days of the “Moonlight Maze” attacks in the late 1990s. What the security community has come to realize over the past decade is that the advanced threat is not just a phenomenon isolated to critical government systems, nor is it simply a matter of “one and done” attacks that have a single intent. In our highly connected world, nearly any company can be the focus of sophisticated, determined attacks, whether for the digital information they possess, or as a stepping stone to another target somewhere else in their digital supply chain. This is why we’ve created the RSA Next Generation Security Operations Center (SOC) design and implementation services approach.

As we evolve from the hard lessons learned from the early days of “Moonlight Maze,” our advanced cyber adversaries continue to rapidly shift their attack techniques, tactics and procedures (TTPs) as a force multiplier across the global cyber ecosystem of finance, energy, manufacturing, life sciences, defense, academia and other tightly coupled industries as primary and “switch targets.”  But as companies begin shifting their focus towards more agile analytics-based approaches, they often find that not only do the technologies they use need to change, but their operational processes and tactics must evolve also.

The new RSA Next Generation Security Operations Center (SOC) approach is designed as a reference architecture to quickly adapt to and ramp from any organization’s current state security operating model to transform from purely reactive security practices to a predictive intelligence-driven foundation. Gone are the days of ad hoc and inefficient operating processes, poor technology utilization and alert-based investigations with little to no context-based analytics.

I have been with RSA’s Advanced Cyber Defense (ACD) practice since its inception about two years ago and what we have done is drive a repeatable and sustainable design and development life cycle in four discrete phases comprised of capability “turn ups,” maturity and effectiveness modules for small, medium and large enterprises.

image002

Coming from the roots of security analysis, investigations and forensics, what I always lacked was the perfect triad of actionable data fusion; a) The Alert; b) Threat Context; and c) Correlated Security Data. When presented in a unified method within the Next Generation SOC, analysts and operators can make real-time decisions before it becomes a material impact to their organization. This is truly transformative and will certainly take time as intelligence as a driver for Security Analytics is adopted as a framework for this evolution. Readiness and preparedness is at the forefront as stated in a recent blog by Pitney Bowes in “Data Breach Readiness – An Ounce of Plan is Worth a Pound of Cure.”

“It’s less a question of if you will suffer an incident, but when.” The ability to respond with immediacy and consistency can help to mitigate the potential financial and reputational impacts to the company.

image005

 

Peter Tran

Peter Tran

Senior Director, RSA Advanced Cyber Defense Practice at RSA, the Security Division of EMC
Tags: , , , , , , , ,

Leave a Comment

Pulse in...

Follow EMC

Archives

Twitter: @EMC_News

Software defined storage: A keystone to the 3rd platform: http://t.co/1HKTiseOXy via @IDC http://t.co/AxzAwICeEW about 8 hours ago
How predictive analytics are changing the entire model of IT operations. http://t.co/16uaEajaKb http://t.co/Df8HHyt0o7 about 12 hours ago
A behind the scenes look at how @MLB is using #bigdata to innovate baseball http://t.co/ZoX8sVNlu6 http://t.co/gTKOxIxc7v about 16 hours ago
We have you covered. See why the Data Protection Suite & Data Domain are even better together http://t.co/qviJySRxTt http://t.co/BQewFuDdOd about 18 hours ago