Grant Geyer

Vice President, Security Analytics at RSA

Latest posts by Grant Geyer (see all)

When I meet with customers, I’m always intrigued by how they perceive their organization’s cyber risk relative to their security program’s maturity.   These conversations are invaluable in guiding the development of our product strategy. Over the past few years, though, I’ve noticed a change in tone.  Practitioners charged with building and maintaining their security programs seemoverwhelmed. Enterprises are in survival mode –under an increasing volume of attacks.  Targeted attacks are becoming harder and harder to detect and low priority infections are being ignored.  They have become accustomed to their networks being in a constant state of compromise.

To aid in this fight, we are bringing some relief to the market.  The new RSA Advanced Security Operation Center (ASOC) Solution  integrates RSA Security Analytics, RSA ECAT, RSA Archer Security Operations and RSA Advanced Cyber Defense training and services to help customers go from reactive to proactive – from hunted to hunter. With capabilities designed to detect not just common suspicious activity, but also find and investigate the most lethal and stealthy attacks, security teams can focus on the biggest risks to their infrastructure.

The truth is most organizations today ARE under relentless attack and they lack the tools to fight back effectively.  Security teams desperately need a new plan of attack – one that tips the scale back in their favor. RSA ASOC Solution is a powerful weapon that does just that by helping to improve visibility, analytical firepower and ability to take action:

–         Visibility:  Moving beyond basic SIEM, RSA ASOC is engineered to offer a single monitoring platform that combines logs, network packets, NetFlow and endpoint visibility to help security teams see the enemy no matter where they are hiding.

–         Analysis: Leveraging real-time analytics, Big Data analytics, content of the latest threats and data science modules helps security teamsunderstand the data collected to detect lethal threats and avoid sneak attacks, without the need to have data scientists on staff.

–         Action: A prioritized incident management queue and analyst workflow helps teams operate with speed and precision.  Prioritizing incidents, and being able to pivot from detection to an investigation helps focus on the most important ones.

One thing is certain, attackers will continue to get stronger and the threat landscape will continue to expand.  Because of this, organizations have no choice but to evolve from outdated philosophies.  As they progress on their security journey, the RSA ASOC solution enables them to deploy the capabilities they need today, and add new functionality in the future when needed.  Finally – they are no longer the hunted – but now, have the tools to be the hunter.

 

Grant Geyer

Vice President, Security Analytics at RSA

Latest posts by Grant Geyer (see all)

Tags: , , , ,

Leave a Comment

The comments are moderated by EMC and EMC reserves the right to remove any content it deems inappropriate, including but not limited to spam, promotional and offensive comments.

Pulse in...

Follow EMC

Archives

Twitter: @EMC_News

How does Pivotal Cloud Foundry PaaS enables cloud native? https://t.co/8KgBb1Fi1E https://t.co/4qBBz6vtzg about 4 hours ago
EMC IT and the data lake, empower the business to examine and explore data at their own pace https://t.co/TAEy5d1DD0 https://t.co/gnOM1JE7Nn about 10 hours ago
Why #IoT is about getting from connected to smart: https://t.co/Afo24BvTjN https://t.co/jfmRpqq0aP about 13 hours ago
Distinguished Engineer @JohnCardente discusses the #DataScience movement and his start in #BigData Analytics https://t.co/toBiIMMsEX about 16 hours ago