When I meet with customers, I’m always intrigued by how they perceive their organization’s cyber risk relative to their security program’s maturity. These conversations are invaluable in guiding the development of our product strategy. Over the past few years, though, I’ve noticed a change in tone. Practitioners charged with building and maintaining their security programs seemoverwhelmed. Enterprises are in survival mode –under an increasing volume of attacks. Targeted attacks are becoming harder and harder to detect and low priority infections are being ignored. They have become accustomed to their networks being in a constant state of compromise.
To aid in this fight, we are bringing some relief to the market. The new RSA Advanced Security Operation Center (ASOC) Solution integrates RSA Security Analytics, RSA ECAT, RSA Archer Security Operations and RSA Advanced Cyber Defense training and services to help customers go from reactive to proactive – from hunted to hunter. With capabilities designed to detect not just common suspicious activity, but also find and investigate the most lethal and stealthy attacks, security teams can focus on the biggest risks to their infrastructure.
As we gather in Amsterdam for RSA Conference Europe, I am reminded about what an incredible journey 2013 has been. We kicked off the year with the global launch of RSA Security Analytics, which has proven to be a truly game-changing solution in the SIEM/centralized security monitoring space. RSA Security Analytics is helping to transform the entire SIEM category, by helping our customers to both improve their defenses against advanced threats AND to address their compliance and long-term retention requirements.
Today, we take the next step in this journey. RSA is announcing a combination of new products and services designed to help organizations develop and mature their security operations and accelerate their incident response.
The world we live in today is the result of an evolution that started back in they days of the “Moonlight Maze” attacks in the late 1990s. What the security community has come to realize over the past decade is that the advanced threat is not just a phenomenon isolated to critical government systems, nor is it simply a matter of “one and done” attacks that have a single intent. In our highly connected world, nearly any company can be the focus of sophisticated, determined attacks, whether for the digital information they possess, or as a stepping stone to another target somewhere else in their digital supply chain. This is why we’ve created the RSA Next Generation Security Operations Center (SOC) design and implementation services approach.
RSA has released a new type of security solution that combines key parts of network forensics, Security Incident and Event Management (SIEM), threat intelligence, and Big Data technologies and techniques, to deliver a level of visibility that is different and deeper from all others that have preceded it. Most CISOs will likely agree that this new era of security couldn’t have come sooner.
This view is confirmed by newly published research from Jon Olstik, security analyst at ESG (from whom I borrowed the title of this blog). In his paper Jon clearly brings forward his argument — with which I completely agree — that security threats have changed, and thus the tools used and approaches for defense need to change significantly. I recognize this sounds a bit cliché, but if you read Jon’s paper you will see the clear argument and evidence to back up this claim. One very obvious technical trend is that the flood of security data that is required to provide the visibility that is necessary to improve the organization’s defenses, has gone up — way, way up. In fact, the ESG research paper mentioned above indicates that 47% of the organizations it surveyed collect, process and analyze more than “6 terabytes of security data on a monthly basis.”
Sounds like a Big Data Security problem needing to be addressed. (more…)
The opinions and interests expressed on Dell EMC employee blogs are the employees' own and do not necessarily represent Dell EMC's positions, strategies or views. Dell EMC makes no representation or warranties about employee blogs or the accuracy or reliability of such blogs. When you access employee blogs, even though they may contain the Dell EMC logo and content regarding Dell EMC products and services, employee blogs are independent of Dell EMC and Dell EMC does not control their content or operation. In addition, a link to a blog does not mean that EMC endorses that blog or has responsibility for its content or use.