RSA Blog - February 2017

  • 2/28/2017 - Are we leading by example? It was a great week leading the RSA Conference Security Operations Center (SOC) Team consisting of RSA systems engineers, RSA Incident Response analysts and our partners at Cisco AMP Threat Grid. The Security Operations Center previously monitored the Black Hat conference network, but this was a first-time exhibit at RSA Conference. The team signed onto...
  • 2/22/2017 - Fraud Insights Through Integration Another great conference at the Moscone Center in San Francisco. On the heels of RSA Conference, it’s fair to ask: When was the last time you counted the number of anti-fraud tools you are using to protect your consumer-facing environment?  Now, when was the last time you thought about the connective tissue tying data sources...
  • 2/17/2017 - A View From the #RSAC SOC - Part 2 In today’s world, cameras are just about everywhere – in stores, on the streets, inside of cars, and many other locations.   Now, imagine you are a bank employee and your bank had no cameras – would you feel secure?   Probably not.   The reality is that many organizations have no “security cameras” on their networks to...
  • 2/16/2017 - Business-Driven Security to Lead through Chaos My last post discussed the changing nature of security. The impact of today’s cyberattacks aren’t limited to stealing financial information or personal data. Instead, these attacks seed chaos. With this reality at hand, the need for business-driven security is even more pronounced. Security professionals must draw connections between the technical details of a security incident...
  • 2/15/2017 - A View From the #RSAC SOC First full day at RSA Conference 2017 started with an excellent keynote and the expected rush of mobile devices to the wireless network.  After a bit more than a day the Wi-Fi network is regularly pushing 500-700mpbs of traffic, which the RSA NetWitness® packet decoder is handling nicely.  The port scanning activity detected on the...
  • 2/14/2017 - Leading in an Era of Chaos Consider… American Authorities are confident that the Russian Government was behind the cyberattack on the Democratic National Committee. Did that attack change the course of the U.S. presidential election? We’ll never know. But it definitely changed the discourse that followed. The idea of a foreign power mounting a cyberattack to undermine a U.S. election went...
  • 2/14/2017 - The Forum at RSA Conference This year’s RSA Conference continues the long string of high powered speakers from both the private and the public sector. While there are great keynotes and more than 500 track sessions, we discovered we needed more! Five years ago, many senior government officials were looking for a platform from which they could communicate what they...
  • 2/13/2017 - 2017 is the Year for RSA Business-Driven Security Solutions This week, RSA will be making a global announcement during the 2017 RSA Conference to formally unveil RSA Business-Driven Security solutions, a new approach to help customers manage cyber risk. This architecture, along with several concurrent solution and service announcements, enables customers to take command of their risk posture and secure what matters most. BUSINESS-DRIVEN...
  • 2/13/2017 - Defining Business-Driven Security for the Modern Enterprise As I travel around the world and meet with CISOs and security teams, I continue to be amazed at the organizational disconnects around managing cyber risk. Security Operations and Identity & Access Management teams operate their own business processes with very few connection points. Security and Risk & Compliance teams have different world views of...
  • 2/13/2017 - Delivering on the Promise of Business-Driven Security Globally Today, with the introduction of RSA Business-Driven Security, we also introduced the RSA Risk and Cybersecurity Practice. This Practice includes more than 650 globally deployed, employee-based cybersecurity and risk experts to help our clients operationalize their unique business-driven security strategy. Our primary tenant is enabling and accelerating the business while reducing risk, thus creating the...
  • 2/13/2017 - Reimagine Your Identity Strategy We are at the edge of yet another evolution for the Identity and Access Management (IAM) industry. Applications are being deployed at incredible speeds with user populations demanding access from wherever they are, whenever they want, from any device. The network is no longer clearly defined, in fact, identity is the new perimeter. Regulations and...
  • 2/13/2017 - What Peanut Butter Cups Can Teach Us About Fraud Prevention Reese’s® Peanut Butter Cups are a “so-good-it-has-to-be-bad-for-you” treat adored by candy lovers everywhere. The combination of peanut butter and chocolate is such a classic it’s hard to remember there was a time no one thought about putting these two together. In fact, Reese’s built an entire advertising campaign around the odd couple concept. The original...
  • 2/13/2017 - Calm the Churn with the RSA Archer Ignition Program If as a child you marveled at watching the simple, fascinating micro-example of physics of a pebble dropped into a puddle, you know what the results are. The pebble drops; the water’s surface is broken; ripples fan out from the point of impact… such an unassuming yet beautiful study of cause and effect.   Now, imagine...
  • 2/13/2017 - Kingslayer - A Supply Chain Attack Today, RSA is publishing new research on a sophisticated software supply-chain attack – dubbed “Kingslayer”. RSA Research investigated the source of suspicious, observed beaconing thought to be associated with targeted malware. In the course of their investigation, RSA discovered a sophisticated software supply-chain attack involving a Trojan inserted in otherwise legitimate software; software that is...
  • 2/13/2017 - Schoolbell: Class is in Session by Kent Backman and Kevin Stear, RSA Research Backstory If a sophisticated exploitation campaign is broad enough, it will attract the attention of multiple threat researchers. Such is the case of the malicious, multi-faceted exploitation campaign and botnet RSA Research has dubbed “Schoolbell.” In this blog, RSA will build on existing industry research and dig...
  • 2/13/2017 - Launching the Security Operations Center (SOC) at RSA Conference Welcome to RSA Conference 2017! The RSA Conference SOC team set up the Security Operations Center over the weekend. We were here along with scores of construction crews re building huge booth displays for some of the largest security companies in the world. It was a long weekend of building, lighting – and of course...
  • 2/7/2017 - Act at the Speed of Fraud: Take the Challenge How fast can you find fraud?  That is the challenge put forth by the RSA Fraud & Risk Intelligence team at RSA Conference 2017. Why the emphasis on speed? Simply put, the faster an organization can isolate the source of fraud, the faster they can respond. And based on RSA’s research, there is a gaping...
  • 2/6/2017 - Are Software Supply Chain Attacks the New Norm? How many of us stop to think about updating software we use every day? Do you think “maybe I should check for threats on this before I install it?” Or do you wait for it to automatically update? For many of us, we don’t consider the security of the everyday software we use. This is...
  • 2/3/2017 - Super Bowl "Digital Deflategate" is Not Just Air When we think of large entertainment venues and events, it’s not just ticket fees and concessions anymore. Sporting is entertainment and this year’s Super Bowl LI (51) is one of the most complex, technologically orchestrated events in the world; ranging from tablet-based play books to RFID wearable sensors on players sending real time performance data...
  • 2/2/2017 - Identity Comes into Focus at RSA Conference We are less than two weeks away from RSA Conference, the world’s largest security event! This year’s theme – The Power of Opportunity – emphasizes “unity.” Clever, right? We think so. Not only is it a great time to call for unity in cybersecurity among vendors and practitioners, but also end users. Every day we’re...