RSA Blog - June 2017

  • 6/28/2017 - Ready, Set, Authenticate: Why You Need RSA SecurID Access to Win the Race There are times when trying to put together an effective authentication strategy feels like competing in track-and-field events. Business and IT are supposed to be on the same team, but far too often seem to be racing toward completely different goals. Sure, it’s important to get to the finish line fast, but not at the...
  • 6/28/2017 - Breach Response: Mitigating an Outbreak By Azeem Aleem, Gareth Pritchard and David Gray, RSA Advanced Cyber Defense It’s mid-2017 and the news is alight with yet another alarming cybersecurity attack. A new strain of a malware variant, which on first analysis looks very similar to a previously reported malware strain called “Petya” (ransomware armed with the EternalBlue exploit amongst other...
  • 6/28/2017 - Detecting "Petya/NotPetya" with RSA NetWitness Endpoint and RSA NetWitness Packets By Alex Cox, Christopher Elisan and Erik Heuser, RSA Research A Ransomware variant known as “Petya/NotPetya” began making the rounds on June 27, 2017. This ransomware takes a different approach to denying access to the victim’s files. Instead of the usual displaying of a message and letting the victim browse to really see that the...
  • 6/27/2017 - Yin and Yang: Two Views on IAM - Global Risk Standards or States & Nations Policies By Steve Mowll and Chris Williams POINT: Chris Williams – Advisory Architect, RSA Identity In our last blog, I stated the following about why we most commonly engage in security practices. And these two items were represented: We embrace identity projects because we need to satisfy compulsory mandates. We need to provide competitive protective services...
  • 6/22/2017 - Key Considerations for Selecting a Consumer Authentication Vendor The EU’s Payment Services Directive II (PSD2) has generated many questions from the financial services and payments industry. So much so we have found some in the industry turning to RSA for advice and guidance on the key considerations they need to put forth as they prepare to issue requests for proposals from potential consumer...
  • 6/20/2017 - Protecting PingFederate Users with RSA SecurID Access It’s 10 o’clock. Do you know where your users are? Believe it or not, there was once a time when this question was easy to answer. If “Steve” was logged into the corporate network, there was a very high-level of certainty you would find him sitting in his cube, on the 4th floor of building...
  • 6/19/2017 - Blank Slate: A Tale of Two Malware Servers In March 2017, Palo Alto Networks Unit 42 published research on a new malicious spam campaign dubbed “Blank Slate.” Named as such because the malspam message is empty. Only the malicious attachment is present, as seen in Figure 1. Figure 1: Blank Slate malspam e-mail Recently, Blank Slate struck deploying Cerber ransomware once again, affording...
  • 6/19/2017 - Protecting VMware Workspace ONE Users with RSA SecurID Access While 1999 brought us the Breitling Orbiter 3, Warner Bros. sci-fi thriller “The Matrix,” and Britney Spears mega-hit “Baby One More Time,” it was also a banner year in cybersecurity. During the last twelve months of the millennium, we witnessed the advent of Microsoft’s Windows 98 release, the arrival of the American Express “Blue” card...
  • 6/13/2017 - Yin and Yang: Two Views on IAM - Active Directory Automation, Success or Failure? By Steve Mowll and Chris Williams Point: Effective identity management strategies are business-based, and should rise above technical limitations. Steve Mowll, Identity Architect, RSA True point, but in order to have effective strategies, they must be directed towards a desired outcome. Let’s take a look at this idea using Active Directory (AD) projects as an...
  • 6/12/2017 - Completing the Puzzle In a previous blog I reviewed the real world pay back for being a risk leader.  Let’s say your company gets it, they know that good risk management increases the likelihood objectives will be fulfilled and profits improved, and now you’ve been given the assignment to start the risk management program to make your organization a...
  • 6/7/2017 - Defining Your Cyber Risk Appetite When a senior executive tells the board he or she wants to discuss the company’s risk appetite, usually the board’s interest is piqued. After all, understanding an organization’s risk appetite is critical to the decisions the board makes. So why should defining a company’s cyber risk appetite be so difficult? A CISO’s role is to...
  • 6/7/2017 - Capture the Prize Risk is the effect of uncertainty on objectives.  Managing risk well increases the certainty that objectives will be achieved.  Not surprisingly, organizations leading in risk management “capture the prize”.  According to a PWC Risk Review, organizations more frequently achieve their objectives, are more profitable and less likely to experience a negative profit margin than those...
  • 6/7/2017 - Eliminating Access Blind Spots in the Modern Enterprise Last year, 63% of data breaches involved compromised identities. This year, it’s up to 81%. As the world settles into the “new normal” of mobile, cloud and other nontraditional access points for applications and other resources, the problem of identity-related attacks isn’t going anywhere; to the contrary, it’s getting bigger. We can’t promise those numbers...
  • 6/6/2017 - Delivering Convenient and Secure Access to the Modern Workforce In the relatively quick journey from don’t-even-think-about-bringing-your-own-device to please-absolutely-bring-your-own-device, identity management has experienced some dramatic transformations. And it’s still evolving now, as security policy continues to move away from limiting user options and toward expanding them. Organizations haven’t taken long to come around to thinking that giving users more ways to access the resources they...
  • 6/6/2017 - Transaction Protection in a Human-Not-Present Age Imagine it is 10AM and you’re sitting in a meeting at work. You gaze out the window only to see your car drive out of the parking lot, turn left at the end of the road, and disappear around the corner. Your car, having sensed it needs a change of oil and seeing today’s calendar...
  • 6/5/2017 - Shadowfall Over the last several months, RSA Research embarked on a cross-organizational effort against RIG Exploit Kit (RIG EK or just plain RIG), which led to insight into the operational infrastructure (and possibly the entire ecosystem), as well as significant discoveries related to domain shadowing. Domain shadowing is “a technique in which attackers steal domain account...
  • 6/1/2017 - 8 Authentication Pitfalls That Can Put You on the Road to Nowhere Two-factor, multi-factor, mobile, push, tokenless, biometric: you have choices today when it comes to authentication solutions. Choose the right authentication solution, and you’ve got a straight shot to access that’s secure and convenient for users. Choose the wrong one, and you risk getting on a path that’s at best bumpy and at worst downright dangerous....
  • 6/1/2017 - NIST Cybersecurity Framework (CSF) Spring 2017 Workshop Findings To shape their Cybersecurity Framework (CSF), NIST convenes a series of workshops open to any industry practitioners, vendors, or academics who wish to attend. I recently returned from the 2017 NIST CSF Workshop at their headquarters in Gaithersburg, MD. For those interested in the NIST CSF but were unable to attend, I will quickly run...