RSA Blog
Industry Perspectives
-
4/25/2021Zero trust is great branding, but it simplifies a much more complex idea. Ultimately, 'zero trust' should describe a goal for security teams to strive for - and not a realistic end state. Join our webinar on April 27, 2021 to learn more about what zero trust is, what it isn't, and how to use it effectively to protect what matters most.
-
Payments: What's the Difference between 3-D Secure 1.0, 2.0, 2.1 and 2.2?
4/16/2021While 3-D Secure is central to fighting CNP fraud in the EU and elsewhere, penetration in North America is less than 2%. But that may be about to change—if credit card issuers and merchants can make sense of what has become a veritable Alphabet Soup of 3DS variants, including 1.0, 2.0, as well as 2.1 and 2.2. We break out what you need to know now.
-
3/31/2021Whether it's online shopping, loyalty and payment apps, or newfangled voice commerce, innovation is the name of the game in 2021. Unfortunately, fraudsters got the memo. Card-Not-Present (CNP) fraud could jump 16% this year and top $130 billion by 2023. Here's how adaptive authentication can stop CNP fraud in its tracks—and turbocharge your transformation initiative.
-
Stop Fraud, Not Customers: 3 Reasons I Joined RSA
3/23/2021RSA Fraud and Risk Intelligence CMO Armen Najarian recently joined the business unit to help spearhead a new phase of investment and growth. In this blog he explains his rationale for making a move to RSA. Among his reasons are the rapid growth in payment fraud, RSA’s leadership position and history of innovation, and the culture he and CEO Reed Taussig are aiming to foster.
-
Paying Down your Technical Security Debt
1/7/2021Short-term solutions can cause larger, long-term problems. See these best practices for limiting technical infosec debt.
-
Cybersecurity Predictions for 2021
12/18/2020Security, risk and anti-fraud experts from across RSA predict the emerging cybersecurity trends and challenges for 2021.
-
Time to give thanks and review our predictions
12/14/2020Even in a coronavirus-disrupted world, some predictions for 2020 were still on the mark. But where will we go from here, and how will the pandemic shape cybersecurity in 2021 and beyond?
-
Securing chaos: How Security Chaos Engineering tools can improve design and response
12/9/2020Why chaos engineering works and the best practices for implementing chaos engineering effectively.
-
-
Security Is No Longer A Binary Decision
9/16/2020David Strom explains why cybersecurity is evolving and why treating it as a strictly binary decision is no longer appropriate given the complexities of today's IT environments.
-
It Ain't What You Do (It’s The Way That You Do It)
9/15/2020Contributor Neira Jones explains why managing regulatory compliance can be a lot like mitigating cybersecurity risk.
-
Moving to The Cloud? Security Plays a Key Role
9/10/2020451 Research’s “Voice of the Enterprise” report examines the current state of cloud transformation based on qualitative survey data and in-depth qualitative interviews with IT leaders from a broad spectrum of organizations.
-
RSA Steps Out as the World’s Largest Security Startup
9/1/2020What will the future hold for an independent RSA? Paul Roberts offers a industry expert’s perspective after a discussion with Zulfikar Ramzan, PhD.
-
Diagnosing the Cybersecurity Challenges in Healthcare
8/20/2020Amid a health crisis, healthcare organizations also face a growing challenge: mitigating the risks of an expanding threat landscape. Read what one industry CISO has to say about the state of cybersecurity risk in this essential industry.
-
Doubt is the Greatest Nemesis to a U.S. Election
8/4/2020American cybersecurity expert Ari Schwartz offers his view on the top threats that could undermine the credibility of the 2020 Elections and the democratic voting process long-term.
-
Cybersecurity and the Remote Work Revolution: a 10-Point Plan
7/14/2020Organizations face an array of new challenges and will need to make considerable adjustments to adapt for long-term remote work. Bob Evans shares a 10-point plan to help secure the journey.
-
Prioritizing Privacy in an Age of Surveillance and Tracking
7/6/2020At a time when more data is being collected than ever before, organizations need to take proactive steps to ensure the privacy of their stakeholders.
-
5/26/2020As the risk landscape multiplies, proactive organizations will treat cybersecurity and fraud prevention as two sides of the same coin to best inform their threat intelligence.
-
Do You Know Where All Your Firewalls Are?
5/19/2020As organizations get ready for their new normal, understanding the layout of the network is critical given the rapidly evolving needs of the business amid disruption.
-
Security & Risk Controls: Why You Need Them
4/26/2020It's time to assess the organization's security and risk controls.
-
The Challenge of Managing Identities in a Cloud-y IT Environment
4/23/2020In the era of DevOps, organizations must ensure their identity assurance strategy is ready to keep pace with the demands of cloud infrastructure.
-
4/1/2020
Cooperation between fraud and risk departments and information security departments is essential. After all, these are two sides of the same coin: the failure to address cyber risk invariably leads to fraud.
-
Think Long-Term: Learning from Today’s Lessons in Business Resiliency
3/24/2020The definition of business continuity is changing in today’s climate. By assessing your preparedness now, you can plan for the future and enable continuity in a world of unexpected and changing disruptions.
-
Conquering Cyberthreats as the Cloud Booms
3/15/2020As the cloud proliferates rapidly into every corner of an organization, it’s time to reimagine your approach to cybersecurity.
-
Tried and True: Past Cybersecurity Practices Still Relevant Today
2/10/2020As you enter this new decade, don’t overlook the industry best practices that have been valid for more than 15 years as you work to manage the digital risk challenges of tomorrow.
-
Change is Inevitable: Pondering the Near Future
12/15/2019Why do we make predictions? It’s not just cybersecurity or technology foretelling the future, either. Everyone does it, to some degree, and we all tend towards rolling our eyes at them. But predictions have a purpose – to envision the future. To make it less unknowable, less scary and enable us to take the risks necessary to create the next game changer.
-
Why You Need a Chief Trust Officer
12/8/2019To address the challenge of digital risk, organizations need to look at creating the role of a Chief Trust Officer to help them navigate the risks of digital transformation.
-
A Singular View of Risk: Key Bank Weighs in on Digital Transformation
11/18/2019Digital innovation continues to offer a flood of opportunities to traditional banking and risks that are impossible to ignore. Brian Drotleff, Director of GRC and Risk Assessments at Key Bank shares his perspective on how digital transformation is impacting his enterprise and the finance industry.
-
Giving Thanks & Looking Forward to 2020
11/11/2019As you prepare for a new year, it’s time to reflect on mistakes and learn from the past.
-
To Transform Your Business, You Must Transform Risk Management
10/21/2019The nature of risk management is changing as organizations transform digitally. At RSA® Charge, ITSPmagazine talked with RSA thought leaders, partners and customers to gain insight into the risks of digital transformation, and how to manage them. Check out their conversations in this blog.
-
10/3/2019
Are you as prepared as you should be to manage digital risk and address new cybersecurity challenges? See what considerations you should make during National Cybersecurity Awareness Month.
-
Experts Weigh In: The Digital Risk Challenges of a Smart City
9/10/2019Driving towards Smart City innovation will disrupt the security of many countries. Industry experts weigh in on what challenges could be ahead and how to manage the potential digital risks.
-
Digital Transformation: New Security Challenges & Renewed Call for Governance
8/20/2019Despite increased investment in security, the number of large-scale breaches continues to grow. PWC's Paul O'Rourke weighs in on what organizations need to do to address the challenge of digital risk.
-
How many C-level execs own your security infrastructure?
8/8/2019C-Suite involvement in cybersecurity planning is essential, but you need to be organized and share responsibilities across departments and disciplines.
-
Digital Transformation: A New Line Item for Today's Business Leaders
8/5/2019A digitally connected business means more cybersecurity risks. As digital transformation impacts traditional business processes across all industries, RSA explores why business leaders need to be in alignment with security and risk professionals to manage the new risks.
-
CARIS2: Better Incident Response at Scale
6/17/2019Selected participants for the Coordinating Attack at Internet Scale (CARIS) 2 Internet Society workshop recently met to further its mission of making the internet work better. Focused on incident response, the CARIS2 workshop delved into changes to infrastructure and monitoring as transport encryption becomes stronger and ubiquitous.
-
Risk Analysis vs. Assessment: The Real Key to Understanding Our Digital Transformation
6/4/2019Across industries, legacy security issues persist, but investment in tech innovation also introduces new risks. See how InfoSec teams can work with business leaders to assess and analyze these risks.
-
Managing the Security Transformation for the Truly Distributed Enterprise
5/14/2019As your workforce spreads across the planet, you’ll need to support a new collection of devices, networks, apps and endpoints. Is your organization equipped to manage the digital risks associated with a dynamic workforce?
-
Third-Party Risk: The Soft Underbelly of Cybersecurity
4/15/2019Security vulnerabilities and risk brought on through third-party partners will grow as organizations undergo digital transformation. Here’s how you can begin to manage the risk.
-
Understanding the Trust Landscape
3/25/2019As the pace of digital transformation quickens, managing digital risk has become essential to maintaining trust in essential systems.
-
Thinking about Digital Risk? Learn from Others
3/18/2019While challenges in digital business operations are like well-known technology risks, there are nuances to today’s world that require a new perspective. We can certainly look to lessons learned by others to deal with emerging risks related to digital transformation.
-
Defending Your Future with Machine Learning
1/16/2019In a new report by the Security for Business Innovation Council (SBIC), leading global CISOs identify machine learning as an imperative to stay ahead of the growing volume and complexity of cybersecurity issues.
-
Sleepless in Security: Sensor-y Overload
1/3/2019A recent gas line explosion is a reminder that in an era of wireless sensors, the protocols used to communicate, and the software that manages them are potentially vulnerable to digital risk.
-
7 Security Trends to Watch in the New Year
12/4/2018In time for the New Year, David Strom shares seven things security professionals need to be thinking about and how they could impact their organization.
-
How Secure is Your Digital Presence?
11/1/2018Hacking is now big business for criminals. With the creation and availability of data exploding, it’s time to look at how we got here, and what we can do to secure our identities.
-
The Other Cyber Skills Gap: Educating Tomorrow’s CISOs
10/9/2018While the cyber skills gap discussion has focused on educating the next generation to fill critical practitioner-level roles in cyber defense, few talk about how education will play a significant role in helping the current generation to take their place in that future fight as senior security executives at the board and briefing room tables.
-
Experts Speak Out: Managing Digital Risk During NCSAM – and Beyond
10/4/2018In today’s threat landscape, risk is everywhere. See what tips and best practices top industry experts share for protecting yourself, your family and your organization from fraud or a cyberattack.
-
Practice Cybersecurity Every Day, Not Just October
10/1/2018After a year of several high-profile attacks, remember that demonstrating good cyber hygiene should be done year-round, not just during National Cybersecurity Awareness Month.
-
Making Risk Count: Winning Strategies from Global CISOs
9/19/2018A new Security for Business Innovation Council (SBIC) report explores modern approaches to risk management and measurement. Learn which factors, including the type of industry you compete in and how quickly your company is embracing digitization, may impact your risk measurement approach.
-
Leave the Stone Age (and Spreadsheet) Behind
8/17/2018People have been using spreadsheets for all sorts of applications, regardless of whether they were appropriate or not. Including using them for risk management. At the RSA Archer Summit 2018 this week, a mention of replacing spreadsheets by product manager Emily Shipman got some cheers from the audience.
-
New Ways to Manage Digital Risk
8/1/2018Read why adaptive authentication and SIEM are essential tools to better detect changes in user behavior – fundamental to digital risk management.
-
RSA's CTO: Bullish on Security, Bearish on Blockchain
6/13/2018RSA Chief Technology officer discusses the practical applications of blockchain. Find out more about the distributed ledger technology’s potential and limitations.
-
RSA Labs: Staying Secure Means Staying Relevant
6/13/2018Keeping up with, if not a step ahead, of the bad guys isn’t all that security researchers find themselves battling. Staying upright on a rapidly shifting terrain is made all the more difficult as companies embrace cloud computing, microservice architectures and mobility.
-
Making Sense of Tomorrow’s Cybersecurity Trends
6/7/2018RSA and Secureworks Chief Technology Officers, Dr. Zulfikar Ramzan and Jon Ramsey, discuss next-gen technologies and how taking a risk-based approach is critical as businesses face an evolving threat landscape.
-
What Are My Options? Session Encryption Protocols Looking Forward
6/5/2018TLSv1.3 is a game changer for some enterprises and data centers, what if I can’t switch to end-to-end and need a transition phase or alternate solution? This provides some options as well as some possibilities for design and development work *if* there is motivation from industry.
-
They Are Looking At WHAT? Service Provider Monitoring
6/4/2018At the start of an adoption curve there is much apprehension. This is true of TLSv1.3 and those managing enterprise networks and data centers. The IETF working group spent much time listening to operators and their concerns in order to better address and improve adoption.
-
Network Monitoring is Dead… What Now? TLS, QUIC and Beyond
5/31/2018Recent conference discussions revealed much about what is top-of-mind for decision makers as they look towards session encryption and when and where to adopt TLSv1.3.
-
"Pain and Progress" in Managing Digital Risk
4/16/2018Recently, RSA® commissioned the Cybersecurity and Business Risk Survey, executed by Enterprise Strategy Group (ESG), to learn more about the challenges and priorities of IT security and business risk professionals. “Pain and Progress: The RSA Cybersecurity and Business Risk Study” provides a glimpse into the minds of security and risk leaders.
-
What’s It Take To Be Tomorrow’s CISO?
2/27/2018A new Security for Business Innovation Council (SBIC) report explores both the incremental and transformational skills required for current and future CISO success. Learn which fundamental technology and security capabilities matter most and which unexpected skills CISOs will need to acquire to drive business success.
-
The Black Swan: Mitigating Cyber Attacks Within ICS Environments
2/20/2018ICSs are specialized resulting in limited industry expertise spanning ICS, IT, and security. In terms of mitigation techniques, most vendors and organizations leverage generic security methodologies resulting in a reactive approach. RSA Advanced Cyber Defense Practice offers a better framework.
-
Are You a Regulation Rebel or a Regulation Realist?
11/30/2017In a new report by the Security for Business Innovation Council (SBIC), security executives and thought leaders from Global 1000 enterprises share advice for organizations looking to minimize the burden of legislation that may impact their security postures, as well as offer three strategies to handle what’s ahead in the security landscape.
-
TLS Security and Data Center Monitoring: Searching for a Path Forward
8/31/2017Protocols are evolving to meet the demands of the future. We must continue to strengthen the security of these protocols to keep pace with the threat landscape. As such, Transport Layer Security (TLS) 1.3 has been designed to be more secure in order to prevent the interception of sessions over the Internet.
-
My Summer Defending the Digital Universe
8/21/2017In RSA’s quest to build out a deeper pool of future Defenders of the Digital Universe I had the pleasure of having Meghan O’Connor as a summer intern on my team. During her exit interview I asked her what she didn’t realize about cybersecurity and fraud prevention prior to her internship and what advice she would now give.
-
7/6/2016
As we pass the halfway point of 2016, the United States Presidential election process is in full swing. Candidates continue to make the case for why their worldview is in the best interests of the nation. Perhaps no other topic polarizes the candidates and receives more prominence in this context than wealth inequality. Within cybersecurity,...
-
Conversations with the SBIC: How Industry Priorities Inform Security Agendas (Pt. 2)
5/19/2016In my previous post, I shared a few of the key priorities the security leaders that comprise the Security for Business Innovation Council (SBIC) share in common. But council members’ industries span everything from manufacturing and financial services to defense and retail. And while all security issues are on their radar, it’s only natural that...
-
Conversations with the SBIC: What's Top-of-Mind for Top Security Leaders? (Pt. 1)
5/12/2016We recently had the opportunity to discuss what’s top-of-mind for the Security for Business Innovation Council (SBIC), a group of security leaders from Global 1000 enterprises including Boeing, General Electric, Walmart, SAP and ADP. If there’s one thing SBIC members agree on it’s this: security strategies that focus solely on prevention just doesn’t work in...
-
Good Insight from Gartner on How to Do SIEM Right: Part 1
4/14/2016In a recently released report from Gartner titled, SIEM Technology, Market and Vendor Assessment, (Gartner.com client access needed to get the full report), Gartner analysts Anton Chuvakin and Augusto Barros gave their latest take on the SIEM market, as well as provided eight specific recommendations for organizations that are looking to acquire a solution. While...
-
Moving from Low to High-Fidelity Security
2/26/2016In the 1940s and 50s home audio systems went through a high-fidelity revolution. This is the period when the music recording industry and stereo manufacturers dramatically improved the audio experience for consumers. Technically it had to do with the improved audio capture, more sophisticated mastering (stereophonics), and dramatically improved reproduction of music, all at a...
