Search All RSA Blogs

Good Insight from Gartner on How to Do SIEM Right: Part 1

In a recently released report from Gartner titled, SIEM Technology, Market and Vendor Assessment, (Gartner.com client access needed to get the full report), Gartner analysts Anton Chuvakin and Augusto Barros gave their latest take on the SIEM market, as well as provided eight specific recommendations for organizations that are looking to acquire a solution.  While...

Read more

Revisiting the SOC Structure

Building and maintaining skill sets and expertise in a SOC is a difficult task – and many security leaders face this challenge. They are not able to retain best of the talent for long term. There are too many tools for them to invest in,,, too many alerts that pop up when the tools are...

Read more

Chasing the Rabbit: Cybersecurity Through the Camera Lens

Azeem Aleem and Dave Gray Nothing will work if you are not serious about it – Sam Abell This blog is intended to take a different perspective (pun intended) of how we view our security platforms and how to go about rationalizing our Business-Driven Security™ decisions about cyber threats and mitigation strategies. It all comes...

Read more

Improving Speed of Investigation with Automation and Enrichment

It is important for security analysts to have all the details of the incident when investigating. By having the details, a security analyst can improve the speed of investigation but most importantly the investigation is effective to put in place a response plan. How can the security analyst get these details?  The first step is...

Read more

CEO Fraud: The New $2 Billion Phishing Scam

Like most employees, you don’t think twice before opening an email from your CEO. Given the latest email scam making the rounds in the workplace, maybe you should.  Statistics show that the spear phishing scam known as “CEO Fraud” has already racked up more than $2 billion in losses and victimized 12,000 individuals globally. Losses...

Read more

How to Speed Up Incident Response

Having an incident response plan in place is key if you want the ability to speed up your company’s reaction to security incidents. However, a recent survey by the Security for Business Innovation Council (SBIC) found that just 30 percent of large organizations have an incident response plan, and of those that do, 57 percent...

Read more

Breach Response: Mitigating an Outbreak

By Azeem Aleem, Gareth Pritchard and David Gray, RSA Advanced Cyber Defense It’s mid-2017 and the news is alight with yet another alarming cybersecurity attack. A new strain of a malware variant, which on first analysis looks very similar to a previously reported malware strain called “Petya” (ransomware armed with the EternalBlue exploit amongst other...

Read more