RSA Executives Keynote Outlines Path to Safe and Trusted Digital Infrastructures

RSA CONFERENCE EUROPE 2013 - AMSTERDAM - October 29, 2013 -

In the opening keynote address kicking off RSA Conference Europe 2013, Art Coviello, Executive Vice President for EMC and Executive Chairman of RSA, The Security Division of EMC (NYSE: EMC), and Amit Yoran, Senior Vice President, Unified Products, RSA, outlined new approaches to enable safe and trusted digital infrastructures to help defend today’s highly interconnected and open enterprises. Mr. Coviello drew parallels between the Dutch economic history and trading innovation and what is needed in today’s digital world. Mr. Coviello also affirmed how security and privacy must be properly aligned to enable productivity opportunities in the digital economy.

By leveraging an intelligence-driven security model using Big Data and analytics technologies, Mr. Coviello explained that security professionals can derive the necessary context to better defend enterprise networks and data from sophisticated cyber attacks. Mr. Coviello emphasized that standalone controls are siloed and one-dimensional, thereby not adding value - but that context can be developed by integrating discrete security controls and enabling them to interact with and inform each other.

“When we understand the context of people’s ‘normal’ behavior or how information flows on our networks, we can more clearly and quickly spot even a faint signal of any impending attack or intrusion, ” Mr. Coviello said, “This is what makes intelligence-driven security future-proof. It eliminates the need for prior knowledge of the attacker or their methods.”

The right tools to help the industry move in this direction are now becoming available, according to the RSA executives, who also went on to assert the need for an open, responsible dialogue on security, governance and privacy. Mr. Coviello argued that both good security and trusted privacy are possible through the appropriate application of transparency and governance.

RSA Senior Vice President, Amit Yoran drove home the need for enterprises to adopt an intelligence-driven security model, specifically from the three vantage points of visibility, analysis and action.

1. Visibility – Organizations need to have the right level of visibility into traditional networks, endpoints and log data, but also new levels of information derived from identities, applications, assets and the data itself. Visibility becomes more complicated by the migration to mobile and cloud-based platforms and services.
2. Analysis – Visibility and advanced analytics must come together to deliver meaningful insight for decision-making. Increasingly, decisions are not a binary process but instead must be analyzed from multiple perspectives and use cases to achieve larger organization and business goals.
3. Action – Organizations must be able to respond with agility and speed to the insights that greater visibility and analysis afford us. This requires an efficient method for event management and a dynamic ability to adjust security controls across a diverse set of proactive layers and capabilities. Identification of a threat should flow seamlessly into response and remediation. Derived insight must transform into action.

Mr. Yoran explained that capturing visibility, analysis and action in a technology platform results in operational intelligence working seamlessly across security management, controls and governance, risk and compliance, and one that can unleash the full power of an intelligence-driven security approach.

“Security and privacy can be successfully aligned within a framework of transparency and good governance,” Mr. Yoran said. “An intelligence-driven security model built on tools and capabilities that provide context through analytics can help organizations protect individual privacy, customer data and intellectual property.”

Additional RSA News

• RSA also announced today a new RSA Security Brief that it jointly authored with experts from EMC and Raytheon that provides a roadmap for next generation security operations amidst concerns of an escalating threat environment. The authors of the report assert that efforts to improve readiness and response capabilities are also driven by growing recognition among today’s interconnected business communities that organizations must assume broader responsibility for protecting themselves and their business partners.
• RSA announced RSA Archer Vulnerability Risk Management (VRM), a new solution that allows enterprises to proactively manage IT security risks through the combination of asset business context, actionable threat intelligence, vulnerability assessment results, and comprehensive workflow.
• RSA also introduced RSA Critical Incident Response Solutions, a new combination of products and services to help organizations mature their security operations and accelerate incident response functions while addressing traditional SIEM requirements as part of an advanced security strategy.

More information on these announcements can be found at www.emc.com/news.

Additional Resources:

• Find keynotes videos, schedules, events and sessions at RSA Conference Europe 2013
• Learn more about how Trusted IT from EMC = Trusted Business at: www.emc.com/trust
• Connect with EMC via Twitter, Facebook, YouTube, LinkedIn and RSA Speaking of Security Blog and Podcast.

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk, and compliance-management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in Identity Assurance, Encryption and Key Management, Security Analytics, Data Loss Prevention, and Fraud Protection with industry-leading GRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.EMC.com/RSA.