Leading Chief Security Officers Outline Roadmap to Combat Advanced Threats

Leading Chief Security Officers Outline Roadmap to Combat Advanced Threats

RSA-Sponsored CISO Panel Highlights Intelligence-Driven Security as Strategic Game Changer in Battling Cyber Foes

BEDFORD, MA – January 17, 2012 – RSA, The Security Division of EMC
(NYSE:EMC), released new insights from a group of the world’s leading
chief security officers, designed to help corporations and governments
dramatically improve visibility into advanced threats ranging from
industrial espionage and disruption of business and financial operations
to sabotage of corporate infrastructure.

The research report is the ninth in a series from the Security for
Business Innovation Council (SBIC), and provides both business and
technology executives with specific recommendations on how to develop an
intelligence-driven approach to counter advanced threats. Based on the
real-world experiences of 17 top global information security leaders,
the report provides a playbook for enterprise security executives who
wish to leverage the universe of intelligence data available to help
detect, predict and mitigate cyber attacks.

“The day-to-day use of cyber risk intelligence is no longer just for
government agencies – it’s a required competency for corporate
survival,” said Art Coviello, Executive Chairman of RSA. “The tempo
and serious nature of recent attacks calls for urgent and bold
countermeasures that position organizations not only to detect advanced
threats, but also to predict how attacks may occur so they can take
steps to help mitigate risk and impact. Combating advanced threats
requires a new security mindset and vastly improved practices for
gathering, sharing and acting on cyber risk intelligence.”

Intelligence-Driven Security: a New Defense Doctrine for Advanced
Threats

The SBIC is a group of top security leaders from Global 1000
enterprises convened by RSA to discuss top-of-mind security concerns and
opportunities. In the group’s latest report, “Getting Ahead of
Advanced Threats: Achieving Intelligence-Driven Information Security,”
the Council advocates for a new defense doctrine for combating advanced
threats. Called “intelligence-driven information security,” this
collaborative, big data approach includes:

* The consistent collection of reliable and actionable cyber risk data
from a range of government, industry, commercial and internal sources to
gain a more complete understanding of risks and potential exposures
* Ongoing research on prospective cyber adversaries to develop
knowledge of attack motivations, favoured techniques and known
activities
* The growth of new skills within the information security team focused
on the production of intelligence
* A process for efficient analysis, fusion and management of cyber risk
data from multiple sources to develop actionable intelligence
* Full visibility into actual conditions within IT environments,
including insight that can identify normal versus abnormal system and
end user behaviour
* Informed risk decisions and defensive strategies based on
comprehensive knowledge of the threats and the organization’s own
security posture
* Best practices to share useful threat information such as attack
indicators with other organizations

“It can be hard to digest having to develop a multi-year plan to
learn who your adversaries are and how they’re going to steal from
you,” said Tim McKnight, Vice President and Chief Information Security
Officer, Northrop Grumman. “Quarter-by-quarter, you may not see any
losses. It could be years until you see the losses – when all of a
sudden, out of the blue, a company in another part of the world becomes
the leader in your space, having subsidized itself with your R&D
investments.”

The Council’s new report lays out a six-step roadmap to achieving
intelligence-driven information security:

* Step 1: Start with the Basics
I
nventory strategic assets, strengthen incident-response processes and
perform comprehensive risk assessments.
* Step 2: Make the Case
Communicate the benefits of an intelligence-driven security program to
executive management and key stakeholders. Identifying “quick wins”
to prove value out of the gate is essential for gaining broad
organizational support, including funding.
* Step 3: Find the Right People
Look for professionals who can blend technical security acumen with
analytical thinking and relationship-building skills.
* Step 4: Build Sources
Determine what data from external or internal sources would help
detect, predict or lessen the chances for a targeted attack; evaluate
sources on an ongoing basis.
* Step 5: Define a Process
Codify a standardized methodology to produce actionable intelligence,
ensure an appropriate and timely response and develop attack
countermeasures.
* Step 6: Implement Automation
Find opportunities to automate the analysis and management of large
volumes of data from multiple sources.

PDF copies of “Getting Ahead of Advanced Threats: Achieving
Intelligence-driven Information Security,” are available for download
from the Security for Business Innovation Council website at
http://www.RSA.com/securityforinnovation.

About the Security for Business Innovation Council

The Security for Business Innovation Council
(http://www.rsa.com/node.aspx?id=3151) is a group of Global 1000
security executives committed to advancing information security
worldwide by sharing their diverse professional experiences and
insights.

Council members contributing to this report include:

* Marene N. Allison, Worldwide Vice President of Information Security,
Johnson & Johnson
* Anish Bhimani, Chief Information Risk Officer, JPMorgan Chase
* William Boni, Vice President and Chief Information Security Officer,
Corporate Information Security, T-Mobile USA
* Roland Cloutier, Vice President, Chief Security Officer, Automatic
Data Processing, Inc.
* Dave Cullinane, Chief Information Security Officer and Vice
President, Global Fraud, Risk & Security, eBay
* Dr. Martijn Dekker, Senior Vice President, Chief Information Security
Officer, ABN Amro
* Professor Paul Dorey, Founder and Director, CSO Confidential and
Former Chief Information Security Officer, BP
* Renee Guttmann, Chief Information Security Officer, The Coca-Cola
Company
* David Kent, Vice President, Global Risk and Business Resources,
Genzyme
* Petri Kuivala, Chief Information Security Officer, Nokia
* Dave Martin, Chief Security Officer, EMC Corporation
* Timothy McKnight, Vice President and Chief Information Security
Officer, Northrop Grumman
* Felix Mohan, Senior Vice President and Chief Information Security
Officer, Airtel
* Robert Rodger, Group Head of Infrastructure Security, HSBC Holdings
Plc.
* Ralph Salomon, Vice President, IT Security & Risk Office, Global IT,
SAP AG
* Vishal Salvi, Chief Information Security Officer and Senior Vice
President, HDFC Bank Limited

This report also includes expertise from guest contributor William
Pelgrin, President and CEO, Center for Internet Security; Chair,
Multi-State Information Sharing and Analysis Center (MS-ISAC); and
Chair, National Council of ISACs (NCI).

About RSA

RSA, The Security Division of EMC, is the premier provider of security,
risk and compliance management solutions for business acceleration. RSA
helps the world’s leading organizations solve their most complex and
sensitive security challenges. These challenges include managing
organizational risk, safeguarding mobile access and collaboration,
proving compliance and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption
& key management
(http://www.rsasecurity.com/glossary/default.asp?id=1111), SIEM, Data
Loss Prevention, Continuous Network Monitoring, and Fraud Protection
with industry leading eGRC capabilities and robust consulting services,
RSA brings visibility and t
rust to millions of user identities, the
transactions that they perform and the data that is generated. For more
information, please visit www.RSA.com and www.EMC.com.

About EMC

EMC Corporation is a global leader in enabling businesses and service
providers to transform their operations and deliver IT as a service.
Fundamental to this transformation is cloud computing. Through
innovative products and services, EMC accelerates the journey to cloud
computing, helping IT departments to store, manage, protect and analyze
their most valuable asset – information – in a more agile, trusted
and cost-efficient way. Additional information about EMC can be found at
www.EMC.com.

EMC Canada (www.EMC2.ca), headquartered in Toronto with nine offices
from coast to coast, is a wholly owned subsidiary of EMC Corporation.

- 30 -

For more information contact:
Mike Martin/Michelle Chang
StrategicAmpersand
416-961-5595
mike@stratamp.com
michelle@stratamp.com


RSA and EMC are either registered trademarks or trademarks of EMC
Corporation in the United States and/or other countries. All other
company and product names may be trademarks of their respective owners.


If you do not wish to receive news releases from EMC Canada please
reply to this e-mail with "remove" in the subject header.