The Schwartz Report

Blog archive

RSA's New Leader To Tackle Rapidly Shifting Security Landscape

This is not your father's RSA. That was the message the company's new president, Amit Yoran, effectively gave in the opening keynote on Tuesday at the annual RSA Security Conference in San Francisco attended by more than 30,000 IT security professionals. While it's hosted by RSA, a subsidiary of EMC known for its development of the industry standard RSA public key cryptography algorithm, the conference is an industry event with participation by its partners and competitors alike.

While focusing his keynote on issues that plague security professionals, it set the stage for changes Yoran is planning for the company he took the reins of last year from longtime President Art Coviello, who recently retired. "We're reengineering RSA across the board to enable us to deliver on this vision," Yoran said toward the end of his address. "This time next year, we won't be the same RSA you have known for decades."

Yoran didn't use his keynote to explain how he plans to remake RSA. But at a gathering of press and analysts a day earlier in brief remarks he indicated a move away from RSA's original SecureID strong authentication token platform. Addressing the current risk factors, which extend beyond enterprise perimeters thanks to the growing ubiquity of public and hybrid cloud services, he noted the launch of its new Via identity management product line and extensions to RSA Security Analytics.

RSA described its new Via portfolio as the first smart identity tools that use contextual awareness instead of static rules such as traditional passwords to single sign-on access to systems. The first in the portfolio, RSA Via Access, is a software-as-a-service (SaaS) offering that offers step-up authentication using mobile devices to provide single sign-on access. The portfolio also includes RSA Via Governance, built on its identity management and governance platform acquired by Aveksa, which provides views into access privileges, automates user access and flags orphan user accounts and inappropriate user access, according to the company. Also built on its Aveska acquisition is the new Via Lifecycle, a user provisioning platform.

The other major area of emphasis for the company is the extended capabilities of RSA Analytics. Based on RSA's 2011 acquisition of NetWitness, which Yoran led as CEO at the time, the company is launching a new release of RSA Analytics that will focus on extending visibility from the endpoint to the cloud. And that gave Yoran fodder for much of his talking points in his opening keynote.

Referring to the 2014 Verizon Data Breach Investigations Report that found less than 1 percent of successful advanced threat attacks were spotted by SIEM systems, he argued his call for change. "We're still clinging to our old maps," he said. "It's time to realize that things are different."

Given existing defense mechanisms are not sufficient in and of themselves these days, he believes analytics will be key to proactively identifying attacks. "We must adopt a deep and pervasive level of true visibility everywhere, from the endpoint to the network to the cloud, if we have any hope of being able to see the advanced threats that are increasingly today's norm," he said.

The Stuxnet, Equation Group and Carbanak intrusions are a handful of examples he pointed to. "One of the defining characteristics across all of them is their stealthy nature," he said. "Until written about they were virtually undetectable because they bypassed traditional defenses. Even now many organizations operate completely blind as to whether they are victim to these published techniques. Traditional forms of visibility are one-dimensional, yielding dangerously incomplete snapshots of an incident, let alone any semblance of understanding of an attack campaign. Without the ability to rapidly knit together multiple perspectives on an attack, you'll never fully understand the scope of the overall campaign you're facing."

Arguing he wasn't hawking his products, Yoran said "I'm not just standing up here and saying 'buy RSA gear.' I'm the first to admit that we need to go further than what is available today. We're on a journey to full visibility. Our environments, business practices and adversaries continue to evolve and so must we."

As I said, this is not your father's RSA.

Posted by Jeffrey Schwartz on 04/21/2015 at 2:19 PM


comments powered by Disqus

Subscribe on YouTube