Speaking of Security – The RSA Blog and Podcast

The Security for Business Innovation Council report published last month lays out a roadmap for responding “When Advanced Persistent Threats Go Mainstream” (as the report title puts it). One of the most important recommendations in that report is captured by Roland Cloutier, VP and CSO of ADP Inc, when he says: “you have to have the resources and a process for risk decision-making that enable rapid changes to your protection platform.” That is, the roadmap in the report doesn’t lead to a static, unchanging security monolith. It’s a model for a process that builds dynamism into security, not unlike the architectural model of the Dynamic Tower that David Fisher has designed for Dubai.

In one of its recent findings, RSA FraudAction Research Labs has uncovered yet another new underground shop which was opened a few weeks ago, selling fraud commodities e-commerce style. The new shop offers access to compromised resources, compromised webmaster credentials, and custom PHP coding for their cybercrime clientele.

On the 25th of January the EU Justice Commissioner Viviane Reading proposed some changes to the 17 year old EU Data Protection Directive claiming that the new rules will both cost less for organizations and governments to administer and also improve the privacy rights of EU citizens. She also emphasized overall savings in the cost of Compliance of up the 2.3 million Euros.

In our last post, we made some pretty safe predictions about how the payment security landscape will evolve this year. Now let’s make a few more daring predictions about what might happen in the coming months:

RSA recently published the SBIC report entitled ‘Getting Ahead of Advanced Threats’ a copy of which can be found here; Security for Business Innovation Council report. It introduces the concept of Intelligence Driven Security as ‘Developing real-time knowledge on threats and the organizations posture against those threats in order to prevent, detect, and/or predict attacks, make risk decisions, optimize defensive strategies and enable actions’.

RSA released the ninth installment of the Security for Business Innovation Council report last month, and through a series of blog posts on Speaking on Security, we’re going to analyze the various areas highlighted in the findings. Today I’m going to explore the concept of Intelligence-Driven Security. In our world, intelligence-driven means that information coming in from all of our available sources will influence our actions—some of which will become automated over time.

One of the best things about moving to Europe has been learning about and getting engaged with European-based research initiatives. One of these initiatives is the FuturICT project. I was introduced to FuturICT by Donagh Buckley, EMC Director of Research for EMEA, and through him met the Chair of the FuturICT Steering Committee, Dr. Dirk Helbing, who works at the ETH here in ZÜrich. Dirk, Anna Carbone (also of the FuturICT project) and I got together for dinner last week to discuss the project and its points of intersection with EMC technologies and programs.

Of all the terms describing identity theft methods, “Vishing” (which stands for “Voice Phishing”) is perhaps the most ambiguous one. A simple Google query for the definition of the term shows just some of its multiple interpretations. But why are fraudsters using this type of attack?

RSA recently published the SBIC report entitled ‘Getting Ahead of Advanced Threats’. One of the recommendations from the report is about finding the right people with the right skills to become Cyber Security Analysts. Dave Martin, CSO for the EMC suggests “ Cyber Risk intelligence requires a skill set combining abilities to understand threats, the business environment and security controls in order to determine the risks to the business and what controls would mitigate this risk.” This is a pretty tall order for most organizations. They may have many individuals whose skills match one of these areas, but rarely all of them.

It’s 2012 and the reality of 2011′s shifting security landscape should have set in by now. As much as many of you may want to go back to the days of worrying about Anti-Virus definition files, basic patching, and a single border firewall as the makeup of your entire security posture, its time to take a serious look at how you will plan your defenses for 2012.