RSA and BlackBerry Work Together to Combine Strong Authentication and Advanced Security

We are happy to be providing advanced security and, in particular, strong authentication with the RSA SecurID Software Token for BlackBerry 10. BlackBerry 10 provides a strategic platform for us to expand the RSA SecurID offering and potentially to look at extending other controls and solutions to these devices. Moreover, BlackBerry 10 is an integral addition to RSA’s broad portfolio of supported mobile platforms.

The End of The World is (NOT) Nigh!

How many times have we heard not just FUD (Fear, Uncertainty and Doubt) but doom-saying and the over-the-top crowing of imminent cyber-immolation of life as we know it: Cyber Pearl Harbors and Cyber 911s or Cyber Apocalypses and Cyber “weapons of mass destruction.” FUD breeds one of two responses: fear that leads to inaction or the formation of a cyber-callus that leads to indifference. The last sentence is me paraphrasing the inimitable Art Coviello at Wednesday’s Cyber Threat: How Industry Leader’s Respond (#cyberthreatsFBI) event along with Tom Gobeille (host), Kirk Bailey of the University of Washington, Norman Barbosa (assistant US attorney general) and CJ Sperber, Jr (Special Agent Cyber Crime Squad).

Adaptive IAM: On the Front Lines of Cyber Security

Like most technologies, Identity and Access Management (IAM) has been challenged by new business and IT trends that are causing serious disruptions in how we approach information security. The exponential growth of digital identities coupled with the increasing use of software as a service and mobile and cloud platforms have made the traditional perimeter all but disappear. As a result, legacy IAM tools that have been a security mainstay for decades are simply failing to keep up.

Realizing all the Promises of Mobility

The SBIC has produced a new report that is mobile centric called “Realizing the Mobile Enterprise.”  The council builds on data.  In this case, it builds on a fascinating series of online polls that show a rapid litmus-like test of the mobile landscape and, in particular, the degree to which “the enterprise” (an interesting notion…

Security and Big Data: a match made in Heaven

Big Data in security happens when you get the mathematicians to find patterns in data and then true that up with the security experts and then turn that into a meaningful set of tools and then set about improving it. The tools, from analysis and predictive tools to machine learning and response tools have to become intuitive and transparent to end users: as I’ve said before in a few places we have to focus on the task and not on the tools themselves. We need to be able to jump from the findings of a tool to another tool without stopping to think about interoperability and without a cool off period that winds up doing nothing but cooling our passion when pursuing the bad guy through a network.

Adapt or Die: Even Passwords Can Get Tougher

We can reinforce them with other form factors and can use multi-factor authentication in many places, but we have passwords all over the place and that is basically not going to change for the foreseeable future. Something must be done to beef up the security of passwords in general (and of other credentials) to force the bad guys to ever greater costs and difficulty (and lower likelihood of success), and that is the spirit behind RSA’s announcement today of RSA Distributed Credential Protection. But before diving into that, let’s talk about the landscape and the problem scope.

The Advent of Adaptive IAM: Security in Motion

“Opportunities multiply as they are seized” -Sun T’zu, the Art of War “It is difficult to understand the universe if you only study one planet” -Miyamoto Musashi, Book of Five Rings   Go Rin No Sho, Source RSA announced today a new solution to help customers ensure trusted identity and access management across enterprise and…

This Too Shall Pass

As I’ve said before, the best practical measure of security that I can think of is “cost-to-break.” It’s a good reflection of the relative difficulty that someone has to go through to overcome a particular measure or control. It also helps to deal in “currency” as a consistent unit (for a given economy) for a lot of modeling purposes, and of course you can even factor in things like “windows” of opportunity and risk with a financial-model for defining security.