Speaking of Security – The RSA Blog and Podcast

The level and sophistication of advanced threats is a constantly moving target pitting the advantages of smart and patient attackers against security teams that often times can’t possibly know what to look for when an attacker employs specialized techniques and tools designed to cloak their movements. What happens when an attacker doesn’t have to rely on malware to infiltrate their target or when an attacker is able to successfully blend in like a legitimate insider? In this edition of the Speaking of Security Podcast, Tom Chmielarski, Practice Lead in RSA’s Advanced Cyber Defense Services shares some of the attack techniques he’s seen used in real breach cases, along with best practices used in the detection and defense of these advanced attacks.

• 

In light of the recent events I’ve reflected on how valuable electronic health records (EHR) and health information exchange (HIE) participation can be in a time of crisis to immediately access critical life saving data on impacted victims. EHRs not only allow for first responders to quickly access victims’ healthcare information, but also allows for more accurate ambulatory, ER and clinical decision making in life or death situations.

• 

Like most technologies, Identity and Access Management (IAM) has been challenged by new business and IT trends that are causing serious disruptions in how we approach information security. The exponential growth of digital identities coupled with the increasing use of software as a service and mobile and cloud platforms have made the traditional perimeter all but disappear. As a result, legacy IAM tools that have been a security mainstay for decades are simply failing to keep up.

• 

Organizations which deploy RSA Authentication Manager (SecurID) for enforcing two-factor authentication frequently think of their RSA SecurID solution only as an additional security control to enforce strong authentication to resources. However, by analyzing the wealth of log data that is generated by RSA Authentication Manager, organizations can gain valuable intelligence that can be useful to detect attacks and perhaps even predict new attacks.

• 

For more than 6 years, RSA, the Security Division of EMC, and LexisNexis® Risk Solutions have successfully collaborated in providing RSA’s consumer-oriented Identity Verification service which utilizes dynamic knowledge-based authentication (KBA) to validate user identities in real-time through a series of generated questions within databases containing billions of public and commercially available records.

In continuing this collaboration, we recently saw an opportunity to evolve our relationship so we could each focus more on our core competencies. On March 31, 2013, we sold LexisNexis the RSA Identity Verification service which RSA acquired through its acquisition of Verid in 2007.

• 

So I’ve called the Help Desk before. I’ve been that person on the other end who becomes a statistic, a cost point in the never-ending battle to keep costs low, to stay more efficient. The reasons I’ve had to call the Help Desk are myriad, but more often than not it’s because I’ve locked myself out of something. It’s a pain point for all of us. If you ask organizations what common user issue their Help Desk staff is plagued with the most, it is password resets. In a recent research study we worked with the SANS Institute on, 42% of organizations stated that password reset requests were the number one reason users called most often – so at least I’m not alone.

• 

I have mostly written about mobile apps; specifically on apps becoming an integral part of our daily lives. This is a fact that can be proven by the increase in the number of apps available and downloaded via public app stores. So what else is happening in the information security world? We are bombarded with news articles each day. The key is to identify the combined impacts of these seemingly disparate trends ̶ or news and see the big picture and may be even predict the future.

• 

I’m glad to see the 3DS (3D Secure) industry is finally catching up with RSA’s risk based strategy to address the consumer need for ease and convenience, while helping to protect customer PII as they shop on-line. Because when it boils down to what cardholders want and what card issuers need; if it doesn’t work neither side will be willing to use it!

• 

Risk-based authentication is one of the simplest security technologies to understand while at the same time being one of the most intelligent and adaptable. The concept of risk-based authentication is very similar to the risk decisions we make in our daily life – from how we drive our car to where we invest our money.

• 

At the annual SC Magazine Awards, RSA’s defense of access continues to drive the state-of-the-art for the market. First, RSA SecurID maintained its position as the standard by which authentication solutions are judged, garnering the 2013 SC Magazine Award for Best Multifactor Authentication Solution. Additionally, following the mantra of “trust, but verify” RSA’s work in risk analysis and evaluation was also showcased with the award for Best Fraud Prevention for RSA Adaptive Authentication. This award is particularly satisfying as the Conference this week also saw the release of the groundbreaking RSA Authentication Manager 8.0 which brings big data-driven risk analytics to bear to achieve new levels identity assurance in enterprise, cloud and mobile environments.

•