Home, Page 2

Detecting “Petya/NotPetya” with RSA NetWitness® Endpoint and RSA NetWitness® Packets

By Alex Cox, Christopher Elisan and Erik Heuser, RSA Research A Ransomware variant known as “Petya/NotPetya” began making the rounds on June 27, 2017. This ransomware takes a different approach to denying access to the victim’s files. Instead of the usual displaying of a message and letting the victim browse to really see that the…

YIN AND YANG: TWO VIEWS ON IAM – Global Risk Standards or States & Nations Policies

By Steve Mowll and Chris Williams POINT: Chris Williams – Advisory Architect, RSA Identity In our last blog, I stated the following about why we most commonly engage in security practices. And these two items were represented: We embrace identity projects because we need to satisfy compulsory mandates. We need to provide competitive protective services…

Key Considerations for Selecting a Consumer Authentication Vendor

The EU’s Payment Services Directive II (PSD2) has generated many questions from the financial services and payments industry. So much so we have found some in the industry turning to RSA for advice and guidance on the key considerations they need to put forth as they prepare to issue requests for proposals from potential consumer…

Protecting PingFederate® Users with RSA SecurID® Access

It’s 10 o’clock. Do you know where your users are? Believe it or not, there was once a time when this question was easy to answer. If “Steve” was logged into the corporate network, there was a very high-level of certainty you would find him sitting in his cube, on the 4th floor of building…

Blank Slate: A Tale of Two Malware Servers

In March 2017, Palo Alto Networks Unit 42 published research on a new malicious spam campaign dubbed “Blank Slate.” Named as such because the malspam message is empty. Only the malicious attachment is present, as seen in Figure 1. Figure 1: Blank Slate malspam e-mail Recently, Blank Slate struck deploying Cerber ransomware once again, affording…

Protecting VMware Workspace™ ONE™ Users with RSA SecurID® Access

While 1999 brought us the Breitling Orbiter 3, Warner Bros. sci-fi thriller “The Matrix,” and Britney Spears mega-hit “Baby One More Time,” it was also a banner year in cybersecurity. During the last twelve months of the millennium, we witnessed the advent of Microsoft’s Windows 98 release, the arrival of the American Express “Blue” card…

Yin and Yang: Two Views on IAM – Active Directory Automation, Success or Failure?

By Steve Mowll and Chris Williams Point: Effective identity management strategies are business-based, and should rise above technical limitations. Steve Mowll, Identity Architect, RSA True point, but in order to have effective strategies, they must be directed towards a desired outcome. Let’s take a look at this idea using Active Directory (AD) projects as an…

Completing the Puzzle

In a previous blog I reviewed the real world pay back for being a risk leader.  Let’s say your company gets it, they know that good risk management increases the likelihood objectives will be fulfilled and profits improved, and now you’ve been given the assignment to start the risk management program to make your organization a…

Defining Your Cyber Risk Appetite

When a senior executive tells the board he or she wants to discuss the company’s risk appetite, usually the board’s interest is piqued. After all, understanding an organization’s risk appetite is critical to the decisions the board makes. So why should defining a company’s cyber risk appetite be so difficult? A CISO’s role is to…

Capture the Prize

Risk is the effect of uncertainty on objectives.  Managing risk well increases the certainty that objectives will be achieved.  Not surprisingly, organizations leading in risk management “capture the prize”.  According to a PWC Risk Review, organizations more frequently achieve their objectives, are more profitable and less likely to experience a negative profit margin than those…