Speaking of Security – The RSA Blog and Podcast

Continuing on the theme from a previous blog, what if the use of state-of-the-art security technologies were believed to conflict with EU data privacy regulations? Are security professionals really to be put in the difficult position of not being able to use the most current security approaches to protect their organizations and users? Is there a way to both protect the organization and its users while respecting the rights of users to not be excessively and unreasonably monitored?

I was at a customer event recently and was party to a discussion on the ‘disappointment’ or disillusionment in deploying Data Loss Prevention and comments like ‘well, it just doesn’t do what it’s supposed to do’ or ‘it’s too tricky to deploy’. Well, the truth is DLP technology is not something that comes off the shelf in a one size fits all package. Here are the things DLP is not going to do for you:

We are a funny lot in Europe, guarding our privacy and more importantly the privacy of our data is of paramount importance.   The protection and privacy of personal data is a fundamental right within the EU. According to the Digital Agenda for Europe, concerns about privacy are among the most frequent reasons for people not [...]

Whether its data that’s governed by regulations or vital to a company’s competitive advantage, every organization has information they’d like to protect from outsiders. One logical place to start when looking to protect this information is with a Data Loss Prevention (DLP) tool. But, what many companies struggle with is how to figure out what information is sensitive for different groups and how it should be handled. Everyone knows that there is highly sensitive data across the organization that needs to be protected, but how do business managers let the IT security team know what specific data needs to be protected?

For a CIO, CISO, or anyone else who oversees IT security, it’s critical to have a maturity model in hand. You will never reach your desired end-state by simply buying the right product or building the right org structure. You have to get there in stages, perhaps starting by implementing a rigorous risk assessment process, then building a world-class security operations center.

In case you missed it last week, VMware announced their latest version of vShield App with Data Security, which has RSA’s DLP technology embedded to help discover and classify sensitive data in virtual machines. One of the key points here is that data discovery and classification capabilities are now built-in to the virtual infrastructure, making the virtual infrastructure content-aware for the first time. So you may ask, what’s the big deal about being built-in instead of bolted-on?

Incident Management is a broadly used term but in our world of network security, it is inherently defined as the process an organization uses to identify, investigate and remediate a potential or real threat to their network resources and users.

Welcome to one of Speaking of Security’s newest blogs completely focused on security management, something we’re calling Security Management Insights or SMInsights for short. I am honored to author the initial post in which should be a highly active and thought provoking forum for dialogue related to the challenges facing today’s information security professionals. This is a team blog so you will benefit from hearing from a multitude of product managers from the products and solutions which comprise RSA’s emerging Security Management Suite. We continuously receive the opportunity to interact with customers and analysts and will use this blog to share insights about organizations’ security challenges and strategies.

In this modern world where information is one of the most, if not the most important assets an organization can have, CISOs are tasked with preventing attackers from coming into their networks and stealing sensitive data. In order to do that, they arm themselves with an assortment of security tools, products and services used to secure these networks, protect information and mitigate the various threats to it. However, while these solutions grow more sophisticated, so do the challenges of the modern world CISOs face.

The question of “why” EMC has acquired NetWitness will no doubt come up (beyond the fact that they are the obvious market leader with awesome technology) and how do they fit? Over the next few months that will become increasingly clear and in fact obvious if it isn’t already, but I thought I’d start with a simple analogy that I will connect first with RSA enVision (i.e. with Security Information and Event Management or “SIEM”) and then with RSA Archer (i.e. with Governance Risk and Compliance or “GRC”).