August 2, 2011
Global Information Security Execs Urge – ‘Assume You Are Compromised’
BEDFORD, Mass., Aug. 2, 2011 /PRNewswire/ -- RSA, The Security Division of EMC (NYSE: EMC), released a new report that takes an in-depth look at the seismic shift in the cyber threat landscape, as enterprises are increasingly targeted for corporate espionage and sabotage. The report, the latest in a series from the Security for Business Innovation Council (SBIC), asserts that for most organizations, it's a matter of when, not if, they will be targeted by advanced threats. In an environment where the focus shifts from the impossible task of preventing intrusion to the crucial task of preventing damage, the report includes instructive guidance from 16 global security leaders for confronting this new class of threat.
To view the multimedia format of this release visit: http://www.rsa.com/go/press/RSATheSecurityDivisionofEMCNewsRelease_8211.html
The SBIC is a group of the industry's top security leaders from Global 1000 enterprises that discuss top-of-mind security concerns and how the application of information security can address those concerns and enable business innovation. The recent string of sophisticated cyber attacks -- affecting pillars of industry and government -- provides the backdrop for the latest report: When Advanced Persistent Threats Go Mainstream: Building Information-Security Strategies to Combat Escalating Threats. Within this landscape, the report reveals that APTs - a menace once confined to the defense industrial base and government agencies - are now targeting a broad range of private sector organizations to nab valuable intellectual property, trade secrets, corporate plans, access to operations and other proprietary data.
"It is a very intelligent, well-armed, and effective foe that is fantastic at what they do," said Roland Cloutier, Vice President, Chief Security Officer, Automatic Data Processing, Inc. and member of the SBIC. "It's going to take a new approach in most enterprises to combat it."
Fundamental Change in Quality of Cyber Attacks
The term APT originated to describe cyber espionage in which a nation-state gains access to a network to, over long periods of time, extract national security data. Today the term APT has broadened as attackers expand their target lists and nation-states are no longer the only groups deploying these sophisticated techniques. Rather than gain entry through the network perimeter, today's ambitious attackers prefer to target human vulnerabilities, exploiting end users through social engineering techniques and spear phishing.
"Cyber criminals have aggressively shifted their targets and tactics," said Art Coviello, Executive Chairman, RSA, The Security Division of EMC. "In the never-ending war for control of the network, the battle must be fought on many different fronts. All organizations are part of the greater ecosystem of information exchange and it is everyone's responsibility to build and protect that exchange."
Top Security Officers Urge, "Assume You Are Compromised"
This latest report from the SBIC urges organizations to adopt a new security mindset, shifting the concept of success from preventing infiltration to detecting attacks and mitigating damage as quickly as possible. With this in mind, the Council offers seven defensive measures against escalating APT threats:
- Up-level intelligence gathering and analysis - Make intelligence the cornerstone of your strategy.
- Activate smart monitoring - Know what to look for and set up your security and network monitoring to look for it.
- Reclaim access control - Rein-in privileged user access.
- Get serious about effective user training - Train your user population to recognize social engineering and compel them to take individual responsibility for organizational security.
- Manage expectations of executive leadership - Ensure the C-level realizes the nature of combating APTs is fighting a digital arms race.
- Rearchitect IT - Move from flat to segregated networks so it's harder for attackers to roam the network and find the crown jewels.
- Participate in intelligence exchange - Leverage knowledge from other organizations by sharing threat intelligence.
About the Security for Business Innovation Council
The Security for Business Innovation Council is a group of highly successful Global 1000 security executives who are committed to sharing their own insights to help move information security forward at organizations worldwide. Council members include:
- Marene N. Allison, Worldwide Vice President of Information Security, Johnson & Johnson
- Anish Bhimani, Chief Information Risk Officer, JPMorgan Chase
- William Boni, Vice President and Chief Information Security Officer, Corporate Information Security, T-Mobile USA
- Roland Cloutier, Vice President, Chief Security Officer, Automatic Data Processing, Inc.
- Dave Cullinane, Chief Information Security Officer and Vice President, Global Fraud, Risk & Security, eBay
- Dr. Martijn Dekker, Senior Vice President, Chief Information Security Officer, ABN Amro
- Professor Paul Dorey, Founder and Director, CSO Confidential and Former Chief Information Security Officer, BP
- Renee Guttmann, Chief Information Security Officer, The Coca Cola Company
- David Kent, Vice President, Global Risk and Business Resources, Genzyme
- Petri Kuivala, Chief Information Security Officer, Nokia
- Dave Martin, Chief Security Officer, EMC Corporation
- Timothy McKnight, Vice President and Chief Information Security Officer, Northrop Grumman
- Felix Mohan, Chief Security Officer, Airtel
- Ralph Salomon, Vice President, IT Security & Risk Office, Global IT, SAP AG
- Vishal Salvi, Chief Information Security Officer and Senior Vice President, HDFC Bank Limited
- Denise Wood, Chief Information Security Officer and Corporate Vice President, FedEx Corporation
This report also includes perspective from special contributor Mischel Kwon - former Director, US Computer Emergency Readiness Team (CERT) and President of Mischel Kwon & Associates - who is widely recognized for her experience and expertise in dealing with APTs.
The report released today is the eighth in the series. RSA expects to publish more original Council reports over the coming months. Those interested in learning more about the Security for Business Innovation Council reports can visit the RSA Thought Leadership website at http://www.RSA.com/securityforinnovation/ to view and download all of the studies.
RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.
Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.
RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other company and product names may be trademarks of their respective owners.
SOURCE EMC Corporation