RSA conference: Security giant reveals lessons learnt from data breach

Security firm uses its devastating security breach to positive effect

Senior staff at security firm RSA, part of infrastructure solutions giant EMC, gave delegates at the London based RSA conference yesterday details of the lessons the company had learnt from its devastating network breach in March this year.

Art Coviello, executive vice president for EMC and executive chairman of RSA, began by describing the difficulty of defending against modern cyber attacks.

"People are the new perimeter, contending with zero-day malware delivered through spear-phishing attacks that are invisible to traditional perimeter-based security defenses such as anti-virus and intrusion detection systems," he said.

"Clearly, conventional security is either not effective or not enough. The threat landscape is evolving and our security systems must change to outpace our adversaries."

And company president Tom Heiser described the cat-and-mouse game that cyber criminals and security professionals play.

"Sophisticated attackers know traditional security controls and are adapting and changing tactics," he said. "[They are] determined to find exploits in complex, rapidly evolving IT environments and through people."

He made five recommendations for enterprises to tighten up their network security.

• Reassess your risk: Conduct a risk assessment to identify your high-value and high-risk information assets, looking at things from a cyber criminal's perspective.
• Re-think malware protection: Your anti-virus solutions will work up to a point, but additional security measures are required.
• Install security and network forensics capabilities for continuous monitoring and improved analysis of network traffic.
• Harden identity and access management procedures.
• Increase user education and communication: Staff need to be aware of their responsibilities to help defend the corporate network.