RSA's Art Coviello Points to Big Data as Transformative Solution to Security Challenges

Tue Feb 26, 2013 11:30am EST

* Reuters is not responsible for the content in this press release.

For best results when printing this announcement, please click on the link
below:

http://pdf.reuters.com/pdfnews/pdfnews.asp?i=43059c3bf0e37541&u=urn:newsml:reuters.com:20130226:nPnNE66226

RSA Executive Chairman Declares Big Data Analytics Will Help Security
Practitioners Regain The Advantages Of Vigilance And Time Over Sophisticated
Attackers
SAN FRANCISCO,  Feb. 26, 2013  /PRNewswire/ -- RSA CONFERENCE 2013 --

News Summary:

* The convergence of Big Data with mobility, cloud, and a social media-driven
society have created unparalleled opportunities alongside an equally evolving
threat landscape.  
* Big Data analytics and velocity lead to intelligence-driven security models
that can learn and evolve from continuously changing threats.  
* The security industry must adopt an adaptive capacity to meet the challenges
of advanced threats.

Full Story:

In his opening keynote at RSA Conference 2013,  Art Coviello, Executive Vice
President of  EMC Corporation  and Executive Chairman of RSA, The Security
Division of EMC®  (NYSE: EMC) addressed a record crowd about the ways that  Big
Data  is transforming the security industry, information technology, business
and society.  Specifically Coviello articulated how an intelligence-driven
security strategy that uses powerful Big Data analytics will help security
practitioners regain the advantages of vigilance and time to better detect and
defend against advanced threats.  

Coviello noted the sheer amount of unstructured data being mined and the
richness and variability of that data provides great opportunities for business
and society, while that same data also provides new attack vectors for
adversaries.

"But, new tools and techniques are coming online to analyze all of this data. It
won't be long before Big Data applications and stores become the 'crown jewels'
of an organization. . .  And those crown jewels will be readily accessible in
the cloud and via mobile devices across our hyper-connected enterprises - and
not just by us, but by our adversaries as well."

Coviello also called for a more realistic level of understanding when it comes
to the escalation of threats. "Having the right level of understanding is key,
because if we, as an industry, overhype this situation, organizations won't take
the necessary measures to prepare themselves."

Coviello put forward that organizations can no longer afford to remain idle when
it comes to updating their security measures and must be willing to take action
to adopt an intelligence-driven security model to better defend against unknown
threats.  The security industry, he said, must also develop an adaptive capacity
built on security analytics, risk-based controls and multiple sources of threat
intelligence to help security organizations more rapidly identify and respond to
threats.  Coviello articulated his vision for an intelligence-driven security
model enabled by Big Data that can be applied in two ways:

* Security Management for Big Data  - Despite today's compute power, bandwidth,
database management and storage capacity, organizations will still require all
data sets to be analyzed so that they can gain better visibility into a wide
variety of contextual data, structured and unstructured, internal and external.
Organizations will need to have the right level of context to build specific
information about digital assets, users and systems.  Big Data architectures can
and should be scalable enough to meet each organization's unique requirements.
Organizations will then be able to spot and correlate abnormal behavior in
people, transactions and the flow and use of data to identify potential attacks
and fraud.   
* Development and application of controls for Big Data -  Organizations will
need to subscribe to a more holistic approach for implementing individual Big
Data controls by replacing isolated controls that are task-specific, such as
malware blocking.  Individual controls should evolve to interact with
intelligence feeds, risk and compliance platforms, security management systems,
and each other making them more dynamic and situationally aware.  Other
task-specific Big Data controls should have the capacity to be self-learning.

Coviello also cited examples of technologies starting to meet these new Big Data
requirements by building tools with Big Data analytics such as the new RSA® 
Authentication Manager 8.0 platform. He outlined how Authentication Manager 8.0
combines risk-based analytics drawn from a self-learning engine refined through
more than 30 billion transactions with a powerful rules engine and
industry-leading RSA SecurID®  two-factor authentication.  RSA also recently
announced the RSA®  Security Analytics platform that is designed to provide a
Big Data approach to security monitoring by fusing security log and packet data
with internal and external threat intelligence.  

Referring to RSA's recent Big Data  Security Brief, Coviello highlighted the six
guiding principles that can help organizations begin planning for the Big
Data-driven transformation of their security toolsets and operations as part of
an intelligence-driven security program.   

Additional Resources

* Download the RSA Security Brief, "Big Data Fuels Intelligence-Driven Security"
 
* Get  Art Coviello's full RSA Conference 2013 keynote transcript on the EMC
Reflections Blog  
* Connect with RSA via  Twitter,  Facebook,  YouTube,  LinkedIn  and the  RSA
Speaking of Security Blog and Podcast

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and
compliance management solutions for business acceleration. RSA helps the world's
leading organizations succeed by solving their most complex and sensitive
security challenges. These challenges include managing organizational risk,
safeguarding mobile access and collaboration, proving compliance, and securing
virtual and cloud environments.  

Combining business-critical controls in identity assurance, encryption & key
management, SIEM, Security Analytics, Data Loss Prevention and Fraud Protection
with industry-leading GRC capabilities and robust consulting services, RSA
brings visibility and trust to millions of user identities, the transactions
that they perform and the data that is generated. For more information, please
visit  www.EMC.com/RSA.

EMC, RSA and SecurID are either registered trademarks or trademarks of EMC
Corporation in  the United States  and/or other countries.  All other products
and/or services referenced are trademarks of their respective companies.

This release contains "forward-looking statements" as defined under the Federal
Securities Laws.  Actual results could differ materially from those projected in
the forward-looking statements as a result of certain risk factors, including
but not limited to: (i) adverse changes in general economic or market
conditions; (ii) delays or reductions in information technology spending; (iii)
the relative and varying rates of product price and component cost declines and
the volume and mixture of product and services revenues; (iv) competitive
factors, including but not limited to pricing pressures and new product
introductions; (v) component and product quality and availability; (vi)
fluctuations in VMware, Inc.'s operating results and risks associated with
trading of VMware stock; (vii) the transition to new products, the uncertainty
of customer acceptance of new product offerings and rapid technological and
market change; (viii) risks associated with managing the growth of our business,
including risks associated with acquisitions and investments and the challenges
and costs of integration, restructuring and achieving anticipated synergies;
(ix) the ability to attract and retain highly qualified employees; (x)
insufficient, excess or obsolete inventory; (xi) fluctuating currency exchange
rates; (xii) threats and other disruptions to our secure data centers or
networks; (xiii) our ability to protect our proprietary technology; (xiv) war or
acts of terrorism; and (xv) other one-time events and other important factors
disclosed previously and from time to time in the filings of EMC Corporation,
the parent company of RSA, with the U.S. Securities and Exchange Commission. 
EMC and RSA disclaim any obligation to update any such forward-looking
statements after the date of this release.

SOURCE  EMC Corporation


Lona Therrien, RSA, The Security Division of EMC, +1-781-515-5449,
lona.therrien@rsa.com

Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.