RSA, The Security Division of EMC, has announced a new program designed to enable a new generation of managed security services, leveraging intelligence-driven security solutions such as RSA Security Analytics, to help enterprises better detect and mitigate advanced threats.
RSA has also signed Verizon Enterprise Solutions as its marquee global services partner along with three other managed security service providers to reach enterprise customers around the world. Cyber threats have become so invasive and damaging, and attacks so widespread that legacy perimeter- or signature-based security controls and organizations with limited or immature security capabilities are finding themselves outmatched.
“Good enough security isn’t good enough anymore. Organizations are compromised daily through the proliferation of advanced malware and the myriad opportunities that malicious actors have to mount cyber-attacks. Security strategies and managed services that rely on an antiquated understanding of perimeter controls and legacy log monitoring methods can’t provide the deep visibility or intelligence needed for enterprises to detect and deal with today’s threats. RSA leads the way in defining and delivering intelligence-driven security solutions. RSA provides the market-leading capabilities for next generation visibility to the enterprise and advanced analytics-based contextual understanding through solutions that create the agility needed to manage business risk accordingly. Together with our Managed Security Partners, we’re now able to make these innovative capabilities accessible to, and that level of defense achievable for, almost any enterprise,” says Amit Yoran, Senior Vice President, RSA, The Security Division of EMC
The challenge for security practitioners is how to combat new and advanced targeted and persistent attacks in an environment of outdated security technologies and incident management processes amid a shortage of appropriately skilled security personnel.
The RSA Managed Security Partner (MSP) program provides a technology platform and accompanying professional services and training derived from RSA’s industry-leading portfolio, to enable select partners to offer fully managed security and critical incident response services to customers. It leverages RSA’s advanced, intelligence-driven Security Operations Center (SOC) capabilities, making them available and accessible to enterprises of all sizes to help accelerate the detection, investigation, remediation, and management of security incidents and vulnerabilities.
According to the Verizon 2013 Data Breach Investigations Report, 85 percent of compromises took hours or less. Disturbingly, in 66 percent of cases, the breach wasn’t discovered for months or even years – a nearly 20 percent jump over the previous year. Additionally, the report indicates that in 22 percent of cases, it took months to contain the breach.
RSA provides MSP program members with the ability to rapidly adopt and build services around proven advanced security operations solutions including RSA Security Analytics, the RSA Critical Incident Response Solution, RSA Security Operations Management solution, RSA ECAT software, and RSA Advanced Cyber Defense Practice. Together the RSA products and services are designed to enable RSA MSP program members to deliver the following capabilities to their customers:
- Comprehensive visibility, incorporating full network packet capture, logs, events, endpoint-sourced data, asset information, location of sensitive content, vulnerability information and other business and technical context
- Advanced security monitoring for detection, investigation, remediation, and management capabilities in a cost effective, off-the-shelf, modular yet integrated portfolio/solution
- Improved threat detection and investigative value that automatically enriches internally collected security telemetry with external threat and custom intelligence data
- Prioritized investigations and activity analysis based on customer or MSSP context, criticality, and the location of sensitive data
- Advanced endpoint malware detection and cleanup on endpoints and via the network without depending on file signatures
- Security incident management via customized advanced workflow management, notification and reporting functionality for incident management by MSSP or customer
- Skills enhancements for MSSP analysts via advanced security training and certification
Other partners joining the program includes Foreground Security and DataShield Consulting in the United States and Communication Valley Reply in Europe.