News
RSA Security Brief Provides Insights on Leveraging New Security Monitoring and Big Data Analytics Capabilities for Improved Threat Detection and Remediation
October 2012 by Marc Jacob
Industry experts assert that today’s latest threat landscape requires an evolution of SIEM systems and perimeter-focused defenses to gain better visibility, agility, and speed into complex IT environments. Security teams must deploy “big data” analytics capabilities, drawing from huge volumes and varieties of security device log and threat-intelligence data to identify and remediate advanced attacks faster and more effectively.
Full Story:
Today RSA, The Security Division of EMC® Corporation (NYSE:EMC), announced a Security Brief providing strategic guidance for how organizations can transform SIEM (Security Information and Event Management) into a more effective platform for combating advanced threats. In this latest RSA® Security Brief, “Transforming Traditional Security Strategies into an Early Warning System for Advanced Threats,” leading experts in cyber security from CSC, RSA, Terremark, and Verizon lay out the capabilities needed in next-generation information security strategies. Chief among these capabilities is “big data” security analytics: using vast volumes of information from diverse sources to detect security threats based on behaviors and context, not signatures.
Government agencies and prominent corporations alike have experienced cyber attacks custom-designed to breach their defenses. In most cases, attacks were discovered only after damage was done. The Security Brief’s authors contend that today’s conventional security approaches, focused on the perimeter and anchored by SIEM systems, are designed for yesterday’s threats and digital infrastructures, not the highly targeted advanced threats now facing today’s more open, mobile, and connected organizations.
To detect and defeat advanced threats, organizations should consider an emerging class of security analytics system that can help them gain comprehensive, clear, and continuous visibility
into complex IT environments. The Security Brief outlines four core capabilities of large-scale security analytics systems.
Pervasive visibility enabled by network packet capture and full session reconstruction Deeper analytics to examine risks in context and compare behavior patterns Massive scalability to handle the diverse deluge of information that’s increasingly needed for complete situational awareness Centralized repository for security-related data to help security teams analyze incidents in context and speed decision making about prospective threats
Authors of the RSA Security Brief include some of the industry’s foremost security leaders:
Brian Girardi, Senior Director, Product Management, RSA, the Security Division of EMC David Martin, Vice President and Chief Security Officer, EMC Global Security Organization, EMC Corporation Jonathan Nguyen-Duy, Director of Global Security Services, Verizon Mario Santana, Vice President of Secure Information Services, Terremark, A Verizon Company Eddie Schwartz, Vice President and CISO, RSA, The Security Division of EMC Dean Weber, Chief Technology Officer, CSC
RSA Security Briefs are designed to provide security leaders with essential guidance on today’s most pressing information security risks and opportunities. Each Security Brief is created by a select response team of experts who mobilize across organizations to share specialized knowledge on a critical emerging topic. Offering both big-picture insight and practical technology advice, RSA Security Briefs are vital reading for today’s forward-thinking security practitioners.
