RSA calls on organizations to up ante in protecting themselves

Wednesday, November 30, 2011

Latin American companies need to put multiple layers of cyber security in place if they are to better fend off the increasingly complex level of attacks, FJ Gould, sales manager for Brazil and the Southern Cone with RSA, the security division of storage vendor EMC (NYSE: EMC), told BNamericas.

Gould said that phishing and trojans are still the most predominant type of attack in the region and that Brazil is one of the hacking capitals of the world, largely because of the size of its market.

"There's the famous saying from the 1930s when the police asked a bank robber why he robs banks and he answered, 'Because that is where the money is.' It's as simple as that," Gould said.

Start your 15 day free trial now!


Already a subscriber? Please, login

"Criminals will rob the biggest banks and seek the most important information. They're not stupid. They are going to prioritize; they are highly professional organizations," he added.

RSA was victim of one of the most high-profile security breaches at a company this year. In mid-March, hackers managed to compromise the SecurID two factor authentication product.

The company described the breach as an "advanced persistent threat" (APT), implying that a group with vast resources had targeted RSA over a long period of time, which made them harder to detect.

For that reason, companies cannot rest easy with just firewalls and security that protects the perimeter; tools are needed that protect from within and that can take action if the defenses are breached.

"The end point, like a device, is not the focus of the battle. If the robbers get to the door with the money then it's too late. The battle has to be carried out in stages, within the data center, creating awareness among employees, and with policies and measures," he said.

In 2010, EMC acquired Archer Technologies, which delivers enterprise governance, risk and compliance (GRC) solutions. Archer is designed to help customers better visualize and manage risk throughout their IT infrastructure by providing an overview of existing risks in an easy to digest format.

"It provides visibility, management of incidents, management of policies and it maps out the whole enterprise so you can see where your assets are, which are mission critical and how you are responding to incidents in an interface that even the least technical CEO can understand," Gould said.

Then in April this year, EMC acquired NetWitness, a network monitoring platform that provides enterprises a precise and actionable understanding of everything happening on the network.

"There is no activity it cannot see. What is important with many attacks is not only the fact they are discovered but what action was taken afterward - how many obstacles the company set up to make it more difficult for the attacker and how long it took them to act," Gould said.

"And the second most important factor is to identify how serious the attack is. If you can't provide that information to the top executives, you have an even more serious problem with potential legal consequences. You can't begin to take remedial action until you know how big the problem is," he added.