EMC CORPORATION 
By EMC's Security Division Releases Latest SBIC Report Focused on New Security Mindset to Defend Against Advanced Persistent Threats
ContactsLona Therrien 781 515-5449 Lona.therrien@rsa.com | Helen Stefan 781 515-5825 Helen.stefan@rsa.com |
- This latest report from the Security for Business Innovation Council outlines the new reality of Advanced Persistent Threats (APT) in the enterprise.
- There has been a significant shift in the threat landscape and we are seeing an alarming increase in the proficiency of attackers.
- Recent attacks on enterprises have pushed “APT” into the mainstream and are now being used to collect intellectual property, trade secrets, corporate plans, R&D, market information, and access to mission critical operations from the enterprise
- The question is not if enterprises will be attacked, but when.
- The council has put together 7 prescriptive recommendations to help organizations prepare for this new reality.
RSA, The Security Division of EMC (NYSE:EMC), released a new report that takes an in-depth look at the seismic shift in the cyber threat landscape, as enterprises are increasingly targeted for corporate espionage and sabotage. The report, the latest in a series from the Security for Business Innovation Council (SBIC), asserts that for most organizations, it’s a matter of when, not if, they will be targeted by advanced threats. In an environment where the focus shifts from the impossible task of preventing intrusion to the crucial task of preventing damage, the report includes instructive guidance from 16 global security leaders for confronting this new class of threat.
The SBIC is a group of the industry’s top security leaders from Global 1000 enterprises that discuss top-of-mind security concerns and how the application of information security can address those concerns and enable business innovation. The recent string of sophisticated cyber attacks — affecting pillars of industry and government — provides the backdrop for the latest report: When Advanced Persistent Threats Go Mainstream: Building Information-Security Strategies to Combat Escalating Threats. Within this landscape, the report reveals that APTs – a menace once confined to the defense industrial base and government agencies – are now targeting a broad range of private sector organizations to nab valuable intellectual property, trade secrets, corporate plans, access to operations and other proprietary data.
“It is a very intelligent, well-armed, and effective foe that is fantastic at what they do”, said Roland Cloutier, Vice President, Chief Security Officer, Automatic Data Processing, Inc. and member of the SBIC. “It’s going to take a new approach in most enterprises to combat it.”
Fundamental Change in Quality of Cyber Attacks
The term APT originated to describe cyber espionage in which a nation-state gains access to a network to, over long periods of time, extract national security data. Today the term APT has broadened as attackers expand their target lists and nation-states are no longer the only groups deploying these sophisticated techniques. Rather than gain entry through the network perimeter, today’s ambitious attackers prefer to target human vulnerabilities, exploiting end users through social engineering techniques and spear phishing.
“Cyber criminals have aggressively shifted their targets and tactics,” said Art Coviello, Executive Chairman, RSA, The Security Division of EMC. “In the never-ending war for control of the network, the battle must be fought on many different fronts. All organizations are part of the greater ecosystem of information exchange and it is everyone’s responsibility to build and protect that exchange.”
Top Security Officers Urge, “Assume You Are Compromised”
This latest report from the SBIC urges organizations to adopt a new security mindset, shifting the concept of success from preventing infiltration to detecting attacks and mitigating damage as quickly as possible. With this in mind, the Council offers seven defensive measures against escalating APT threats:
- Up-level intelligence gathering and analysis – Make intelligence the cornerstone of your strategy.
- Activate smart monitoring – Know what to look for and set up your security and network monitoring to look for it.
- Reclaim access control – Rein-in privileged user access.
- Get serious about effective user training – Train your user population to recognize social engineering and compel them to take individual responsibility for organizational security.
- Manage expectations of executive leadership – Ensure the C-level realizes the nature of combating APTs is fighting a digital arms race.
- Rearchitect IT – Move from flat to segregated networks so it’s harder for attackers to roam the network and find the crown jewels.
- Participate in intelligence exchange – Leverage knowledge from other organizations by sharing threat intelligence.
About the Security for Business Innovation Council
The Security for Business Innovation Council is a group of highly successful Global 1000 security executives who are committed to sharing their own insights to help move information security forward at organizations worldwide. Council members include:
- Marene N. Allison, Worldwide Vice President of Information Security, Johnson & Johnson
- Anish Bhimani, Chief Information Risk Officer, JPMorgan Chase
- William Boni, Vice President and Chief Information Security Officer, Corporate Information Security, T-Mobile USA
- Roland Cloutier, Vice President, Chief Security Officer, Automatic Data Processing, Inc.
- Dave Cullinane, Chief Information Security Officer and Vice President, Global Fraud, Risk & Security, eBay
- Dr. Martijn Dekker, Senior Vice President, Chief Information Security Officer, ABN Amro
- Professor Paul Dorey, Founder and Director, CSO Confidential and Former Chief Information Security Officer, BP
- Renee Guttmann, Chief Information Security Officer, The Coca-Cola Company
- David Kent, Vice President, Global Risk and Business Resources, Genzyme
- Petri Kuivala, Chief Information Security Officer, Nokia
- Dave Martin, Chief Security Officer, EMC Corporation
- Timothy McKnight, Vice President and Chief Information Security Officer, Northrop Grumman
- Felix Mohan, Chief Security Officer, Airtel
- Ralph Salomon, Vice President, IT Security & Risk Office, Global IT, SAP AG
- Vishal Salvi, Chief Information Security Officer and Senior Vice President, HDFC Bank Limited
- Denise Wood, Chief Information Security Officer and Corporate Vice President, FedEx Corporation
This report also includes perspective from special contributor Mischel Kwon – former Director, US Computer Emergency ReadinessTeam (CERT) and President of Mischel Kwon & Associates – who is widely recognized for her experience and expertise in dealing with APTs.
The report released today is the eighth in the series. RSA expects to publish more original Council reports over the coming months. Those interested in learning more about the Security for Business Innovation Council reports can visit the RSA Thought Leadership website at http://www.RSA.com/securityforinnovation/ to view and download all of the studies.
About EMCEMC Corporation is a global leader in enabling businesses and service providers to transform their operations and deliver IT as a service. Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyze their most valuable asset — information — in a more agile, trusted and cost-efficient way. Additional information about EMC can be found at .
