June 16, 2011 – A cyber attack, acquisition, attempted hack of one of its major clients, threats of client defection and a reported new head of security: it’s been a volatile spring for RSA.

But new leadership and a renewed security emphasis, not to mention continued damage control with customers, will keep change at the fore at RSA for the near term, according to analysts questioned on the recent turmoil at EMC’s security division.

The trouble began in March, when RSA announced it had suffered an advanced persistent threat, which extracted data from its SecurID products. After customer Lockheed Martin, a defense contractor, reported an attempted security breach from data taken in that attack, executive chairman Art Coviello wrote in a recent letter to customers that RSA would expand its security remediation program, implement risk-based authentication strategies and replace SecurID tokens for some customers. He acknowledged the APT attack and Lockheed Martin attempt “may reduce some customers’ overall risk tolerance.”

It starts at the top of security with Edward Schwartz, announced via Twitter to be taking over as chief security officer at RSA. Schwartz held that same role at NetWitness, which RSA acquired weeks after the cyber attack. RSA has made no official announcement of the Schwartz move.

A new attitude toward security at the top should help weed out problems with employees further down the chain being exploited for information, says Mike West, vice president and distinguished analyst at Saugatuck Technology. West says primary to RSA’s problems is the need for continuous security awareness training.

“Their systems are fine, although systems can always be improved. A new top guy presents an opportunity to refocus the organization and raise employee awareness,” says West.

Scott Crawford, managing research director for security and risk management with Enterprise Management Associates, says the NetWitness acquisition and Schwartz promotion are an “acknowledgement of the changing nature of security management.” With its reputation having taken a hit, RSA is rightly conveying the need for top expertise and due care as a leading security vendor, Crawford says.

“Security leaders in particular must demonstrate an acknowledgement of their elevated risk when compromise of their assets could have a direct impact on their customers, who may include those who protect the public,” says Crawford. “While there will always be limits to what defensive measures can do to mitigate risks such as human factors, security leaders nevertheless must demonstrate that their security posture recognizes the reality of today’s threats.”

While RSA’s recent struggles have been quite public, its image and trust recuperation with customers will likely be a private affair, says data expert Robert X. Cringely. Moving forward, Cringely says bringing in new information executives is expected to tighten data policies as well as show management how serious it is about strengthening its position in the “high-powered war” over secure data.

“RSA sales are for the most part direct, so most of their damage control will be done over golf. In public, I think we'll hear very little as they hope the story drops out of the news,” he says.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access