I recently attended the Business for Breakfast seminar, held in Geneva , co-hosting by Kudeslki Security and RSA around the theme Advanced Security Analytics. In this blog post I’m going to summarize the two talks that I particularly enjoyed, as the atmosphere lent itself : Business for breakfast!
First of all , I want to describe the context to better understand interest of both companies to host this conference: March 2, 2016 – RSA, The Security Division of EMC and Kudelski Security, the cybersecurity division of the Kudelski Group announced that Kudelski Security is now a leading provider of RSA products and services. Through the agreement, RSA provides Kudelski Security fully managed security and critical incident response services, leveraging RSA’s advanced, intelligence-driven Security Operations Center (SOC) capabilities to accelerate the detection, investigation, remediation, and management of security incidents and vulnerabilities, with the ability to build services around proven advanced security operations solutions including RSA Security Analytics, the RSA® Critical Incident Response Solution, RSA® Security Operations Management solution, RSA ECAT software, and RSA® Advanced Cyber Defense Practice.
To return to the seminar , the first presentation was by Robert Griffin , Chief Security Architect at RSA.He explains how to move forward using advanced security operations like intelligence driven security and how organizations can use it , include big data analysis to embrace opportunity , improve security and reduce the risk. Mr Griffin argued that RSA is about delivering a trust World by applying RSA’s Intelligence driven Strategy.The following slides helps to understand How and Why RSA came to this Strategy.
- Evolving IT Infrastructure : we can’t keep applying traditionnal security defense with the third platform IT infrastructure .
- The changing Threat Landscape : The new threats more and more strong challenge traditional security defense or technologies.
- Intrusion Kill the chain : This model is a novel way to deal with intrusions by moving from the traditional reactive way to a more proactive system based on intelligence gathered trough indicators that are observed trough out the phases. Normally the incident response process starts after the exploit phase putting defenders in a disadvantage position. With this method defenders should be able to move their actions and analysis up to the kill chain and interfere with the attackers actions
- Solution: Intelligence Driven Security , the challenge here is to manage the risk by monitor this cycle, Visibility , Analytics and Action. Continuous monitoring , correlate risk signals and indicators.
- Benefit of this Solution : With real-time intelligence , organization can dynamically manage cyber threats.
The second part of seminar was presented by Olivier Spielmann , Head of Cyber Fusion Center of Kudelski Security. He demonstrated how Kudelski Security leveraged RSA analytics to build an advanced SOC and a multi-tenant security monitoring service.
src: KudelskiSecurity , RSA,