Security Experts:

RSA Launches Incident Response, Breach Readiness Services

RSA's latest services offering includes incident response and breach readiness assessment to help organizations prepare for, respond to, and mitigate cyber-threats.

RSA Advanced Cyber Defense Services customers will work with RSA practitioners to understand the risks facing the organization, detect and respond to threats, and proactively defend themselves, the company said Wednesday. RSA Advanced Cyber Defense Services will also offer organizations a "methodical and repeatable" approach designed to help organizations minimize risk, the company said.

RSA LogoThe portfolio uses a multi-tier threat-based approach to address the full security lifecycle, beginning with cyber-breach preparedness and going through remediation and prevention. Key components include breach readiness, incident response and recovery, cyber-threat intelligence, breach management, identity infrastructure information, and implementing a security operations center. Organizations would have a baseline understanding of how prepared they are to deal with a breach.

"RSA Advanced Cyber Defense Services help customers take a proactive, practical approach to their security posture, from strategy and implementation to operation and analysis," said Peter Tran, Senior director of the newly created RSA Advanced Cyber Defense practice.

The methodologies and services are pragmatic and "based on real-world experiences," Tran said. For breach readiness, RSA would focus on the organization's advanced threat preparedness, operational breach response and management capabilities. Incident response and discovery would rely on threat-intelligence research from RSA NetWitness platform, which scrutinizes all network-related activity, and customers would have access to advanced analytics to identify threats, determine the root vector, and understand the motive and severity of the attack.

RSA Archer Threat Management and Incident Management platform will provide workflow automation and the processes and procedures necessary to handle data breaches. The company's Identity infrastructure Information (I3) platform manages secure privileged accounts, communications, data classification, and information rights. RSA can also design and operate security operations center for the organization, and train employees to take over the day-to-day operations.

"Our goal is to help ensure our customers are in the best position possible to diminish risks and quickly respond to breaches should they occur," Tran said.

Cyber-threats are continually evolving and becoming even more sophisticated. Many organizations don't detect breaches immediately, and are often first alerted to an incident by a third-party. Security experts recommend organizations to proactively develop a comprehensive incident response plan so they know how they will detect and handle a cyber-incident. External services offers can help prepare customers as well as offer methodical plans that outline how to respond to attacks and prevent future recurrences.

Cyber Defense Services will be available to large commercial organizations in North America and Europe, as well as government agencies, RSA said. General availability of these services worldwide is expected by the end of 2012. Organizations in the United States federal government would have access to RSA Advanced Cyber Defense Services through RSA's Federal and Critical Infrastructure business, the company said.

In related news, RSA and Booz Allen Hamilton today announced a new consulting and services partnership to jointly develop new information security service offerings. The goal is to help customers architect threat-resistant digital infrastructure and assess security preparedness and incident response, the companies said.

view counter
Fahmida Y. Rashid is a Senior Contributing Writer for SecurityWeek. She has experience writing and reviewing security, core Internet infrastructure, open source, networking, and storage. Before setting out her journalism shingle, she spent nine years as a help-desk technician, software and Web application developer, network administrator, and technology consultant.