RSA introduced RSA Advanced Cyber Defense Services (ACD), a new portfolio of services, including incident response and breach readiness assessment, are designed to assist an organization during an incident or breach and provide a programmatic path to help enable organizations to prepare for, respond to, and mitigate cyber threats.
According to the Verizon 2012 Data Breach Investigations Report, of the 855 breaches investigated in 2011, 85% took several weeks or more to be discovered and 92% of incidents were first discovered by a third-party. RSA Advanced Cyber Defense Services are designed to help businesses prepare for, discover and respond to these threats, with a methodical and repeatable approach that is designed to minimize risk and the business impact of incidents.
Built on RSA’s experience as well as real-world situations, RSA Advanced Cyber Defense Services are designed to handle today’s changing security landscape. Using a multi-tier threat-based approach, this portfolio of services focuses on the protection of crucial business assets by applying proven operational strategy to address the lifecycle of a breach from front line cyber breach preparedness to breach remediation and prevention.
Combining a flexible threat-based platform, increased visibility and agile controls, businesses can manage threats throughout the enterprise, leverage advanced monitoring and high-speed analytics to achieve a better understanding of their security posture, as well as adjust controls to meet changing threat environments.
Key components include:
Breach readiness – focuses on an organization’s advanced threat preparedness, operational breach response and management capabilities supplemented with a maturity analysis and program design.
Incident response and discovery – built off threat-intelligence research from the RSA NetWitness platform and utilizing recently acquired endpoint monitoring technology from Silicium Security, RSA takes a holistic approach to incident response comprised of advanced threat discovery, response and remediation across the network and host, tailored to include tactical attack surface enumeration, high-value target identification and exploitation defense measures.
Cyber-threat intelligence – leverages threat intelligence and advanced analytics to create a proactive approach to identifying threat artifacts and anomalies that reside in large volumes of data to determine the root vector, targeting motive and severity of an attack.
Breach management – provides workflow automation and the processes and procedures used for a closed-loop incident handling process using the RSA Archer Threat Management and Incident Management solutions.
Identity Infrastructure Information (I3) – helps address secure privileged account management, secure communications, information rights/data classification and post-breach active directory remediation and security.
Next Generation Security Operations Center (SOC) design and implementation – utilizes proven tactical implementation methods and leverages RSA SOC practitioners to design, operate, train, and eventually transition operations to an organization.