FOR FINANCIAL SERVICES ORGANIZATIONS

Similar documents
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

MITIGATE CYBER ATTACK RISK

SOLUTION BRIEF RSA NETWITNESS PLATFORM ACCELERATED THREAT DETECTION & AUTOMATED RESPONSE FROM THE ENDPOINT TO THE CLOUD

RSA INCIDENT RESPONSE SERVICES

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

IDENTITY: A KEY ELEMENT OF BUSINESS-DRIVEN SECURITY

RSA NetWitness Suite Respond in Minutes, Not Months

RSA INCIDENT RESPONSE SERVICES

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

WHITE PAPER END-TO-END VISIBILITY: THE FOUNDATION OF BUSINESS-DRIVEN SECURITY THREAT DETECTION & RESPONSE OPTIMIZED SIEM

with Advanced Protection

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

WHITEPAPER END-TO-END VISIBILITY: THE FOUNDATION OF BUSINESSDRIVEN SECURITY DETECTING AND RESPONDING TO THE THREATS THAT MATTER MOST TO THE BUSINESS

MATURE YOUR CYBER DEFENSE OPERATIONS with Accenture s SIEM Transformation Services

SOLUTION BRIEF RSA ARCHER BUSINESS RESILIENCY

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

Putting security first for critical online brand assets. cscdigitalbrand.services

INTELLIGENCE DRIVEN GRC FOR SECURITY

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

locuz.com SOC Services

NEXT GENERATION SECURITY OPERATIONS CENTER

Securing Your Digital Transformation

GDPR COMPLIANCE REPORT

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

RSA ADVANCED SOC SERVICES

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

CLEARING THE PATH: PREVENTING THE BLOCKS TO CYBERSECURITY IN BUSINESS

SIEM Solutions from McAfee

AKAMAI CLOUD SECURITY SOLUTIONS

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

GDPR: An Opportunity to Transform Your Security Operations

HOSTED SECURITY SERVICES

SIEM: Five Requirements that Solve the Bigger Business Issues

PROTECT AND AUDIT SENSITIVE DATA

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

empow s Security Platform The SIEM that Gives SIEM a Good Name

BHConsulting. Your trusted cybersecurity partner

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Cybersecurity. Securely enabling transformation and change

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

Helping the C-Suite Define Cyber Risk Appetite. The executive Imperative

THE POWER OF TECH-SAVVY BOARDS:

Sustainable Security Operations

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

Social Engineering: We are the target Sponsor Guide

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Best Practices in Securing a Multicloud World

Combating Cyber Risk in the Supply Chain

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

Symantec Security Monitoring Services

THE EVOLUTION OF SIEM

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Machine-Powered Learning for People-Centered Security

TRUE SECURITY-AS-A-SERVICE

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Cyber Resilience: Developing a Shared Culture. Sponsor Guide

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

CYBER RESILIENCE & INCIDENT RESPONSE

Why you should adopt the NIST Cybersecurity Framework

DIGITAL TRUST AT THE CORE

Background FAST FACTS

WHITEPAPER ENDPOINT DETECTION AND RESPONSE BEYOND ANTIVIRUS PROACTIVE THREAT HUNTING AT THE ENDPOINT

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

ForeScout Extended Module for Splunk

Securing Digital Transformation

DATA SHEET RSA NETWITNESS PLATFORM PERVASIVE VISIBILITY. ACTIONABLE INSIGHTS.

CYBER SOLUTIONS & THREAT INTELLIGENCE

WHITE PAPER PROTECTING MODERN IT PRIORITIZATION IS KEY FOR SECURITY AT SCALE

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Kaspersky Security. The Power to Protect Your Organization

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

ForeScout ControlFabric TM Architecture

Sage Data Security Services Directory

Cisco Security: Advanced Threat Defense for Microsoft Office 365

Traditional Security Solutions Have Reached Their Limit

Innovation policy for Industry 4.0

Supercharge Your SIEM: How Domain Intelligence Enhances Situational Awareness

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Altitude Software. Data Protection Heading 2018

Security. Made Smarter.

Transcription:

RSA BUSINESS-DRIVEN SECURITYTM FOR FINANCIAL SERVICES ORGANIZATIONS MANAGING THE NEXUS OF RISK & SECURITY

A CHANGING LANDSCAPE AND A NEW APPROACH Today s financial services technology landscape is increasingly complex. New technologies, including cloud and mobile options, pose new security challenges. At the same time, a host of regulations and standards, including FFIEC, PSD2, 3DS 2.0 and the GDPR, impose strict requirements while dictating greater accessibility and interoperability. Data sources can be hidden in blind spots, and identity for both employees and customers is harder to assure. Overt threats, too, have become more sophisticated, further straining traditional security approaches. Together, these factors pose a serious challenge for risk, security and fraud teams needing to protect mission-critical infrastructures, customers and data. And as the problems multiply, so do security offerings. Financial services IT professionals must weigh literally hundreds of options, seeking the best solution or combination of solutions that achieves their goals and can evolve with their business. At RSA, we address these myriad challenges with products and services that enable what we call Business-Driven Security. We operate at the nexus of business and security adding a layer of intelligence across your risk and security programs, aligning security with business goals, and managing IT risk as a core business process, to optimize both risk and IT security functions. Our offerings are designed to work on your IT architecture, with your IT product ecosystem and in support of your financial services goals. SECURITY THAT UNDERSTANDS YOUR BUSINESS GOALS RSA software and security services have helped financial services organizations stay secure for more than 35 years. Today we offer a range of security and risk management products and services for security-aware organizations like yours. Our leadership across several major security segments has given us unique insight into financial services risk and security domains. RSA customers are some of the most security-conscious organizations in the world, and they trust us to protect them from threats and risks. Our solutions are built to simplify and automate that messy area at the intersection of business and security. We make it happen by translating the language of business risk into the details of cybersecurity. At RSA, we see business and security strategy interweave in three essential areas: Inclusion means using identity and access management to make sure the right people have access to the right information, in a way that isn t disruptive to users. As trends, industry standards and government regulations evolve, inclusion has become a key component of financial services business and security strategy. 2

Exclusion means keeping bad things out of your network. Here financial services organizations use traditional tools, such as AV, firewalls and IDS systems, operating at the IT perimeter but more and more, these are bolstered by detection and response activities designed to catch attacks that perimeter controls can t block. Contextual intelligence informs both of the above functions, incorporating business factors to more effectively address risks, threats and fraud. Identify what s most critical to the organization, and you make those controls far more effective. This concept becomes very important in specific use cases. Consider the European Union s (EU s) General Data Protection Regulation (GDPR), which can impose penalties in the billions of dollars for failure to apply state-ofthe-art user data protection. Such regulations are forcing security experts to rethink both risk management and cybersecurity, creating a compelling need for solutions that address the big picture. GDPR drives two government, risk and compliance (GRC) uses cases, data governance and privacy program management. Its broad requirements include strict data security and access control, as well as higher-order risk management and governance orchestration. In particular, its heightened focus on data limitations and customer data access are driving deep changes in the ways financial services utilize and protect client data. A TARGETED SECURITY PORTFOLIO FOR FINANCIAL SERVICES The RSA portfolio of products and services is uniquely capable of supporting the most demanding use cases in the financial services industry. The RSA Archer Suite is a Gartner Magic Quadrant GRC platform that empowers organizations to take command of business and cyber risks. It ensures that organizations can control risk, including emerging sources of cyber risk. With RSA Archer, financial services organizations can establish and manage enterprise and operational risk across all organizational business units as well as third-party suppliers. The RSA NetWitness Platform is an evolved SIEM solution that provides the essential visibility to detect and respond to advanced threats wherever they reside, across physical, virtual and cloud infrastructure. It supports the principles of Business-Driven Security through broad and deep integration with business context, multiple types of security controls and governance platforms like RSA Archer Suite. 3 The RSA SecurID Access provides world-leading authentication and access assurance solutions, protecting 25,000 organizations and 55 million users and providing organizations with secure access to cloud and mobile applications without creating user roadblocks.

The RSA Fraud and Risk Intelligence Suite helps organizations align modern, effective fraud-prevention efforts with risk tolerance and business priorities across all digital channels. It offers financial institutions an unprecedented ability to reduce fraud while maintaining and often growing transactions from legitimate consumers. BUSINESS-DRIVEN SECURITY IN REAL LIFE To help customers in the financial services industry get the benefits of Business-Driven Security, each of these offerings addresses core security requirements, while operating at the nexus of business and security. At RSA we call this bridging the gap of grief aligning goals and vocabulary across the organization, while making security a core business dimension. 4 Here are some real-life examples of how RSA solutions help bridge that gap: Asset criticality. As the volume of data explodes, so does the need to prioritize data assets that present the most risk to an organization. In practical terms, the CIO s personal laptop inherently exposes more risk than the web server hosting the cafeteria menu. Make such vital context a foundation of the security analytics process, and you make threat detection and response much more effective. To identify critical assets, the RSA NetWitness Platform is designed to incorporate data from a vast variety of sources, including GRC solutions such as the RSA Archer Suite. And asset criticality is just one data point that can be integrated; any relevant data can be fed into the RSA NetWitness Platform analytics engine, including from FinTech services such as those that enable open banking initiatives. This adds a layer of intelligence and helps protect organizations from the threats that matter most. Security integration. To function at a high level, a security system must integrate with enterprise authentication systems such as the RSA SecurID Suite or put another way, it must connect the include and exclude functions at the foundation of cybersecurity, to benefit the business as a whole. Traditional systems tend to favor one goal at the expense of the other, but that s no longer sufficient. An example: Suppose a user account fails repeated attempts to log in. Traditionally, this would cause a threat detection and response solution to trigger an alarm. The user might be taken off the network until she is proven not to be a malicious actor abusing a hijacked account. But every time a legitimate user is prevented from working while you investigate, that creates a business issue. In contrast, with RSA NetWitness Platform such an alert will trigger step-up authentication for that user multi-factor authentication, or some other challenge that a real user could be expected to pass. Any legitimate attack would still be thwarted, with little disruption to the user or the business.

THE DESIGN, OPERATION AND INCIDENT RESPONSE EXPERTS Business-Driven Security practices are employed across RSA, including by the RSA Global Services team, which includes over 650 cybersecurity experts delivering services in more than 100 countries. RSA Global Services has helped secure many financial services organizations, often designing and implementing comprehensive risk and security management programs. RSA Global Services combines deep security skills and broad business knowledge to help bridge your organization s gap of grief: RSA Professional Services provides implementation, tuning and training services to deliver business value fast. Within the RSA Risk and Cybersecurity practice, two groups provide critical security capabilities: oo RSA Advanced Cyber Defense (ACD) delivers services to assess breach readiness, security operations center (SOC) or cyber incident response team (CIRT) assessment and design, incident response planning and testing, and Expert on Demand services. oo RSA Incident Response (IR) helps customers design, manage and perform incident response functions via both proactive and reactive services. Available on a retainer or ad hoc basis, RSA IR extends your organization s security skills to deal with security incidents of all types and severities. BUSINESS-DRIVEN SECURITY IN THE FINANCIAL SERVICES INDUSTRY Financial services security programs continue to be affected by changes both in and outside the industry. Business considerations continue to drive rapid and accelerating changes in computing models. The cloud, virtualization and mobile revolutions have obliterated the IT perimeter and IT security can no longer be isolated from other systems and processes. In this new world, the RSA Business-Driven Security approach makes your security teams and cyber risk management more effective. As you narrow your choices in security and GRC solutions, measure each option based on two attributes: how well it protects your strategic assets supports your strategic business goals. For more information, or to get started with RSA solutions and services, visit rsa.com or the RSA Link Community. 5

ABOUT RSA RSA helps leading organizations around the world take command of their security posture by partnering to build and implement business-driven security strategies. With RSA s award-winning cybersecurity solutions, organizations can effectively detect and respond to advanced attacks; manage user identities and access; and reduce business risk, fraud and cybercrime. For more information, go to rsa.com. 6 2018 Dell Inc. or its subsidiaries. All rights reserved. RSA and the RSA logo, are registered trademarks or trademarks of Dell Inc. or its subsidiaries in the United States and other countries. All other trademarks are the property of their respective owners. RSA believes the information in this document is accurate. The information is subject to change without notice. 03/18, Solution Brief, H17039.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback