Cyber Security Leaders Rally to Combat Advanced Persistent Threats
Findings Released from Summit of Public and Private Sector Leaders Address Cyber Crisis Threatening Security of Nations and Economies Worldwide
- RSA and TechAmerica release findings from top cyber security leadership in government, defense industrial base, financial services, critical infrastructure and technology from Washington, D.C. Summit on Advanced Persistent Threats (APTs).
- Recommendations urge chief executives in every industry sector not to delay devoting attention and funding to combat advanced threats and to "plan and act as though you've already been breached."
- Lawmakers urged to remove legal barriers that impede information sharing among global security ecosystem.
- Real-time intelligence sharing, early detection, end-user security training and testing and incident response named key elements to better defend against advanced threats and recover from inevitable cyber attacks.
- RSA commits to bring further education and dialogue with cyber security, business and government leaders worldwide through series of regional Advanced Threat Summits beginning Oct. 10, 2011
RSA, The Security Division of EMC (NYSE: EMC) and TechAmerica today released key findings derived from a forum of more than 100 of the world's top cyber security leaders from government and business who met in Washington, DC to address the impact of Advanced Persistent Threats (APTs) as well as strategies for defense and mitigation. Participants at the APT Summit shared threat intelligence, defensive strategies and best practices for protecting against the most menacing security threats targeting highly sensitive information and intellectual property of governments and businesses.
"The frequency and volume of attacks has reached pandemic levels - this is not a passing fad or anomaly," said Eddie Schwartz, Chief Security Officer of RSA, The Security Division of EMC. "The new fact of life is a 'state' of persistent, dynamic, intelligent threat and disruption, the economic and societal ramifications of which are overwhelming. This doesn't mean that we as a collective of security professionals are powerless against our adversaries - we can and should be able to manage our risk to an acceptable level and change the ongoing and grim trends. Only through collaboration can we unite our strategies to combat these advanced threats as we move forward together in our pursuit of a trusted digital world."
Distinguished attendees and speakers at the APT Summit included CISOs, CIOs, technology Fellows and senior officials from leading think tanks, industry associations, government, defense and law enforcement. Attendees also represented numerous commercial industries including: aerospace and defense, critical infrastructure, legal, finance, energy, technology and manufacturing.
"We hear that our nation's defense secrets, financial security, and critical infrastructure face significant risk by attackers far away and hidden in obscurity behind the complex web of the internet. The cyber security leaders gathered at the RSA-TechAmerica APT Summit understand the gravity of these threats and have expressed their commitment to working together to strengthen our defenses against those who are hard at work trying to exploit any weakness they can find," said Bill Boni, Vice President and Corporate Information Security Officer of T-Mobile USA who attended the APT Summit. "The findings from this event and the promise to do more of these around the world should help open dialogue and inspire innovation amongst cyber security leaders and professionals across many sectors who refuse to be conquered by these threats."
Summit attendees participated in multiple interactive sessions, which yielded numerous ideas and perspectives that were collected and synthesized into a 3-page key findings summary brief available today. Some highlights of that document include:
- Organizations must learn to live in a state of compromise and should plan and act as though they have already been breached, focusing on closing the exposure window and limiting damage.
- Situational awareness is essential to detecting threats early and can help improve security and attack response. Organizations can benefit from advanced monitoring techniques and technologies, learning from attacks against other companies and industries and sharing timely threat intelligence.
- Attack vector has shifted from technology to people. Anyone can be phished given the right context and the attackers have growing access about would-be targets through social networking sites. While user training alone cannot entirely neutralize the threat, training and testing coupled with user restrictions and visibility can give organizations a fighting chance.
- Attack customization defies traditional signature-based approaches to work against a target's specific weaknesses. Attackers are increasingly agile and can take advantage of vulnerabilities more quickly than signature-based approaches can remediate.
- Attackers are better at real-time intelligence sharing than targets and fixing this should be a top priority. Attackers operate unimpeded by legal restrictions and other rules that govern corporations and government organizations. While not a panacea, information sharing of real-time threat intelligence and attack information is of paramount interest to give situational awareness used in helping defend critical infrastructures and mitigate the effects of wide-scale cyber attacks on economic prosperity.
- Simplicity is the path to better security, and can be an effective countermeasure to the many unmanageable and complicated IT infrastructures in operation today. Given that security is a weakest link problem, only through understanding assets, processes and endpoints is there a chance at real defense.
An in-depth whitepaper on these findings will be published in October.
Regional summits announced
RSA also announced a series of regional Advanced Threat Summits this fall to assemble senior security leaders and visionaries around the world. The Summits are designed to surface the best strategies, innovation and public policies that can help bring a collective benefit to the cyber security ecosystem. The first regional Advanced Threat Summit presented by RSA will take place Oct. 10 in London just prior to the 2011 RSA Conference Europe.
"Through this series of regional summits, we are taking this conversation to the front lines of American business and to organizations worldwide that are dealing with or trying to protect themselves against these threats. We intend to bring together leading cyber security experts and senior-level practitioners who are passionate about these issues - not just to re-imagine models for defense, information exchange and industry alliance, but to make true progress towards their implementation," said Phil Bond, TechAmerica President and CEO. "As a group we must not only raise awareness, we must also lead."
The Advanced Persistent Threats Summit summary findings can be found at: www.rsa.com/summitresults. A schedule of upcoming regional Advanced Threat Summits will be available soon.
TechAmerica is the leading voice for the U.S. technology industry - the driving force behind productivity growth and jobs creation in the United States and the foundation of the global innovation economy. Representing approximately 1,000 member companies of all sizes from the public and commercial sectors of the economy, it is the industry's largest advocacy organization and is dedicated to helping members' top and bottom lines. TechAmerica is also the technology industry's only grassroots-to-global advocacy network, with offices in state capitals around the United States, Washington, D.C., Europe (Brussels) and Asia (Beijing).It was formed by the merger of AeA (formerly the American Electronics Association), the Cyber Security Industry Alliance (CSIA), the Information Technology Association of America (ITAA) and the Government Electronics & Information Technology Association (GEIA).Learn more about TechAmerica at www.techamerica.org.
RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.
Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.
RSA, The Security Division of EMC
EMC and RSA are registered trademarks of EMC Corporation in the United States and other countries. All other products and/or services are trademarks of their respective owners.