You have to give RSA credit for the way they’ve responded to their phishing attack. Rather than being totally defensive about the incident, RSA has responded with a drive to educate the market about threats that start with a plausible email that begs for attention. It is a good effort by a mature security vendor.
Their Security for Business Innovation Council reports are interesting executive conversations that result in recommendations and conclusions for enterprise security officers. The latest edition, released Tuesday of this week, focuses on the serious problems in combating APTs.
Usually I take these things with more than a grain of salt because they can be overly slanted into “buy my product” pieces, but RSA does a nice job of letting the executives speak. I liked that recommendation #6 was to “Rearchitect IT”. This is an admission that instead stacking security products in costly (and futile) defense in depth architectures, perhaps the business might be safer with thin clients and virtualization, tighter network zones and access controls, and even use of cloud infrastructures to share costs. It is thought provoking and worth checking out – although having said that I am not convinced about enterprise needs for intelligence services.
RSA also publishes a series of phishing reports - the latest reminding us that though phishing is a global concern, there are security actions we can take here in the US that may help. That is certainly not new information, but while the above SBIC report spent time talking about foreign agents and foreign attacks, it seems like our government and service providers have responsibilities right here - the US hosted 53% of the world’s phishing attacks in July!