This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

RSA opens conference with apology to customers

Share this article:
RSA opens conference with apology to customers
RSA opens conference with apology to customers

The RSA Conference Europe has opened with executive chairman Art Coviello quoting Nietzsche's epigram, "what does not kill you makes you stronger".

Coviello said the attack earlier this year was just the tip of the iceberg in an escalating threat environment. He said  there needs to be a realisation that attackers have different motives and "current security technologies are not effective or not enough".

Also speaking was Tom Heiser, president of RSA, who called on the security industry to come together and share information. He claimed that reports on the RSA attack were not entirely accurate; he did confirm that one attack on an RSA customer indicated that information was taken, but said he knew of no other attack where RSA information was a factor.

He said: “Customers were told quickly and we identified the attack while it was in progress with an immediate move to mediate it. There were two groups involved and they were known to the authorities, but are now known to have worked together.

“They knew what to look for and where to go. They impacted people and process more than information and the malware was very fresh; we believe it was written a few hours before and it used very sophisticated technologies to complete the exfiltration with no evidence left behind that they were there.”

He said the motive was to gain access to defence-related IT, and RSA was not the final target. To customers who felt that they were inconvenienced, he said: "We truly apologise."

He said: “People are our most viable asset and the quality of staff helped us as we moved the valuable people up. The security of our customers was first in our minds so we did not want to share information that could create a new type of attack.”

Heiser concluded by pointing out five actions to take in the event of an attack: "Reconsider your risk; rethink your security profile; deploy security and network analysis; tighten access control; and educate, educate, educate."

“We cannot blame each other for what happened, we need to come together. Our advocates are doing this and together we can ensure that our customers are the ones they can trust,” he said.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Chinese hackers steal confidential documents on Israeli missile defence system

Chinese hackers steal confidential documents on Israeli missile ...

Chinese hackers comprised the computer systems of three Israeli defence contractors between 10 October 2011 and 13 August 2012 in order to steal hundreds on confidential documents on Israel's Iron ...

Security researcher finds exploitable flaws in 14 antivirus engines

Security researcher finds exploitable flaws in 14 antivirus ...

Joxean Koret, a security researcher at Singapore-based consultancy COSEINC, has found exploitable local and remote flaws in 14 of the 17 major antivirus (AV) engines used by most major AV ...

Russian government promises £60k bounty to Tor hackers

Russian government promises £60k bounty to Tor hackers

The Russian Ministry of Internal Affairs (MVD) is offering a 3.9 million ruble (approximately £64,600) reward to anyone who can find a way of identifying and tracking users of the ...