RSA, the Security Division of EMC (NYSE: EMC), today announced new consultative and advisory services to help enterprises implement or improve their security operations function to more effectively manage both risk and IT compliance programs. These new consulting and advisory services are based on the deep expertise from within EMC’s RSA security division built through 25 years of customer engagements, combined with best practices derived from EMC’s own world-class security operations function.

To view the multimedia version of the release, visit: http://www.rsa.com/go/press/RSATheSecurityDivisionofEMCNewsRelease_102009.html

As cyber threats become more sophisticated and IT systems more complex, large enterprises are examining ways to improve the performance and responsiveness of IT and security operations. Taking a more advanced approach to security operations while also integrating key IT operations functions better enables organizations to identify and manage incidents and protect valuable information and IT assets.

To address these issues in large enterprise environments, EMC’s RSA Security Division is introducing a comprehensive suite of consulting and advisory services, which complement the company’s award-winning security solutions. Together, the services and solutions are engineered to provide customers with a broader set of capabilities [required to build world-class security operations functions that enable organizations] to effectively:

• Gather and analyze security data across the enterprise
• Evaluate risk in order to prioritize remediation
• Detect and react to security incidents, including first-line response to incidents
• Monitor the IT environment to ensure effectiveness of security controls
• Report out on security metrics
• Support the organizations’ efforts to address IT compliance requirements

“Advanced enterprise risk management spans both periodic IT architecture assessment and proactive management across numerous systems to address the critical security challenges that organizations are facing today,” said Irida Xheneti, Security Services Research Analyst at IDC. “Organizations must think beyond the traditional view of security and understand how broader capabilities contribute to build a more advanced security operations function that can help effectively manage risk and enable an organization to further their business objectives.”

“Taking a broader view of risks – monitoring not just the perimeter but where the data moves and resides whether in the infrastructure or not – and aligning processes across both security and IT operations provides the visibility and control to detect and mitigate information security threats before they impact a business,” said Mischel Kwon, Vice President of Public Sector Security Solutions at RSA, the Security Division of EMC and the former director of the U.S. Computer Emergency Response Team for the Dept. of Homeland Security.

“Looking beyond the perimeter and integrating technology such as security information and event management with data loss prevention and integrated feeds for threat, attack and mitigation processes, can also facilitate a quicker response to attacks and swift, effective decision-making. By delivering comprehensive services and solutions that enable an advanced security operations function, RSA is providing customers with the ability to effectively identify and manage information risk.”

RSA® Consulting & Advisory Services for Advanced Security Operations
By drawing on the most comprehensive set of consulting services and solutions, EMC and its RSA Security Division help enterprises define, establish and manage a sustainable framework for long-term security and information risk management. Available immediately, RSA is offering the following new RSA® Consulting & Advisory Services for Security Operations:

• Security Operations Strategy & Assessment: appropriate for customers with established security operations processes, or who are establishing new security operations processes, or customers seeking to advance their capabilities based on industry best practices and current state gap analysis. Provides an actionable set of vendor and product-agnostic recommendations.
• Security Operations Management: appropriate for customers seeking the development of more comprehensive policies, procedures, guidelines and documentation to enhance their security operations function. This also includes operational run-books and workflow that support the ability to run a security operations centre / function or incident handling program on a day-to-day basis.
• Security Operations Analysis & Design: appropriate for customers seeking a broad evaluation of security operations requirements and providing a recommended solution design to meet the customer’s objectives for security operations and incident management. It also includes an incident handling framework and next steps for the development of appropriate policies and procedures for security operations.

Technology from EMC’s Ionix Portfolio Support Advanced Security Operations
RSA also provides implementation of best-in-class solutions – specifically, the RSA enVision® platform, RSA® Data Loss Prevention Suite and the RSA® FraudAction^sm Threat Intelligence service – providing core capabilities needed to deliver advanced security operations. Further, by integrating IT management software from EMC’s Ionix® portfolio into the security operations program – specifically Server Configuration Manager, Network Configuration Manager and Ionix for IT Operations Intelligence – customers are able to more effectively manage the ever-changing landscape of IT compliance requirements globally. Together, these technologies provide a robust foundation for instituting, managing and improving a security operations program for risk and compliance.

“Through our combined professional services and solutions portfolio, EMC, together with its RSA Security Division offer unmatched expertise and capabilities to help customers effectively address enterprise security controls in the context of comprehensively addressing IT compliance requirements,” adds Brian Zeman, Vice President of Worldwide Professional Services for RSA, the Security Division of EMC. “More importantly, these services can empower chief security officers to show their compliance programs really do minimize the risks and associated costs to their business by identifying information security vulnerabilities and threats while gaining greater leverage from investments in other IT systems that are deployed more broadly across the infrastructure.”

RSA Services and Solutions for Advanced Security Operations are available immediately on a worldwide basis directly through RSA and EMC Worldwide Professional Services. More information can be found at http://www.rsa.com/node.aspx?id=1243