Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

RSA Information Loss Due To Lack Of Investment

Lieberman Software : 09 June, 2011  (Technical Article)
Lieberman Software plants the blame for the RSA data loss squarely on the parent company EMC for starving its security division of investment
RSA Information Loss Due To Lack Of Investment

The news that RSA, the security division of EMC, has acknowledged that information stolen from its network was used to carry out a cyber attack against Lockheed Martin and is to replace all of the 40 million SecurID hardware tokens in existence is a big setback for the IT security industry said Philip Lieberman, President and CEO of Lieberman Software.


Lieberman said: “This incident shows that there is a very strong business case for sustained and planned investment in security. By my estimates this breach is going to cost RSA a minimum of $400M to replace 40 million tokens. This is not just bad news for RSA Security – it paints the rest of the IT security industry in a bad light.”


“I put the fault squarely on the senior management of EMC for treating the SecurID division as a cash cow that received little to no investment after RSA was acquired by EMC. A quick review of the SecurID products show that the SecurID product line has languished in innovation and development investment since the takeover.


Lieberman said: “EMC is guilty of milking the RSA cow dry, neglecting it, getting it sick, and then selling the tainted beef. The tragedy is that had they provided just a little bit of food and care to the cow, they could still be receiving milk and have a healthy cow today.”


Lieberman continued: “The RSA SecurID scenario is a testament to the consequences of greed and outsourcing exhibited by EMC senior management, who, in their single minded wish to maximize profitability, neglected to provide sufficient resources and domestic talent to keep their company healthy and competitive. The management of RSA and EMC did exactly what they were incentivized for: maximize shareholder equity with minimal concerns for the wellbeing of their customers, partners or society at large.”


Philip Lieberman said: “I have a hint for Art Coviello - maybe he should now consider spending some money on Research & Development (R&D) and product management in Bedford, MA instead of moving everything off-shore and outsourcing the rest.  RSA actually has some amazing talent in the Boston area, they just don't work cheaply and now we can see what “cheap” has produced. Some of us have been arguing against this short-term approach and for investment in both R&D and people and against management fads like outsourcing for its own sake for years,” said Lieberman. “I take no pleasure in these disasters but we can prevent them with care and foresight.”


In March this year RSA announced that attackers managed to penetrate its network and accessed information related to SecurID, its two-factor authentication solution.


At the time the company provided very little information about the incident and the size of the breach – this silence attracted strong criticism from the information security community.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo