Security/IT firms must learn from this incident I have two immediate words with regard to the EMC/RSA breach: Holy smokes! Add the EMC/RSA breach to a list including the Aurora attack on Google, Conficker, and WikiLeaks as extremely frightening cyber security incidents. Can anyone still claim that we aren’t extremely vulnerable to cyber crime, espionage, and outright attacks?A few other thoughts:1. If you are in the enterprise IT business, you are under attack — it’s as simple as that. Are IT vendors doing their best to defend their intellectual property? Do they have world-class security processes and cyber supply chain risk management in place? I don’t know the answer to these questions but it seems to me that large organizations should be auditing their vendors’ security and doing extremely granular due diligence before purchasing new equipment.2. The security industry is an extremely attractive target. First Kaspersky Labs source code was stolen, now EMC/RSA is breached. Why? Remember that scene in Oceans 11 when George Clooney and the gang build an exact copy of the Vegas vault so they could practice their heist? Cyber criminals want to do the same thing. If you can poke at the innnards of security technologies, you may be able to find vulnerabilities. Let’s hope that Check Point, Cisco, Juniper, McAfee, Symantec, Trend Micro, and others are well protected.3. We don’t know much about the extent of the breach, when it first occurred, how it transpired, how EMC/RSA discovered it, or how the company is addressing it with customers. Granted, there is probably an investigation going on right now that may involve diplomatic dialogue and international law enforcement cooperation. Nevertheless, we need to know as much as possible to understand what happened and how to prevent the next attack. 4. The open FTP site incident of a few years ago makes this breach much more difficult for EMC/RSA. EMC/RSA was the unfortunate victims of a security breach but at least it discovered the problem, disclosed it, and is now in the process of assessing the scope and remediating the problem. I guarantee that a lot of other organizations with value based on intellectual property have also been breached but don’t even know it. Every day we lose more and more of our IP this way.There is a lot of room for improvement across the board — in the IT industry, the federal government, and international community, etc. Hopefully, the EMC/RSA security breach will make us all more aware of how vulnerable we are, and push us to finally respond. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe