RSA, the security division of EMC, is undergoing an “aggressive” transformation process, according to company president Amit Yoran.
Just three months into the job at RSA Conference US, he committed to changing the paradigm under which the security industry has operated for years, starting with re-engineering RSA itself.
According to Yoran, the information industry is fundamentally broken and needs to change the way it operates.
“We’ve got a very clear vision and focus for the company, and of the critical needs in the security market and how those and the threat landscape will evolve,” he told Computer Weekly.
He said RSA has made a series of “difficult decisions” as a business to focus and “laser in” on those key markets and challenges, including moving out of key market segments and product technologies.
These include data loss prevention (DLP) products and the RSA BSAFE crypto toolkit.
“As one of the largest security suppliers, it takes a lot to disrupt ourselves, but organisations at the top frequently fail because they don’t disrupt themselves and things end up disrupting them,” said Yoran.
“RSA is no longer in the crypto business and will leave it to others to carry on with DLP, which we don’t believe is the right way to do security in the future,” he said.
GRC more important than ever
Instead, RSA is focusing on advanced security operations and incident response, authentication and identity management, and governance, risk and compliance (GRC).
“It is about shifting resources to key technologies where we are best of breed and that we believe are critical to the way security will be done in the future,” said Yoran.
RSA is working to advance organisations’ capability to monitor networks, detect advanced threat actors, manage and authenticate users, and identify what matters to an organisation.
“Because we have announced the end of sale for a lot of legacy products, it has enabled us to double and even triple our development efforts in these key market areas where we have differentiated market-leading technology. We believe we can press the envelope beyond best of breed and really make a difference in the market,” said Yoran.
RSA has also changed its sales model, moving from a generalist model to security specialists worldwide that understand the technologies, the use-cases, the competitive landscape and the customer base at a more intimate level.
“We have changed the way we engage with channel partners. RSA has historically been bifurcated between direct sales and channel, but we are now 100% committed to our channel,” said Yoran.
Another key change relates to RSA’s services division, where the greatest contributor to incentive compensation is customer satisfaction (CSat) scores, rather than the services team’s earnings before interest taxes (Ebit) contributions.
“This means the Ebit on our services team is actually down, but the CSat scores are way up. As a result, our product sales are growing significantly, and because product sales produces greater margin, our overall Ebit contribution is healthier than it has ever been, ” said Yoran.
“We are defining new values for the company through operating, thinking and acting differently – more like RSA the world’s largest startup and less like RSA of years past,” he said.
One of the key pillars for RSA in the future, said Yoran, is Archer – the GRC platform EMC acquired for its security division in 2010.
“We believe effective GRC is more important than ever before because it helps organisations understand what is important,” he said.
Yoran said that while Archer can automate processes to help organisations meet compliance objectives, the real value is its ability to identify the critical assets and business processes.
“This is strategic targeting information for the security team because it enables them to focus on the things that are most important. When the team protect, detect or respond to something, they can also show the business impact of what they’ve done, so Archer is critical to making security teams more efficient as well as more relevant in the business world,” he said.
At RSA Conference in Abu Dhabi, the company announced the release of new RSA Archer GRC offerings aimed at enhancing the experience.
The company said new features include a task-driven user interface and drag-and-drop advanced workflow capabilities.
New features have also been added to RSA Archer Operational Risk Management to help streamline how organisations identify, assess, respond and monitor existing and emerging risks.
New advanced configuration options also allow business unit managers to view a history of their risk activity, configure key reports and customise action buttons to access specific risk-related actions from a single dashboard, RSA said.
Yoran said the latest innovations in RSA Archer are aimed at enabling organisations to take the risk function out of just the risk manager’s responsibility.
“Businesses move so fast and risk managers just can’t keep up, so Archer 6 enables organisations to scale out the risk management understanding to the business owners themselves, enabling risk to become everybody’s job and responsibility because it’s the business people that need to understand it and own it,” he said.
Mindset biggest challenge to security
In his keynote, Yoran said one of the biggest challenges around security is not a technology problem, but a mindset problem.
“This means that while technologies are advancing, organisations have to evolve. Anyone who thinks they are safe because they are deploying a next-generation firewall and anti-malware sandboxing is not our target buyer because they are not dealing in reality.
“We want people who are thinking a little bit differently and understand what the advanced threat landscape looks like, and that they need to be much more aggressive in how they are monitoring and actively hunting for adversaries in their environment,” he said.