SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
RSA boosts solution portfolio as GDPR regulations approach
Tue, 24th Oct 2017
FYI, this story is more than a year old

RSA is honing its focus for businesses that need to comply with security legislation such as Australia's Notifiable Data breaches scheme and the European Union's General Data Protection Regulation by extending its governance, risk and compliance solution.

The company says that GDPR and other regulations are forcing companies to revisit and revise how they manage and protect data online.

“We used to live in a world where executives ran the business, IT ran the infrastructure, security set the perimeter, and compliance made the rules, but regulations like GDPR are breaking down those old walls,” explains Rohit Ghai, President, RSA.

“GDPR translates cyber risk to a bottom-line business issue, which completely changes how businesses view their customers' data.

The RSA Archer Suite can help organisations to manage multiple risk dimensions built on an integrated and configurable software platform.

In addition to its current solutions, the company has also added two new use cases: RSA Archer Data Governance Use Case and the RSA Archer Privacy Program Management use case.

The RSA Archer Data Governance use case helps document governance requirements for data-centric regulations such as HIPAA and GDPR.

The RSA Archer Privacy Program Management use case enables holistic privacy program management and align processes with regulations including privacy assessments and regulatory case tracking.

“Ultimately, GDPR is not just a Governance, Risk and Compliance (GRC) issue. GDPR spans the full enterprise and forces companies to adopt a healthier privacy and security risk posture in four critical areas: Risk Assessment, Breach Readiness, Data Governance, and Compliance Management,” the company says in a statement.

The company developed its Archer Suite to assist with risk assessment; RSA NetWitness Suite to assist with breach response; RSA SecurID Suite to assist with data governance; and the RSA Risk and Cyber Security Practice to assist with compliance management including GDPR requirements.

The RSA Archer Suite includes other use cases, including:

         RSA Archer Security Incident Management helps enable processes to address the flood of security alerts and implement a managed process to escalate, investigate and resolve security incidents.

·         RSA Archer Security Operations and Breach Management helps extend the security incident process by adding workflow for data breaches and management of the overall security operations team.

·         RSA Archer Issues Management helps organizations manage issues generated from risk and control assessments and audits.

·         RSA Archer IT Risk Management helps accelerate the identification of IT risks related to GDPR compliance and improves an organization's risk mitigation strategies.

·         RSA Archer IT - Security Policy Program Management provides the framework to help organizations establish a scalable and flexible environment to document and manage an organization's policies and procedures to help comply with the GRPR.

·         RSA Archer IT Controls Assurance provides a framework and taxonomy to assist organizations by systematically documenting the GDPR control universe, enabling organizations to assess and report on the performance of controls at business hierarchy and business process levels.

·         RSA Archer Third Party Catalog assists in documenting third party relationships, engagements and associated contracts to identify help track external parties related to GDPR.