Story image

RSA boosts solution portfolio as GDPR regulations approach

24 Oct 2017

RSA is honing its focus for businesses that need to comply with security legislation such as Australia’s Notifiable Data breaches scheme and the European Union’s General Data Protection Regulation by extending its governance, risk and compliance solution.

The company says that GDPR and other regulations are forcing companies to revisit and revise how they manage and protect data online.

“We used to live in a world where executives ran the business, IT ran the infrastructure, security set the perimeter, and compliance made the rules, but regulations like GDPR are breaking down those old walls,” explains Rohit Ghai, President, RSA.

“GDPR translates cyber risk to a bottom-line business issue, which completely changes how businesses view their customers’ data.”

The RSA Archer Suite can help organisations to manage multiple risk dimensions built on an integrated and configurable software platform.

In addition to its current solutions, the company has also added two new use cases: RSA Archer Data Governance Use Case and the RSA Archer Privacy Program Management use case.

The RSA Archer Data Governance use case helps document governance requirements for data-centric regulations such as HIPAA and GDPR.

The RSA Archer Privacy Program Management use case enables holistic privacy program management and align processes with regulations including privacy assessments and regulatory case tracking.

“Ultimately, GDPR is not just a Governance, Risk and Compliance (GRC) issue. GDPR spans the full enterprise and forces companies to adopt a healthier privacy and security risk posture in four critical areas: Risk Assessment, Breach Readiness, Data Governance, and Compliance Management,” the company says in a statement.

The company developed its Archer Suite to assist with risk assessment; RSA NetWitness Suite to assist with breach response; RSA SecurID Suite to assist with data governance; and the RSA Risk and Cyber Security Practice to assist with compliance management including GDPR requirements.

The RSA Archer Suite includes other use cases, including:

         RSA Archer Security Incident Management helps enable processes to address the flood of security alerts and implement a managed process to escalate, investigate and resolve security incidents. 

·         RSA Archer Security Operations and Breach Management helps extend the security incident process by adding workflow for data breaches and management of the overall security operations team.

·         RSA Archer Issues Management helps organizations manage issues generated from risk and control assessments and audits.

·         RSA Archer IT Risk Management helps accelerate the identification of IT risks related to GDPR compliance and improves an organization’s risk mitigation strategies.

·         RSA Archer IT & Security Policy Program Management provides the framework to help organizations establish a scalable and flexible environment to document and manage an organization’s policies and procedures to help comply with the GRPR.

·         RSA Archer IT Controls Assurance provides a framework and taxonomy to assist organizations by systematically documenting the GDPR control universe, enabling organizations to assess and report on the performance of controls at business hierarchy and business process levels.

·         RSA Archer Third Party Catalog assists in documenting third party relationships, engagements and associated contracts to identify help track external parties related to GDPR.

ZombieLoad: Another batch of flaws affect Intel chips
“This flaw can be weaponised in highly targeted attacks that would normally require system-wide privileges or a complete subversion of the operating system."
Forget endpoints—it’s time to secure people instead
Security used to be much simpler: employees would log in to their PC at the beginning of the working day and log off at the end. That PC wasn’t going anywhere, as it was way too heavy to lug around.
DimData: Fear finally setting in amongst vulnerable orgs
New data ranking the ‘cybermaturity’ of organisations reveals the most commonly targeted sectors are also the most prepared to deal with the ever-evolving threat landscape.
IXUP goes "post-quantum" with security tech upgrade
The secure analytics company has also partnered with Deloitte as a reseller, and launched a SaaS offering on Microsoft Azure.
Infoblox appoints channels head for A/NZ
Kenneth Cartwright’s appointment extends Infoblox’s position in secure cloud-managed network services throughout the region.
ExtraHop’s new partner program for enterprise security
New accreditations and partner portal enable channel partners to fast-track their expertise and build their security businesses.
Hackers increasingly ‘island hopping’ – so what does it mean?
Carbon Black's Rick McElroy discusses this new trend and what it means for the new age of cybercrime.
Trust without visibility is blind – Avi Networks
Enterprises are wanting to gain the trust of their customers, but are often found blindly defending themselves.