Story image

RSA boosts solution portfolio as GDPR regulations approach

24 Oct 17

RSA is honing its focus for businesses that need to comply with security legislation such as Australia’s Notifiable Data breaches scheme and the European Union’s General Data Protection Regulation by extending its governance, risk and compliance solution.

The company says that GDPR and other regulations are forcing companies to revisit and revise how they manage and protect data online.

“We used to live in a world where executives ran the business, IT ran the infrastructure, security set the perimeter, and compliance made the rules, but regulations like GDPR are breaking down those old walls,” explains Rohit Ghai, President, RSA.

“GDPR translates cyber risk to a bottom-line business issue, which completely changes how businesses view their customers’ data.”

The RSA Archer Suite can help organisations to manage multiple risk dimensions built on an integrated and configurable software platform.

In addition to its current solutions, the company has also added two new use cases: RSA Archer Data Governance Use Case and the RSA Archer Privacy Program Management use case.

The RSA Archer Data Governance use case helps document governance requirements for data-centric regulations such as HIPAA and GDPR.

The RSA Archer Privacy Program Management use case enables holistic privacy program management and align processes with regulations including privacy assessments and regulatory case tracking.

“Ultimately, GDPR is not just a Governance, Risk and Compliance (GRC) issue. GDPR spans the full enterprise and forces companies to adopt a healthier privacy and security risk posture in four critical areas: Risk Assessment, Breach Readiness, Data Governance, and Compliance Management,” the company says in a statement.

The company developed its Archer Suite to assist with risk assessment; RSA NetWitness Suite to assist with breach response; RSA SecurID Suite to assist with data governance; and the RSA Risk and Cyber Security Practice to assist with compliance management including GDPR requirements.

The RSA Archer Suite includes other use cases, including:

         RSA Archer Security Incident Management helps enable processes to address the flood of security alerts and implement a managed process to escalate, investigate and resolve security incidents. 

·         RSA Archer Security Operations and Breach Management helps extend the security incident process by adding workflow for data breaches and management of the overall security operations team.

·         RSA Archer Issues Management helps organizations manage issues generated from risk and control assessments and audits.

·         RSA Archer IT Risk Management helps accelerate the identification of IT risks related to GDPR compliance and improves an organization’s risk mitigation strategies.

·         RSA Archer IT & Security Policy Program Management provides the framework to help organizations establish a scalable and flexible environment to document and manage an organization’s policies and procedures to help comply with the GRPR.

·         RSA Archer IT Controls Assurance provides a framework and taxonomy to assist organizations by systematically documenting the GDPR control universe, enabling organizations to assess and report on the performance of controls at business hierarchy and business process levels.

·         RSA Archer Third Party Catalog assists in documenting third party relationships, engagements and associated contracts to identify help track external parties related to GDPR.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.