RSA 2011: RSA, EMC and VMWare advise on defending against advanced persistent threats

Security leaders have outlined ways organisations can better defend against advanced persistent threats (APTs) in a paper published by RSA, the security division of EMC.

The model, formulated by representatives from RSA, EMC and VMWare, is detailed in the paper released at the RSA Conference 2011 in San Francisco.

The paper is entitled Mobilizing Intelligent Security Operations for Advanced Persistent Threats.

"Advanced persistent threats are inevitable for most large organisations," said David Hunter, chief technology officer, worldwide public sector, VMware.

"With the complexity of today's IT environment we expect to see APTs increasingly target corporate intellectual property requiring organisations to evolve their IT and security operations to counter APTs and other fast-evolving threats," he said.

To manage security at the speed and scale of the cloud and to deal with unpredictable adaptive threats such as APTs, organisations need to evolve their security operations to manage these new threats, said Bret Hartman, chief technology officer at RSA.

The new model includes six core elements and guidance on how to incorporate these elements into existing security operations.

The elements are risk planning, attack modelling, virtualisation, predictive analysis, automated and risk-based decision systems, and continual improvement through forensic analyses and community learning.