What is RSA's build, buy, partner strategy?

Computer Weekly takes a closer look at RSA's build, buy, partner strategy

RSA, the security division of EMC, and Juniper Networks have expanded their technology partnership, just weeks after RSA announced its new RSA Security Analytics offering and four months after acquiring fraud detection firm Silver Tail Systems

So what is RSA's build, buy, partner strategy?

The most recent partnership, announced at RSA Conference 2013, combines Juniper Networks’ Junos Spotlight Secure global attacker intelligence service and the RSA Live threat intelligence delivery system.

The combination of these two systems is aimed at helping IT security staff reduce the time it takes to identify, assess and respond to incidents, but more importantly, it plays into RSA’s strategy of intelligence-led security, which has been a key theme of recent RSA Conferences.

The topic was highlighted again this year by RSA executive chairman Art Coviello in his keynote address. “Technology will help us solve the seemingly unsolvable,” he told attendees of RSA Conference 2013 in San Francisco.

Using external intelligence on security threats is an important part of this intelligence-based strategy, he said. “If criminals can share information, why can’t we do the same?” said Coviello.


  • RSA Europe: New intelligence-led security model needed
  • Organisations need alternative data protection as security models fail
  • Interview: RSA executive chairman Art Coviello
  • Proactive security: The future of secure networks
  • Security Think Tank: Using big data for intelligence-led security
  • Security Think Tank: Intelligence-led security is about risk management
  • Security Think Tank: The only sustainable approach to security is intelligence-led
  • Security Think Tank: Intelligence-led security could give IT pros the edge
  • Security Think Tank: Proof of intelligence-led security is in the metrics
  • Security Think Tank: Intelligence-led security is more efficient and effective
  • Security Think Tank: Security intelligence needs a plan

Complementary partnership

The partnership with Juniper Networks is therefore complementary to what RSA is doing, which is a key indicator of when partnership is the way to go, RSA president Tom Heiser told Computer Weekly.

“Juniper is a perfect example; it is complementary, it is synergistic, we can go to market together, and neither expects the other to be competitive, so it’s a natural relationship,” he said.

Partnering is also indicated when RSA wants to do something quickly that is not “mega-strategic”, and in which a potential partner has well-established skills and expertise.

Building core products

By contrast, something like RSA Security Analytics is core to RSA’s business. In fact, Heiser sees this as key to the company’s future.

“Nobody else has anything like that – where you are applying big data and analytics, you are leveraging logs and full packet capture together, laying analytics on top of that, and providing context.

“There are other security information and event management (SIEM) companies and other network logging companies, but no one else has security analytics, full packet capture, logging, big data and analytics,” he said.

Similarly, RSA announced Authentication Manager 8.0, which Heiser considers the first major release on the authentication side in many years.

“We are bringing in traditional SecureID and risk-based authentication so we can work with customers to select what user has what profile, at what cost, at what convenience factor – using a hardware token or a software token, or SMS or risk-based authentication – all on the same platform,” he said.

Heiser believes this combination gives businesses tremendous flexibility, which, with ease of use improving tremendously, drives total cost of ownership (TCO) right down.

“One of our beta sites told us that it would buy this on ease of use and TCO alone because it is that much improved from Authentication Manager 6.x and 7.x,” he said.

The indicators for building something organically, said Heiser, are that RSA has the skills, time and resources, and that it can be developed on the company’s roadmap, either with its existing core area or areas that are close to it.

No one else has security analytics, full packet capture, logging, big data and analytics

Tom Heiser, RSA

Buying in key competencies

And while RSA is investing heavily in research and development, the company is always looking at acquisition, said Heiser. “Acquisition is what we do when we need to do something big and we need to do it fast,” he said.

Network security monitoring firm Netwitness and governance, risk and compliance (GRC) software firm Archer are good examples of that, said Heiser.

“We did not have full packet capture experience and we did not have GRC experience, and we felt that those were areas that we needed to move to,” he said.

Similarly, EMC created a security strategy that it wanted to implement in a big way, but it did not have the skills, which led to the acquisition of RSA.

The most recent acquisition, Silver Tail, was also a nice acquisition, said Heiser, because RSA already had a go-to-market engine in the fraud detection space.

“From an integration standpoint it was super easy; we combined that with our identity protection and verification team,” he said.

According to Heiser, RSA is continually thinking about and analysing whether to build, buy or partner.

“When we look at an opportunity like cloud, for example, we look at whether we can enhance our products to be delivered through the cloud, whether we need to acquire, or whether we have partnering capabilities through service providers – and sometimes it is not one or the other, but a combination; we can do it multiple ways,” he said, summarising RSA’s build, buy or partner strategy.

Image: George Doyle/Thinkstock


Read more on Hackers and cybercrime prevention

Data Center
Data Management