Within the ranks of IT organizations, security professionals are often equated with Chicken Little. At any moment, the security sky is about to fall in on the organization resulting in devastation and destruction as far as the eye can see.
Of course, when this doesn't happen because existing security measures appear to be sufficient in terms of mitigating the actual threats the company faces, a certain amount of security fatigue starts to set in across the organization. It's usually at the moment, however, that the organization becomes most vulnerable.
The folks at RSA, the security division of EMC, have been contemplating this very issue. At the RSA Conference 2011 this week the company rolled out the RSA Solution for Security Incident Management service.
According to Stephen Preston, senior director of product marketing, the service is designed to help prioritize security threats based on their actual risk. The service monitors a company's existing IT assets and then correlates that information with all the latest information on security threats to create a series of actionable reports. For security professionals, this means being able to have a conversation with the rest of the IT organization about real and present dangers, versus theoretical threats that may never have any material impact on the company.
The service works by streaming data from RSA enVision security software to the eGRC platform, which EMC picked up when it acquired Archer Technologies, that analyzes that information to assign a level of risk to each security threat.
Preston says RSA Solution for Security Incident Management is only the beginning of a strategic effort to apply analytics to security management in a way that will allow IT organizations to be more thoughtful about how they balance threats against the actual risks they may face. Obviously, that's a huge challenge given all the data involved, but with any luck it should spell the beginning of the end to Chicken Little approaches to security management.