While new tools are needed to combat ever changing security threats, it is helpful to examine the history of the APT, because it is possible to derive many important lessons for defending against them in the future.
There are several lessons to be drawn from the RSA incident:
- It is possible for security products to be compromised through an attack on the supplier. Contingency plans should, therefore, be considered for possible breaches of this type where the consequences would be highly damaging.
- The incident demonstrated that even the most security-aware companies handling highly sensitive material can have weaknesses in their security posture. There is certainly an element of truth in the old adage that “the cobbler’s children have the worst shoes.”
- With speedy identification and response, it is possible for the immediate damage from an intrusion to be contained. RSA acted swiftly, decisively and candidly to minimize the consequences to customers.
- The incident demonstrates that enterprises with good crisis management and public relations can ride out even the most severe incidents. RSA is still in business today and has maintained a good reputation.