Just a few days following the announcement by EMC security subsidiary RSA that its most popular authentication token product was the target of a very focused security breach, the obvious question on many minds is how much brand damage the incident will inflict on RSA and its partners. The short answer from many security pundits is that RSA will recover, but it won’t be easy.
According to Jonathan Gossels and Philip C. Cox of IT security consulting firm and RSA partner Systems Experts, neither the SecurID brand or the RSA brand were “fatally injured” by the recent breach.
“They’ve got too much goodwill in the security industry, and the fact is that people that work for them are good at what they do,” says Cox, principal consultant for Systems Experts, who believes that something similar could have sunk a weaker security brand. “Anybody that knows anything about security is probably thinking more like ‘uh oh’ as opposed to ‘ha ha, look at you.'”
In its most recent analysis of the authentication market, IDC reported that RSA is at the dominant leader in the market. SecurID is currently used by 30,000 organizations around the world, with tokens issued to 40 million users. For his part as an RSA partner, even though he is concerned about the vagueness of RSA’s announcement about the breach, Bobby Kuzma says that he’s not going to pass judgment on the company for getting hit by hackers. Even if the bar is set higher for security companies, the fact is that today’s attacks are pernicious.
“I’m not yet ready to throw them completely under the bus,” says Kuzma, owner of managed security service provider Central Florida Technology Solutions. “The unfortunate fact of the matter is there are no perfectly secure systems against a determined attacker with sufficient resources.”
Nevertheless, the breach is obviously going to have an impact on partners who must help customers deal with the very same determined hackers. While the trust in SecurID may not be permanently undermined, partners need to tread lightly with new projects.
“If I was in the process of doing a deployment right now, I might slow that down and hold off until he dust settles, but I don’t think long term there will be lasting damage from it,” says Gossels, CEO of Systems Experts. “They’re going to have to work to recover, but they will recover.”
In the meantime, this could well be an opportunity in disguise, says Scott Crawford of analyst firm Enterprise Management Associates. By looking out for RSA customers in the aftermath of this incident, many within the channel will be able to solidify their role as trusted advisors in securing their customers environments.
“If I were a channel partner, I’d see this as an opportunity,” Crawford says. “I would approach customers about doing an evaluation of their current security deployment, letting customers know what their alternatives are. The very first thing the channel partner should do is keep the customer informed. Partners are going to want to keep a pretty close watch on RSA’s response and work closely with RSA to follow up with these customers.”