back to article RSA appoints security chief amid blistering criticism

RSA has appointed its first chief security officer, three months after a data theft on its network contributed to the hack of the world's biggest defense contractor, and possibly other important customers. RSA awarded the position to Eddie Schwartz, who held a similar title at NetWitness, the security monitoring firm acquired …


This topic is closed for new posts.
  1. A Non e-mouse Silver badge


    Am I the only one who thinks it slightly humorous that a company that sells security devices doesn't have it's own security officer ?

  2. CPU

    This has all happend before, and will happen again

    I seem to remember, waaaaay back, when someone stood up at an RSA conference and said, "I can predict the next tokencode on your demo unit". Everyone laughed. Said chap predicted the next Tokencode. Everyone stopped laughing. RSA, ummed & arrrd over this for a long time, then switched to AES to get round this problem. Not once did they say hey, your security is totally predictable by a sweaty guy with a laptop. The body was quietly swept under the carpet, Marketing waved their arms as a distraction and for the most part no one knew or gave a monkeys.

    After tis latest boo-boo, I'm sure LM gave a whole cage of Monkeys as it was their IP that was (presumably) siphoned away.

    Alas, security is like life, there are no guarantees.

  3. John Smith 19 Gold badge

    "RSA has appointed its first chief security officer"

    Remind me again what RSA *do*.

    Icon expresses my view.

  4. Dodgy Geezer Silver badge

    Behind the times...?

    From the OP: "..RSA has appointed its first chief security officer..."

    If this means what it says, it implies that RSA (a major security product provider) has NOT had a Head of Information Security position before. Amongst other things, it would be hard for them to be in compliance with ISO 27001/2 without such a post.

    But that's not surprising. Amongst other skills, I work in contract interim Head of Information Security positions. Everybody talks a lot about this subject, but few clients want to pay money for it to be undertaken. I get about 1 job a year....

  5. json

    a new piñata..

    .. for the hacker crowd.

  6. Anonymous Coward
    Thumb Down


    So RSA keeps the keys to the kingdom for 40 million employees' two-tier authorization on their own internet-connected systems, but they didn't have a CSO until now?

    I think that qualifies as an accident-waiting-to-happen....

This topic is closed for new posts.

Other stories you might like