Booz Allen and RSA join forces in cyber-security marketplace
About a year ago, senior cyber security executives at Booz Allen Hamilton sat down with their counterparts at RSA, shared information about their respective products and consulting services, and quickly discovered that they could complement each other beautifully if they chose to work together. Out of that meeting-of-the-minds has come a formal “consulting and services partnership,” which both companies unveiled at RSA’s Advanced Threats Summit in Washington, DC, on Sept. 19.
Under this partnership, RSA, a unit of EMC Corp., will contribute its considerable software and product expertise (which are vital to detecting a cyber-assault and identifying a specific attack signature), while Booz Allen will offer its long experience in the Intelligence Community to help track down the source and motivation of such a cyber-attack, and figure out what can be done about it.
“RSA has the products and technologies, and we can present some of the analytic work,” explained Gary Labovich, a Booz Allen senior vice president, who spoke with Government Security News on Sept. 18, before the two companies made their official announcement.
Here’s how Labovich sees the new partnership: “RSA has a suite of tools that enable them to identify a threat in a customer’s network. Essentially, they can find the bug. Booz Allen can look at various kinds of data and identify the trademarks of third-party invaders, and engage in pattern-recognition.”
A joint press release issued on Sept. 19 said the two companies will focus on the “development of joint service offerings that leverage the deep technical and analytical experience of both companies in designing threat-resistant digital infrastructures and in helping customers remediate recent or active cyber attacks.”
In addition to contributing its expertise in “connecting-the-dots” in a post-attack cyber-investigation, Booz Allen is eager to find ways to commercialize a software product it developed which it calls Automated First Responder. Unlike many cyber-security software programs that look for the “signature” of a known virus, bug or piece of malware, Booz Allen’s AFR does not need to know the attacker’s signature in advance, explained Labovich. Instead, the AFR tries to spot cyber-threats by looking for known or unknown anomalies in the network.
One of the main goals of Booz Allen for entering into this new partnership with RSA is to find ways to “productize” its Automated First Responder software and market it to a much broader pool of potential customers. “We know we have something that is pretty special,” Labovich told GSN, “but we’re not a product company.”
“The lines between types of attackers, attack techniques, and even motives continue to blur in today’s increasingly-connected digitally dependent world,” said Mike McConnell, Vice Chairman of Booz Allen Hamilton and former Director of National Intelligence and Director, National Security Agency, in a prepared statement. “Government agencies and a full range of commercial enterprises today must be able to defend themselves from a growing list of online adversaries, all of whom will be armed with increasingly sophisticated malware and tactics. To be successful, enterprises require much greater access to the wealth of information, technologies, and tactics that companies such as RSA and Booz Allen have developed through practical experience in defending the world’s most sensitive digital infrastructures. Our consulting and services partnership is one step in improving that collaboration, giving our clients and customers better and faster access to the expertise and tools they need to defend their information and valuable digital assets.”
Rear Admiral (Ret.) Mike Brown, Vice President and General Manager of RSA Federal and Critical Infrastructure, added in a prepared statement, “Whether their motives are cybercrime, cyber espionage or cyber terrorism, the adversaries that organizations face online are highly effective at collaboration, information sharing, and technology sharing. Joint ventures such as the one we are announcing today demonstrate that security practitioners can be equally collaborative. RSA and Booz Allen Hamilton maintain leadership positions in security software development, security consulting, and incident response. Through our consulting and services partnership, we will be better able to put our skills and expertise to work for customers in the public and private sectors, so our customers can reap the benefits of technology while successfully managing the risks across the digital threat landscape.”