RSA is launching “advanced” consultancy services around security.
The company, which is the security software division of EMC, said at its annual conference in London that the service would help firms “implement or improve their security operations function to more effectively manage both risk and IT compliance programmes”.
Businesses need to take a “more advanced approach” to security, it said, in order to identify and manage incidents, and to protect information.
RSA said its services will help businesses gather and analyse security data, evaluate risk in order to priories remediation, detect and react to security incidents, monitor the effectiveness of existing controls, report on security metrics, and address compliance.
The new services will be split into three areas. The first, security operations strategy and assessment, will target firms that want to deepen their security strategy.
The second, security operations management, aims to help firms establish comprehensive policies, procedures, guidelines and documentation. This includes operational run-books and workflow that can support a security operations centre or incident management programme on a day-to-day basis.
The last area is security operations analysis and design, and this is aimed at businesses seeking a broad evaluation of security operations requirements. It also guides on an incident management framework and how to establish the development of appropriate policies and procedures for security operations.
Peter Charland, marketing director at RSA professional services, told Computerworld UK that many businesses needed a more thorough examination of their security, because they were “still looking at the perimeter and not looking enough inside the organisation”.
The services offered a broader look at security than before, he said, offering a different depth of assistance depending on the maturity of companies’ security setups.
Irida Xheneti, security analyst at IDC,said businesses needed to "think beyond the traditional view of security".
Advanced security operations address "threat analysis, attack detection, mitigation response as well as influencing future protection and compliance", Xheneti said.