[ISN] RSA hack -- a lesson in how not to handle a PR disaster!

From: InfoSec News <alerts_at_private>
Date: Wed, 23 Mar 2011 01:10:52 -0600 (CST)
http://eskenzi.wordpress.com/2011/03/21/rsa-hack-%E2%80%93-a-lesson-in-how-not-to-handle-a-pr-disaster/

By yvonneeskenzi
March 21, 2011

I’ve been doing PR for the IT security industry for 16 years and there 
has never been such a major breach to an IT security vendor, as the one 
to hit RSA on Friday.  And rarely has a PR disaster been dealt with so 
badly. From where I’m sitting, resellers, distributors, customers as 
well as bloggers, tweeters and journalists are running around 
speculating about what’s happened and panicking about what to do -- with 
no clear advice or guidance from RSA’s internal or external experts.  
It’s almost like they’ve battened down the hatches, stuck their heads 
under their duvets and hoped this whole nasty incident would shut-up and 
go away, so that they could start the week afresh as though nothing had 
happened.

If you visit their website there’s nothing there apart from an open 
letter from Art Coviello their Executive Chairman 
http://www.rsa.com/node.aspx?id=3872 stating they’ve suffered a major 
hack!  But what I want to know is where are the press releases with more 
statements and calming advice, where is the hotline general number for 
more information, how do you contact anyone with sane help as to what to 
do with your SecureID tokens -- should you still use them or are they 
now defunct?  When I spoke to the FT last week they said that RSA did 
not have anyone available for comment and another journalist said they 
were put through to an answerphone, as there were no official RSA 
personnel to talk to.  So of course speculation as to the severity of 
the situation is now running riot with every security pundit coming up 
with their disaster theory.  Take NSSlabs.com 
http://www.nsslabs.com/research/analytical-brief-rsa-breach.html who are 
recommending that “RSA clients who use SecureID to protect sensitive 
information should consider eliminating remote access until this is 
resolved ; perform an impact assessment of systems using this technology 
and identify critical assets and potential risks. Furthermore, RSA 
clients should consider alternative 2-factor authentication solutions”.

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Wed Mar 23 2011 - 00:10:52 PDT

This archive was generated by hypermail 2.2.0 : Wed Mar 23 2011 - 00:18:41 PDT