Skip navigation
All Places > Products > RSA Archer Suite > Blog
1 2 3 Previous Next

RSA Archer Suite

347 posts

A key to delivering a solid risk management program is the quality and performance of the processes fueling your organizations’ strategy. Getting solid results through efficient processes enables your program to achieve the reach necessary across the enterprise to address risk effectively. These two facets – quality and performance – were the key themes of our most recent release.

I am pleased to announce the general availability of RSA Archer Release 6.4. RSA Archer 6.4 delivers enhanced capabilities for RSA Archer Platform focused on improved data quality and feed performance and greater performance and serviceability.

Integration is critical in gathering the information for your risk program. RSA Archer’s integration capabilities are core to the platform and the 6.4 release enhances the data feed capabilities in RSA Archer with more ability to transform inbound data before it is brought into the RSA Archer Platform. Release 6.4 also improves the performance of data feeds by batching records and calculation improvements.

In addition, there are some fantastic new features that improve the user experience and make life easier for administrators. The ability to embed reports on application forms and calculate cross-references based on data filters are two new capabilities that will improve how users view data and how administrators can streamline data input.   For easier serviceability of the RSA Archer Platform, a new permissions investigation console has been added to simplify the role and group access control troubleshooting. Additionally, the expansion of advanced workflow capabilities captures advanced auditing insight and logging workflow history within the History Log field.

RSA Archer Release 6.4 also introduces new capabilities for RSA Archer IT & Security Risk Management use case offerings:

  • The new RSA Archer Cyber Incident and Breach Response use case is designed to align security to business risk. It provides a consistent measure of control efficacy and centralizes the process for responding to business impacting security incident.
  • New capabilities for the RSA Archer Information Security Management System (ISMS) use case enable users to automate scoping of ISMS resources, conduct a gap analysis, and generate a Statement of Applicability.

These are just some of the highlights of the release.   With the release of 6.3 in October 2017 and this release, we continue on our journey to make RSA Archer the system of engagement and insight and help your organization implement high quality, high performance risk management processes.

For more information, see the Product Advisory.

In my previous blog about cyber risk quantification and privacy, I suggested that there is a role for assessing risk using cyber risk quantification and assessing risk from a privacy orientation.  Let me explain further.  Cyber risk quantification is hugely important to an organization!  Cyber risk quantification is used to answer these kinds of questions:

  • What would be the monetary impact on the organization, if it experienced a cyber breach?
  • How much, in monetary terms, is risk reduced if a particular control is implemented?
  • What’s the monetary value of implementing this control over that control?
  • How much cyber insurance should be purchased to cover the organization’s cyber risk (what should be the dollar limit of the insurance policy on a single and aggregate loss basis)?

These are extremely important questions that every organization needs to answer.  When these questions can be answered in monetary terms, it is much easier for executives and the board to prioritize the allocation of scarce human and capital resources in the management and transfer of risk.

Privacy laws change the orientation of risk assessment from the impact of a cyber incident on the organization to an assessment of how the cyber incident would impact an individual.  Originally, privacy laws were very prescriptive about the obligations to individuals, as can be seen in these two regulatory obligations:    

  • The Australian Privacy Principles state that an “entity must take reasonable steps to protect personal information it holds from misuse, interference and loss, as well as unauthorized access, modification or disclosure.”
  • Section 501 of the U.S. Gramm-Leach Bliley Act states that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers’ nonpublic personal information.

Contrast these rather prescriptive requirements with the EU General Data Protection Regulation, effective this May.

  • The EU-GDPR was designed to “protect [the] fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.”

The EU General Data Protection Regulation broke from the older, more prescriptive, requirements of the Australian Privacy Principles and the U.S. GLBA, and expanded the scope to include “fundamental rights” of EU citizens.  In the United States, this would be analogous to equating GLBA with the Declaration of Independence, where you might end up with a privacy statement like “institutions have an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers’ nonpublic personal information so as to not infringe upon the individual’s unalienable right to life, liberty, and the pursuit of happiness.”

As I said, The EU-GDPR was designed to “protect [the] fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.”  There happen to be fifty fundamental rights identified in the Charter of Fundamental Rights of the European Union.   Not all 50 of these fundamental rights could be infringed by poor information security but a thorough risk assessment requires the assessor to evaluate the likelihood and impact that an information security incident could have on the individual’s fundamental rights.

The change in orientation from assessing the impact of a breach to the organization to one of assessing the impact on the individual ultimately influences an organization’s cyber risk appetite too.  An organization may have an appetite for $10 million in cyber breach-related costs but zero tolerance for an information security breach that could compromise the life and safety of employees.  Both risk appetite statements are perfectly logical. However, to assess the risk requires two different but complimentary approaches: Cyber Risk Quantification and Privacy Risk Assessment.

I have been obsessing over the question of whether cyber risk quantification, as we understand it today, can serve as a reasonable proxy in assessing risk associated with privacy regulations such as the EU General Data Protection Regulation.  The EU-GDPR says the obligation of companies is to “protect[s] fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.”  Article 6 of the Charter of Fundamental Rights of the European Union states that one “fundamental right[s] is the right to Liberty", which encompasses the concept of self-determination.

 

I am not at all confident that traditional cyber risk quantification is a suitable proxy for an individual’s privacy risk related to this fundamental right.  For example, a company might perform a quantified risk assessment of non-compliance with the EU-GDPR that concludes there is an 80% probability of a fine of 4% of global revenue + 10 million Euros of customer litigation.  This is a great approach if you need to understand the potential monetary impact to the organization for non-compliance but, if your intent is to truly comply with the law, it seems to me that you may have to take an individual-focused approach to risk assessment. 

 

In short, what is the risk to an individual's fundamental rights if they are subject to psychographic profiling by a company like Cambridge Analytica, for the purpose of manipulating public opinion that undermines the individual's right to self-determination?

 

After pondering this with a number of people, I think the answer is that different risk assessment approaches must be employed.  In those circumstances where you want to understand the monetary impact to the organization, you would use cyber risk quantification.  In those circumstances where you want to understand the impact to an individual, you must do the assessment from the individual's perspective.  This bifurcated approach will no doubt leave many organizations faced with circumstances where they have determined that the risk to the individual is great but to the organization, comparatively small.  

 

What do you think?

 

Hi RSA Archer fans,

 

Once again, your friends at RSA University have teamed up to bring you some exciting pre-conference training opportunities! Please note that these training courses are limited in the number of students we can accommodate per course, do require pre-registration, and carry a cost that is separate from your conference fee. That said, these prices are at least 20% off list price, and as prior Summit and Charge events have shown, the available discounted training spots will go fast!

 

Based on response and instructor availability, we may be adding more courses to this line-up as the event approaches, but we can’t promise that just yet.  We strongly recommend you don’t delay and risk losing your chance to add even more value to your trip to Nashville for the RSA Archer 2018 Summit!

 

All of these courses will be held at the Sheraton Grand Nashville Downtown, a quick 3 minute walk from the main Summit hotel.  We commit that you’ll be out in time to join in the opening night fun on Wednesday, so make sure you register for the RSA Archer Summit as well if you haven’t already!

 

Visit the RSA Archer 2018 Summit website for registration and ongoing event information as we head toward the August 15-17 Summit event.

 

Links to register for pre-conference training are included below.

 

Aug  14-15 (Tues-Wed):

  • RSA Archer Boot Camp - $1600
    • In this consolidated, 2-day version of our 4-day Admin I course, students will gain knowledge of the key RSA Archer 6.x platform components such as applications, security management, and communication tools through presentations and hands-on practice.
    • Registration Link: https://education.emc.com/index_guestLogin.htm?id=778968095 

 


Aug 14 (Tues):
 

  • RSA Archer Advanced Workflow & Navigation - $800
    • This one-day workshop includes instructions for navigating the new interface introduced in RSA Archer 6, an overview of main differences between versions 5.x and 6, and extensive hands-on practice using the new Advanced Workflow feature.
    • Registration Link: https://education.emc.com/index_guestLogin.htm?id=822522965
  • RSA Archer Platform Fundamentals for Business Users - $800

 


Aug 15 (Wed):

  • RSA Archer Advanced Workflow & Navigation - $800
    • This one-day workshop includes instructions for navigating the new interface introduced in RSA Archer 6, an overview of main differences between versions 5.x and 6, and extensive hands-on practice using the new Advanced Workflow feature.
    • Registration Link: https://education.emc.com/index_guestLogin.htm?id=822522965 
  • RSA Archer Platform Fundamentals for Business Users - $800

 

And if you just can’t get enough of our amazing RSA Archer instructors, during the conference itself, please be on the lookout for a lab room running multiple sessions of our popular “Choose Your Own Adventure” style lab.  There, you can get hands-on practice with any of the RSA Archer Use Cases of your choice!

 

We look forward to seeing you this year in Nashville! 

 

All the best to you and yours,

 

Megan Olvera

RSA Archer Education Services Practice Lead

In today’s connected world fueled by the digital transformation, the more digital the business, the more the differentiation between cyber risk and business risk disappears. As part of their fiduciary responsibility toward shareholders and customers, boards and executives are expected to incorporate cyber risk management as part of their business strategy. This adds considerable challenges to already overwhelmed IT risk and security teams in translating technical risks into business terms – namely financial impacts.  A key element to address these challenges is bridging the ‘gap of grief’ – translating IT and security risk into business terms. For IT and security teams to adequately communicate security threats to the business, the business must understand the risk in the context of the business.  Most often, cybersecurity is treated as a technical concern, and important business questions such as "are we doing enough?" and "are we spending too much or too little?" get unsatisfactory responses, if any.

 

I am pleased to announce RSA Archer's latest addition to our Suite of use cases - RSA Archer® Cyber Risk Quantification.  The RSA Archer Cyber Risk Quantification use case is designed to quantify an organization’s financial risk exposure to cybersecurity events. This new use case helps CISOs prioritize risk mitigation efforts based on business and financial impact and communicate the impact of cyber risk in financial terms to the board and senior management. Armed with this financial data, organizations can make more informed decisions regarding their risk and security investments or cyberinsurance coverage.

 

RSA Archer Cyber Risk Quantification utilizes a purpose-built platform that leverages the Factor Analysis of Information Risk (FAIR) methodology, a well known standard for quantitative risk assessment for IT and cybersecurity risk management. This new use case under the RSA Archer IT & Security Risk Management solution area provides a set of modular approaches to help organizations get started quickly, including mathematical simulations to build a risk profile with limited data. RSA Archer Cyber Risk Quantification utilizes a built-in risk calibration and analysis engine to “do the math” and a user interface and workflow to provide a user-friendly process for risk data collection and quantification.  On-demand risk analytics provide answers to questions on the fly, eliminating the need to create time-consuming and outdated reports.

 

RSA Archer Cyber Risk Quantification, delivered through a strategic partnership with RiskLens, enables businesses to quantify and communicate their cyber risk in the common business language of monetary terms. Armed with the understanding of cyber risk in financial terms, the business can calculate and demonstrate the value of cybersecurity initiatives.

 

Read the press release, visit the product page on RSA.com or contact your RSA sales representative for more information.

Are you doing cool and great things with RSA Archer but are too modest to tell anyone about it?  No need to keep it a secret any longer, come down to the RSA Archer Summit 2018, Aug. 15 -17 in Nashville and tell us all about it!

 

For the past fifteen years, the RSA Archer Summit has offered attendees a unique opportunity to learn from other RSA Archer customers and users new and innovative ways RSA Archer is being used in organizations to help achieve strategic business initiatives.  The RSA Archer Summit a great venue to share ideas, learn from peers, and develop friendships and business relationships that can help you and your organization excel.

 

This will be my fifth RSA Archer Summit, and in that time I have spoken to hundreds of customers, all doing amazing things with RSA Archer.  Many whom I have talked to would love to chance to talk about what they are doing with RSA Archer, but are not quite sure how to pull it together into a presentation or which track they should submit their submission to.

 

If this is you, don’t worry, submitting an idea for a topic, session or roundtable is easy to do!  And if you are not quite sure if your idea for a session is a good one, just ask us.  We can help you craft your idea into a great presentation or roundtable conversation that fellow Archer users will find helpful and informative.  You just have to ask…  We will help you make your session a success and walk you thru every step of the process.  It’s easy, you just need to take the first step.  Send us an email at RSAArcherSummit2018@rsa.com with your questions or ideas for a topic.  We would be happy to work with you on developing your ideas.

 

But don’t wait too long to send in your questions or session topics, submissions are due by March 30th, 2018

 

We have three main topic areas for this yeas RSA Archer Summit to make it easier for you to select the one that best fits your session.  Below is a brief overview of each topic area.  If you need more information on each topic area, make sure and read Steve Schlarman’s blog "Call for Speakers".

 

Topic Areas:

Business Risk Management

  • Sessions should focus on best practices in enterprise and operational risk management, IT risk management and security, operational risks, third party governance, compliance, business continuity risk or audit.  The audience for this track will be risk, security, compliance, audit and continuity professionals tasked with execution of these processes.

The RSA Archer Journey

  • Sessions should focus approaches, strategies and recommendations for the implementation of your business risk management program from an organizational perspective. The audience for this track will be individuals responsible for overall program execution, strategy, project managers, GRC champions or those tasked with getting a program up and running.

 RSA Archer Technical

  • Sessions should cover beginner to advanced uses of the platform, custom objects, data feeds, on demand applications, integrations, etc.   The audience for this track is RSA Archer administrators, developers, integrators or those tasked with operational support of the RSA Archer platform.

 

If you are contemplating submitting a session, know that this is a very rewarding experience.  And remember, we are here to help you, so send us your ideas, session and roundtable questions to RSAArcherSummit2018@rsa.com if you need some guidance.  Presenting at RSA Summit is not as hard as you think and can be a very rewarding experience.

 

The Submission process is simple:

  1. Download the form.
  2. Fill out the form completely.
  3. Send the form to RSAArcherSummit2018@rsa.com. Include “Speaker Submission” in the subject line.

 

If you have any questions or issues with the form, contact RSAArcherSummit2018@rsa.com.

 

MARK YOUR CALENDARS: The Call for Speakers ENDS MARCH 30, 2018.  

Selections will be communicated with speakers once the selection committee reviews all submissions.

Even if you aren’t looking to speak, don't forget to REGISTER.  Looking forward to seeing you in Nashville in August!

In the wintery cold of February, the summer heat of August seems like a distant dream. But planning for RSA Archer Summit 2018, Aug. 15-17 in Nashville, Tennessee, is already in full swing.

 

And we need YOU!

 

RSA Archer Summit 2018 Call for Speakers

 

The key to the success of the RSA Archer Summit has always been the active participation of our customers as presenters and panelists. Customer presenters offer a view into the work of GRC thought leaders -- people who are pushing the boundaries of what’s possible with RSA Archer and developing powerful use cases within their organizations and industries.

 

Are you ready to inspire others? Send us your speaker submission today!

 

Need a speaker submission form? Download it here.

 

Have questions? Please contact RSAArcherSummit2018@rsa.com.

 

Hurry! Don’t miss out. Plan ahead for summer and send us your speaker submission for RSA Archer Summit 2018 today. The March 30, 2018 submission deadline is just around the corner. And the RSA Archer Summit will be here before you know it!

The 2018 RSA Archer Summit, hosted in Nashville this year, is dedicated solely to RSA Archer customers - a unique opportunity to network and celebrate our vibrant community of professionals in the risk, compliance, GRC, security (and all of the other hats we wear) industry.  This year’s Call for Speakers for the 2018 RSA Archer Summit deadline has been extended to March 30, 2018.   For those of you already submitting for the original February 28, 2018 deadline, please send in your submissions now but there is now additional time for you to get your submissions in for consideration.

As a reminder, we have three main topics for speakers to consider:

Business Risk Management in Practice

Sessions should focus on best practices in enterprise and operational risk management, IT risk management and security, operational risks, third party governance, compliance, business continuity risk or audit.  The audience for this track will be risk, security, compliance, audit and continuity professionals tasked with execution of these processes. Content should include best practices, case studies or war stories. Examples include how to identify, assess and monitor risks, risk assessments, security operations, BC/DR planning and compliance processes and how RSA Archer is being used in your organization to support these practices. The presentation should include an explanation of the business problem, desired outcomes, required functionality, solution outcomes and metrics used to measure success.

 

The RSA Archer Journey

Sessions should focus approaches, strategies and recommendations for the implementation of your business risk management program from an organizational perspective. The audience for this track will be individuals responsible for overall program execution, strategy, project managers, GRC champions or those tasked with getting a program up and running. Content should include case studies and recommendations for assessing maturity, changing organizational culture, building long term strategies or removing organizational barriers or obstacles. Examples include how to achieve consensus, measure value of the program, reporting on return on investments, organization change management or strategic roadmaps.  The presentation should include an explanation of the approach taken (centralized, top-down, decentralized, federated, or some combination), the rationale, the phases of organizational achievement, and the major milestones in risk and compliance maturity.

 

RSA Archer Technical

Sessions should cover beginner to advanced uses of the platform, custom objects, data feeds, on demand applications, integrations, etc.   The audience for this track is RSA Archer administrators, developers, integrators or those tasked with operational support of the RSA Archer platform. The content must include demonstrations of a business problem that is addressed using the RSA Archer platform. Screen shots, recorded or interactive demonstrations are required. This should be a “How To” presentation to instruct the audience on optimal platform configuration.  Other technical presentations may cover topics such as the administration of the platform, backup/recovery, system architecture, etc.

 

In addition to submitting a presentation, you may also volunteer to participate in a Panel discussion. For those submissions, fill out the form and check “I am interested in participating in a panel discussion if this session is not selected.” If you are ONLY interested in participating in a panel and do not wish to submit a presentation, select that same option in the form and put the topics you are interested in speaking on in the Abstract of the submission form.

If you are contemplating submitting a session, know that this is a very rewarding experience. Presenting to your peers can be a bit unnerving but the satisfaction and return is worth it. To teach others is to learn about oneself. Thinking through your experiences, applying your new found knowledge and acknowledging your successes and lessons learned is as much of a benefit as imparting your wisdom to others.

The Submission process is simple:

  1. Download the form.
  2. Fill out the form completely.
  3. Send the form to RSAArcherSummit2018@rsa.com. Include “Speaker Submission” in the subject line.

 

If you have any questions or issues with the form, contact RSAArcherSummit2018@rsa.com.

MARK YOUR CALENDARS: The Call for Speakers ENDS MARCH 30, 2018.  

Selections will be communicated with speakers once the selection committee reviews all submissions.

Even if you aren’t looking to speak, don't forget to REGISTER.  Looking forward to seeing you in Nashville in August!

History and heroes? Sounds like tall talk, right? Nope, not at all. The time is now. And the place...is Nashville.

 

Fifteen years ago the "Archer Summit" was born out of a dream to build a...

 

Hmmm...wait a second...come to think of it I never heard what the original dream was! Many of us joined the RSA Archer fold long after that fateful gathering. However I do know what came from it -- an amazing product propelled to the top of its industry by the largest GRC family on the planet!

 

Ever since then we've been regaled with tales about the first ever "Summit" .. the ragtag band of entrepreneurial pioneers .. the oppressive AZ heat .. and most importantly, the famous bar tab rescue (when the party venue's credit card machine stopped working before we could pay for our event!)

 

So what's the secret behind the magic? What's the common link that makes it all possible?

 

The answer of course is YOU!!

 

Without YOU there is no summit. It's that simple. The famous "bar tab rescue? Yep, that heroic effort was in fact customer led; just like the presentations that year and every year since. The RSA Archer Summit has always been about maximizing customer engagement and working together. Always customer first and customer focused.

 

If you've attended an RSA Archer Summit or RSA Charge event before then I have a question for you. Remember that feeling of being in the audience when your own personal light bulb went off as the presenter described a solution to a similar challenge that your organization was also facing? Seeking answers to that challenge might have even been the very reason that brought you to the summit in the first place.

 

Remember how fired up and encouraged you were to learn the speaker wasn't a professional trainer, but was actually just like you? A fellow customer sharing their story, educating peers across industries, and energizing you in the process. The RSA Archer Summit is a reflection of our impressive RSA Archer Community following and both are truly unique in our industry. Customers coming together out of an innate desire to learn and help each other as part of something bigger. What a cool concept to embrace.

 

Well guess what! Now it's your turn to be a hero! The only thing required to rise to the challenge is to simply submit a presentation idea. While the first Archer Summit may have been small and cozy, it was still very impactful. Just look how far we've come since then! Today customers from around the world and all levels of GRC maturity gather each year in growing record numbers to exchange ideas, learn, and get inspired to own risk.

 

If you've never attended an RSA Archer Summit you might be wondering whether you could also be a presenter. The answer is YES OF COURSE!! Some of our best presentations have come from customers that were not only first-time attendees, but achievement award winners too!

 

MARK YOUR CALENDARS: The Call for Speakers ENDS FEBRUARY 28, 2018!

 

The window is closing fast. Don't miss your chance to be one of the next heroes in the RSA Archer Community. The instructions below will guide you on completing your submission. Steve Schlarman's blog post offers several great tips on trending topics and presentation ideas. Additional insights can also be found here and here courtesy of my fellow GRC Strategists at RSA Archer HQ.

 

The speaker submission process is simple:

  1. Download the form.
  2. Complete the form.
  3. Email the completed form to RSAArcherSummit2018@rsa.com. Include “Speaker Submission” in the subject line.

(Final selections will be communicated to speakers once the selection committee reviews all submissions.)

 

So that covers the "hero" portion of my post. But what about the "history" part? How does that fit in?

 

Again, the answer is simple. What better way to celebrate the 15th anniversary of the original summit then to mark the occasion with the return of the RSA Archer-only summit too! While the combined RSA Charge event will continue bi-annually, us GRC folks are a pretty tight-knit group. We couldn't go two whole years between gatherings! We'd miss each other too much! Needless to say all of us here were pretty excited when we heard the news at RSA Charge last year. And we're grateful to our executive leadership for their continued support and confidence in the power of the RSA Archer Community and brand. I did mention we're also a big GRC family after all, right?

 

So...by donating your time and energy, and sharing your unique insights, not only can you walk taller as a recognizable hero in the RSA Archer Community, you can also become an important part of our unique history to boot! Speaking of boots...don't forget we'll be in Nashville this year too! Lots of boots, good music, and in the grand tradition of RSA Archer Summits past, always a great time had by all. General registration is also open now on the RSA Archer Summit website.

 

See you there partner!

It’s that time again - the third release for the RSA Exchange is here!

 

We’re introducing a new App-Pack for document request tracking and a new Tool & Utility for user profile and contact synchronization, along with 12 new Integrations.

 

We’re very pleased that the RSA Exchange has been such a big hit, with more than 40,000 views to-date! Since we kicked off the RSA Exchange in August 2017, we’ve delivered five App-Packs, four Tools & Utilities, and 27 Integrations as offerings via the RSA Exchange.RSA Exchange Offering Types

 

In case you haven’t heard about or checked out the RSA Exchange yet, it helps you easily access and download best-practice App-Packs, Integrations, and Tools & Utilities. The RSA Exchange features offerings that leverage On-Demand Applications created by RSA and RSA SecurWorld partners, known as App-Packs, via the RSA Link online community. It also highlights RSA Ready certified Integrations that enable you to pass risk data between the RSA Archer Platform and third party software, as well as Tools & Utilities to help administrators manage the Platform.

 

Let’s get to the good stuff -- here are details for the RSA Exchange Release R3 offerings:

  • App-Pack: RSA Archer Documentation Request Tracking provides an automated governance process for capturing and approving requests for documentation. Internal teams can request official documentation or legal reviews for internal teams, customers or vendors. The app-pack captures requester contact information, request priority, and documents the impacted business units, process, applications, products, and services. Upon request approval, the documentation can be shared by the approver or subject matter expert.   Documentation Request Tracking also helps your organization measure and manage request expected delivery and SLA timeframes.

 

  • Tools & Utilities: RSA Archer User Profile and Contact Synchronization provides an automated method for connecting and synchronizing the User Profile system data with the Contacts application. This offering uses the RSA Archer RestAPI and a data feed to synchronize key attributes such as first and last name, user name, email address, phone number, language, and more. 

 

 

Interested in learning more about these latest offerings? Check out the details on the RSA Exchange and join us for these upcoming Free Friday Tech Huddles:

  • March 9 – RSA Archer Release R3 overview
  • March 23 – Symantec Control Compliance Suite (CCS) integration demonstration

Here we are again, looking forward to another GREAT RSA Archer Summit, this time in Nashville, Tennessee, August 15-17, 2018.  Registration is already open and we would love to have you sign-up to attend but what we would love even more is for you to make a presentation at the conference so other customers can learn from you and your experiences using Archer to improve risk and compliance management.  You see, this is what really makes the RSA Archer Summit successful every year, customers like you who are willing to share proven best practices and techniques using Archer.  Download the form now to make a presentation!

 

Don’t forget, this is taking place in Nashville, TN!  I had the pleasure of attending a family reunion in Nashville a couple of years ago.  It was a blast.  Besides me vouching for Nashville, here are a few tidbits to further pique your interest:

 

In Downtown Nashville in 1971, workers excavating the foundation of the First American Bank came across a cave system from the prehistoric era. This cave system had remains of a foreleg from Smilodon Fatalis along with a nine-inch fang.  This is why the Nashville Predators Ice Hockey team’s mascot is a Saber tooth tiger!

 

The Nashville Visitor website quoted Condé Nast Traveler as saying "There's enough going on [in Nashville] food-wise to warrant a trip solely for eating"   For example, the Pancake Pantry restaurant has a  menu listing more than 20 melt-in-your-mouth pancake selections. 

 

Lastly, the Nashville Chamber of Commerce states on their website: “With live music of every genre being performed any night of the week, more than 180 recording studios, and some 5,000 working musicians, Nashville is known the world over as Music City.” 

 

I’m here to tell you, between August 15-17, Nashville is going to be known the world over for something more than Music City.  It’s going to be known as the biggest and best Risk Management & GRC Summit in the world!

 

Be a part of the best Risk Management & GRC Summit by answering this call for speakers.  By presenting, you receive a complimentary pass to attend the Summit.  Sign-up today – for more info see the RSA Archer Summit 2018 - Call for Speakers is Now Open blog.

 

If you read Steve Schlarman’s blog from last week (RSA Archer Summit 2018 - Call For Speakers Now Open), you now know a few important facts.  First, RSA Archer Summit is August 15-17 in Nashville this year, and it’s dedicated entirely to Archer customers!  Second, the Summit revolves around our customers, and most of the sessions are presented by our customers, which makes the content fantastic.  And third, it’s time to get your session ideas submitted through our Call For Speakers process - that’s right, we want you to speak at Summit!  The process is simple:

  1. Download the form
  2. Fill out the form completely.
  3. Send the form to:RSAArcherSummit2018@rsa.com. Include “Speaker Submission” in the subject line.

 

When you submit a topic to speak at Summit you’re definitely not alone! We will work with you to make sure the presentation topics you submit will add value and then once selected, we work with you on your presentation to help you be successful.  Being a speaker at Archer is like presenting to your friends because Archer customers at all levels of maturity are looking for new connections with good ideas of how Archer can be used.  We want this to be an excellent experience for you, and in turn make the Summit an awesome event, so we work with you along the entire way.

 

What makes the RSA Archer Summit such a valuable experience are the relationships you build while you’re there.  Relationships with other Archer customers and users; with RSA employees that sell, support and develop Archer for the future; and with our partners, professional services, consultants and more.  When you present a session at the Summit you’re much more visible and definitely have the opportunity to connect with even more contacts there.

 

This Summit marks our 15th anniversary.  You’ll meet a few folks that have been to each Summit (or Charge), more that have attended a few events, and even more who are new to Summit.  Whether this marks your 15th or 1st Summit, we want to hear from you!  So, submit your presentation ideas via the instructions above and we look forward to seeing you at Summit!

 

MARK YOUR CALENDARS: The Call for Speakers ENDS FEBRUARY 28, 2018.  

What were you doing 15 years ago? I was working at PricewaterhouseCoopers straddling multiple engagements ranging from helping some companies prepare for SOX (Is it really that long ago?) to developing CISO strategies to working on a little product that was to lead to my current tenure at RSA Archer. 15 years in this industry is a long time. A very long time. In the security world, 15 years ago the L0pht and Cult of the Dead Cow had slowly faded into the distance but information security was taking wild, bold new steps. I still had ToneLoc installed on my laptop for war dialing but we certainly saw huge technology shifts coming our way. GRC was just in its infancy.  Wikipedia says the first scholarly research was in 2007 but some forward leaning companies were already thinking in broader terms of compliance and risk management.

According to legend, a small group of individuals gathered in a hotel conference room - an equal number of Archer Technology employees and customers - to talk about a product just starting its journey. The Archer Summit (as it was called then) was born.  Some of you might have been there or work for companies that were part of that important event. Fast forward a decade and a half, and from that humble beginning, this event is on the cusp of celebrating its 15th Anniversary this August.

Registration for the 15th Annual RSA Archer Summit is open and last week I announced the Call for Speakers. The 2018 RSA Archer Summit, hosted in Nashville this year, is dedicated solely to RSA Archer customers in honor of our big anniversary.  The Summit is a unique opportunity to network and celebrate our vibrant community of professionals in the risk, compliance, GRC, security (and all of the other hats we wear) industry.

This year’s event will continue in the tradition of our user conferences. As with years past, we will have several tracks dedicated to risk, compliance and RSA Archer technical practices along with plenty of social events to learn and share from your colleagues. We will be within walking distance of B.B. King’s Blues Club (a personal highlight for me), the Country Music Hall of Fame and the historic Second Avenue District of Nashville. As always, it will be a great experience to broaden your horizons, dig into what is working for other companies and share your own insights.

The Summit will provide invaluable face-to-face opportunities to discover best practices, hear about the latest product innovations, network with other customers, and meet one-on-one with RSA Archer experts and executives. RSA Archer Summit 2018 is your chance to let us know what product advances you’d like to see in future releases, connect with other leaders in your industry and gain firsthand knowledge that you can’t get at your desk.

In the coming months, we will continue to share more information as the Summit gels together. Keep tuned for updates and get ready to plan your week. Meanwhile, check out some videos from last year’s summit: Rohit Ghai’s keynote on “The RSA Advantage” David Walter’s keynote “The Future Vision of Risk Management”, my keynote on “What the Wild West Taught us about Risk Management” or check out the RSA Charge 2017 materials available on RSA Link.

As we announced last year at RSA Charge, the RSA Archer Summit this year is in Nashville. Registration is now available on the RSA Archer Summit website.

I am pleased to announce this year’s Call for Speakers for the 2018 RSA Archer Summit is open.  Each year we have a wide range of submissions to contemplate as we build the conference agenda. Given the GRC and Risk Management universe is so broad, this year we are simplifying the categories for our education tracks.

There are three topics for speakers to consider:

Business Risk Management in Practice

Sessions should focus on best practices in enterprise and operational risk management, IT risk management and security, operational risks, third party governance, compliance, business continuity risk or audit.  The audience for this track will be risk, security, compliance, audit and continuity professionals tasked with execution of these processes. Content should include best practices, case studies or war stories. Examples include how to identify, assess and monitor risks, risk assessments, security operations, BC/DR planning and compliance processes and how RSA Archer is being used in your organization to support these practices. The presentation should include an explanation of the business problem, desired outcomes, required functionality, solution outcomes and metrics used to measure success.

 

The RSA Archer Journey

Sessions should focus approaches, strategies and recommendations for the implementation of your business risk management program from an organizational perspective. The audience for this track will be individuals responsible for overall program execution, strategy, project managers, GRC champions or those tasked with getting a program up and running. Content should include case studies and recommendations for assessing maturity, changing organizational culture, building long term strategies or removing organizational barriers or obstacles. Examples include how to achieve consensus, measure value of the program, reporting on return on investments, organization change management or strategic roadmaps.  The presentation should include an explanation of the approach taken (centralized, top-down, decentralized, federated, or some combination), the rationale, the phases of organizational achievement, and the major milestones in risk and compliance maturity.

 

RSA Archer Technical

Sessions should cover beginner to advanced uses of the platform, custom objects, data feeds, on demand applications, integrations, etc.   The audience for this track is RSA Archer administrators, developers, integrators or those tasked with operational support of the RSA Archer platform. The content must include demonstrations of a business problem that is addressed using the RSA Archer platform. Screen shots, recorded or interactive demonstrations are required. This should be a “How To” presentation to instruct the audience on optimal platform configuration.  Other technical presentations may cover topics such as the administration of the platform, backup/recovery, system architecture, etc.

 

If you are contemplating submitting a session, know that this is a very rewarding experience. Presenting to your peers can be a bit unnerving but the satisfaction and return is worth it. To teach others is to learn about oneself. Thinking through your experiences, applying your new found knowledge and acknowledging your successes and lessons learned is as much of a benefit as imparting your wisdom to others.

I invite all of you to take a look across your implementation of RSA Archer and pull out those nuggets to share with your peers. The RSA Archer Summit is the perfect venue to help others navigate their own challenges and for you to pass on (and receive) knowledge and experience.

The process is simple:

  1. Download the form.
  2. Fill out the form completely.
  3. Send the form to RSAArcherSummit2018@rsa.com. Include “Speaker Submission” in the subject line.

MARK YOUR CALENDARS: The Call for Speakers ENDS FEBRUARY 28, 2018.  

Selections will be communicated with speakers once the selection committee reviews all submissions.

Upgrade from 5.x to 6.x With RSA Professional Services:

We can all agree that upgrading to 6.x before EOPS for 5.x kicks in on December 31 makes sense. Now it can also make sound fiscal sense too. Now, due to popular demand for the Professional Services upgrade offers, we have extended the date through February 4, 2018.

 

RSA Professional Services (PS) is offering two special discounts on upgrade services in order to help you make the most of the transition. Why go it alone?

 

Offer #1: 20% off the RSA readiness assessment and upgrade for up to three environments ($14,800 after discount)

 

Offer #2: 30% off a bundled purchase of RSA’s readiness assessment and upgrade for a single environment ($8,400 after discount)

 

Key Benefits of working with RSA PS include:

  • Ensures your environment is optimized for the latest RSA Archer upgrade
  • Work with professionals who have helped others successfully navigate the upgrade process and have insights into potential roadblocks*
  • Successful deployment of the RSA Archer software upgrade into production in a reduced timeframe by following RSA-recommended best practices    Note: May take up to 30 days for Professional Services to staff for committed work order

 

Read RSA Archer GRC Upgrade Services to learn more; Offer expires February 4, 2018. Contact your local Account Representative for more information about these fixed scope upgrade service offers as well as upgrade services that can be custom scoped for your specific implementation and business requirements.

 

 

Upgrading to 6.x Without Professional Services Support:

With EOPS on Dec. 31 for 5.x, the window of opportunity is closing. For those customers who wish to complete the 6.x upgrade journey without PS Support, there are several steps that are required to complete the task:

 

Step #1: Review the Release 6.1 and Release 6.2 subspaces on RSA Link

Step #2: Complete the Release 6.x pre-upgrade survey

Step #3: RSA Archer will review the survey information, generate, and deliver your new Release 6.x License Key, required for post-upgrade operations

Step #4: Download and install Release 6.x, execute your upgrade plan, and go live

Step #5: Notify RSA Archer that your upgrade is complete

 

Read RSA Upgrade Process to learn more. Contact your local Account Representative for more information about these fixed scope upgrade service offers as well as upgrade services that can be custom scoped for your specific implementation and business requirements.

 

 

Filter Blog

By date: By tag: