Skip navigation
All Places > Products > RSA Archer Suite > Blog > 2016 > August



You know that RSA Charge 2016 will be the largest gathering of Archer customers, partners, and risk and compliance experts from around the world, providing GRC professionals – from experts to novices – with the premier venue to share knowledge, gain hands-on experience, and learn best practices from other GRC professionals and subject matter experts.


Now, RSA University (formerly known as Education Services) is making RSA Charge 2016 even better, with their announcement of pre-Charge courses being offered at 20% OFF normal pricing. Seats fill up fast and are limited to 10 students maximum per class. Don't miss this opportunity - REGISTER today using the links below. 


RSA Archer Pre-Summit Admin Boot Camp (2-day class

This 2-day course provides an overview to the concepts, processes, and procedures necessary to successfully design and administer the RSA Archer Platform.  Students will gain knowledge of the key RSA Archer 6.x platform components such as applications, security management, and communication tools through presentations and hands-on practice.   This course is a compact version of the standard four-day RSA Archer Administration I course. Many of the same core components will be included.  

Target audience includes new Archer administrators who are responsible for building in and managing the RSA Archer 6.x Platform.


October 24-25, 2016  ($1600 per person, 10 students maximum)



RSA Archer GRC 6 Advanced Workflow & Navigation  (1 day class, offered twice) 

This 1-day workshop for experienced 5.x admins provides an overview of the RSA Archer GRC 6 interface and hands-on practice using the Advanced Workflow feature.  Target audience is existing RSA Archer administrators who are well-versed in RSA Archer versions 5.5 and earlier. 

Prerequisite Knowledge/Skills:  Students must be comfortable with the administrative features of the RSA Archer GRC Platform, including but not limited to: Data-Driven Events, calculated fields, and On-Demand Notification Templates. Experience building out business workflow using these features is essential.


October 24, 2016 ($800 per person, 10 students max on this day)

October 25, 2016 ($800 per person, 10 different students max on this day)



RSA Archer GRC 6 Platform Fundamentals for Business Users  (1 day class, offered twice)

This one-day workshop includes a thorough overview of RSA Archer Platform features, including but not limited to: Application and questionnaire creation and management, essential access control concepts, email notification options, reporting and dashboard options, integration possibilities, and more.

Target audience includes RSA Archer business users with a need to understand what is possible with the platform. Ideal audience includes those who may need to create business requirements but will not actually administer the platform.


October 24, 2016 ($800 per person, 10 students max on this day)

October 25, 2016 ($800 per person, 10 different students max on this day)



Also being offered:

RSA Hunting Workshop for Analysts – Security Analytics/ECAT  (2-day class)

This 2-day workshop presents the opportunity to spend class time working in a hands-on virtual environment, with minimal lecture and materials. Students will be provided with a complex use cases to work through, involving a network-based attack resulting in end-point malware infection. 

Target audience includes Security Analysts interested in using RSA NetWitness Logs and Packets and RSA NetWitness Endpoint to locate anomalies on the network and endpoint devices, to diagnose and track malware infections, and to reconstruct a cyber-attack in a realistic virtual enterprise setting.

October 24-25, 2016  ($1600 per person, 10 students maximum)


The Agenda for the October 13 RSA EMEA Archer GRC Summit in Amsterdam has been announced. 


This is the fourth year for the RSA EMEA Archer GRC Summit and promises to be one of the best with the largest gathering of customers, partners plus risk and compliance experts from across Europe, the Middle East, and Africa.


Join us for this 'complimentary' must attend event to share in driving GRC innovation through education and collaboration with the industry's best minds at the RSA EMEA Archer GRC Summit.

Location: The Grand Sofitel, Oudezijds Voorburgwal 197, 1012 EX Amsterdam Netherlands.





Sir Francis Bacon is attributed with the quote, “Knowledge is Power”.  There have been many variations on this phrase but I want to add one more twist.


I presented at a conference this week where the session was dedicated to discussing the risks and remedies of ransomware, which are the practices and technologies used by bad guys to gain access to systems and hold information hostage until a ransom is paid.  Sometimes the information they get ahold of is not so important, but other times they hit the jackpot and gain access to the “crown jewels” of a company – customer information, trade secrets or pending business strategies and plans. Company and institutional knowledge/information your company has worked hard to accumulate, formulate, organize and use is the lifeblood of your business.   In some organizations, this information is the most vital asset they possess.


The venue for my presentation was the Washington D.C. Spy Museum.  As I toured the museum afterward, I learned a few things about the history of “spying”.  I learned that people who spy do it for many reasons, but the single most important goal is the attainment of – you guessed it, information.  Information gives them power.  Back to the “knowledge is power” concept – when the bad guys have access to your information, they don’t necessarily have knowledge but they have power.  However, safe and secure in your hands, this information equates to knowledge, and how this knowledge translates into power is in your ability to use it to compete and win in the marketplace.  


My speaking topic at the conference was business resiliency.  A key underlying tenet is having an understanding of what is most important to your organization - and this starts at the top.  For example, (the most critical) products/services provided to customers; the business processes that produce them; supporting IT systems; and the information assets produced or used in that product/service.   Determining what is critical starts at the highest levels and can be determined through business impact analyses (BIA).


Let me share an example and a caution.  Not all information is created equal (or equally important).  For example, Coca Cola’s recipe for Coke is, safe to say, very critical to them, whereas a lower tier vendor’s contract details probably isn’t as critical. Now, these examples are obvious and most companies intuitively know what their most importation information assets are, and maybe have an inkling of what is on the lower end of the scale.  But, what about what is in between?  Herein lies the rub - of the hundreds of information assets organizations produce and use, do they know which of those are critical?  Which of these information assets are undervalued and therefore under-protected?  Which require special compliance considerations?  This all presents exposure and risk. 


There are many implications on information assets across the spectrum of governance, risk and compliance (GRC) activities.  For example, which risks or threats could impact your information; what compliance requirements such as privacy considerations require that you take certain protective steps and implement controls, and could result in penalties if not done; or which vendors have access to your (critical) information and what are they doing with it, and are they protecting it.  Given the far-reaching implications to your organization across many use cases, these GRC activities related to information assets should be coordinated at some level. This blog highlights just a few examples of the exposures our organizations face due to not properly evaluating criticality of and exposures to our information assets. 


I took this picture at the Spy Museum of a Trojan horse exhibit, which depicts the infamous method Greek soldiers used to infiltrate the City of Troy and win the Trojan War.  In today’s world, the goal is access to information.  Now, a Trojan malicious computer program is used to gain unauthorized access to a computer and access personal or proprietary information.  Information assets are the lifeblood of our organizations and we must remember that their proper use, management and protection enables our power to compete and thrive.



Planning to join us for RSA Charge, but missed the early bird discount period? Well, you’re in luck! Register online with code 8C6THRWBCKAUG, between August 25 – 31, to take advantage of a special discount promotion: 


The conference registration package includes access to keynotes, Archer super sessions, breakouts, birds-of-a-feather sessions, hands-on labs, and the Innovation Zone. It also includes your access to evening events, as well as a continental breakfast and lunch on Wednesday and Thursday.


Remember, you only have until Aug. 31 to take advantage of the 'Throwback Thursday' rate of $595.  Don't delay ...


We hope we see you in New Orleans Oct. 25-27, 2016! 

I was travelling to a user meeting last week and going through Logan airport in Boston, I saw very long lines at some Delta counters. This was on Wednesday, 3 full days after the IT system outage that grounded almost 500 flights on Sunday morning and they were still feeling the damages from that outage. Earlier this year, Southwest had to cancel 2300 flights after one router in one of its data centers failed, that’s thousands of grounded passengers for one incident. That’s a lot of angry customers, a lot of bad publicity and a huge operations burden to get back to normal.


I thought this was a good reminder to never consider risk in a vacuum, especially risk for your IT assets. A recurring conversation I have with customers is the separation of IT Risk, Security and Vulnerabilities Management from Enterprise GRC. You can argue that the processes are different, the technologies are different and the people using them are different, and you’d be right. An Operational Risk Manager and an IT Security Analyst do not do the same job, but, they pursue the same goal.


IT resources in an organization are there to support a business process and deliver a business outcome. A risk to an IT asset, say a router from an airline data center, is a risk that could derail the entire operations of the whole company for a whole day. I’d say that qualifies as a major risk. And yet, the only way you can assess the router’s risk correctly is by going beyond the IT resource itself and assessing the business process it supports, the criticality of the asset to the process and the criticality of the process to the operations. The router in itself is not critical; it’s a fairly simple IT asset, easy to replace, containing decent monitoring. It’s only critical because its failure would ground thousands of planes.


When considering recovery plans and controls you need to have plans and controls for the asset AND the affected processes. Otherwise it would be like slipping on a patch of ice and breaking your leg, then only working on removing the ice. You should probably get your leg fixed at some point. Context matters and downstream dependencies matter. How can you have a board level discussion when considering only the IT side? It won’t mean anything to the board that routers have a medium-high risk of failing. On the other hand, if you tell them that a router failure could result in 2300 grounded planes, it might be easier to get their attention.

Hello everybody! The bad news is there's more Summer behind us than ahead of us. I hope yours has been as enjoyable as mine has been. And here in the midwest at least it's pretty hot still. So plenty of warm weather left before it turns cold. The good news is we're less than 80 days away from RSA Charge 2016! The other good news is we have another major content resource available for your library, PCI DSS v3.2!


Just like the previous v3.1 content, we've worked very hard to ensure this latest version is as robust and tightknit as possible. Alone it's a fully functional content set to drive PCI compliance activities. Add our specialized PCI solution functionality to the mix and together the two provide a powerful resource to efficiently manage PCI compliance programs of any size. A separate update will follow for the PCI solution itself, so stay tuned for that.


As far as the content goes, this latest version includes additions to the following core libraries:

  • Authoritative Sources
  • Control Procedures
  • Question Library


Everything is cross-mapped and the Authoritative Source also has 700+ mappings to Archer Control Standards.


The content updates themselves can be obtained from Customer Support. As always, we're here to answer any questions you have. And please don't forget to register for RSA Charge 2016! You don't want to miss out!




Filter Blog

By date: By tag: