RSA's CSO Tells Why He Took the Job
APT Breach Seen as Challenge, Not Obstacle"Despite of everything - somebody saying, 'Are you nuts or something' - coming into RSA at this time, I couldn't think of a more exciting job," Schwartz says in an interview with Information Security Media Group. "Here's an organization that was in the eye of the storm, so to speak, dealing with a very sophisticated adversary and here's an opportunity for me to come in and make a difference. In this industry, you don't get this chance a lot of times in these types of positions so I was very excited to come in and do this."
In one of his first interviews since being named RSA CSO, Schwartz:
- Explains why staff morale is high despite the breach.
- Provides advice to other CSOs and CISOs on how to take lessons from the RSA breach and apply them to defend against similar intrusions.
- Discusses his relationship with RSA customers.
In the first part of the interview, Schwartz discusses how RSA is focusing internal security on efforts to reduce the time an intruder can go undetected (see RSA's Post-Breach Security).
Since January 2007, Schwartz had served as CSO at NetWitness, an EMC-owned network security provider of real-time network forensics and automated threat analysis. Before joining NetWitness, Schwartz served as chief technology officer of ManTech Security Technologies, senior vice president of operations of Guardant and executive vice president of operations for Predictive Systems. He also worked as chief information security officer at Nationwide Insurance, as a senior computer scientist for CSC and a foreign service officer with the State Department.