AT-A-GLANCE

Challenges

– As the IT service provider to the Danish government, KMDhandles personal data about almost all Danish citizens. It isimperative that it protects this information.

– A growth in rate, volume and complexity of cyber attackshas increased in recent years, KMD needed a more in-depthapproach to monitoring and combating threats.

Results

– A combination of RSA NetWitness® Logs andPackets, NetWitness Endpoint and SecurityOperations Management enable the KMD team toidentify and address potential breaches rapidly.

– RSA Archer collates all alerts and feeds to provideclear visibility of the organization’s security posture.

Boosting Attack Defences and Cutting Response Times with RSA

“With RSA… we don't have any missing pieces anymore. We can detect advanced malware and security

incidents on the perimeter, and use RSA Archer to register and handle them all. It's the backbone of our security analytics center.”

RASMUS THEEDE, CORPORATE VP GROUP SECURITY, KMD

C U S T O M E R Q & A

ABOUT RSA RSA’s Intelligence Driven Security solutions help organizations reduce the risks of operating in a digital world. Through visibility, analysis, and action, RSA solutions give customers the ability to detect, investigate and respond to advanced threats; confirm and manage identities; and ultimately, prevent IP theft, fraud and cybercrime. For more information on RSA, please visit www.RSA.com.

CONTACT US To learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller — or visit us at www.RSA.com

www.rsa.com ©2016 EMC Corporation. All rights reserved. EMC, RSA, the RSA logo, RSA NetWitness Logs and Packets, RSA NetWitness Endpoint and RSA Archer are the property of EMC Corporation in the United States and/or other countries. All other trademarks referenced are the property of their respective owners. KMD

For more than 40 years, KMD has played a key role in digitizing the Danish welfare state, helping make Denmark’s public sector one of the best run, most efficient and highly digitized in the world. It has developed and currently operates more than 400 IT systems that support the Danish welfare state. Each year its systems handle billions of kroner, equivalent to more than 25 percent of Denmark’s GDP. Key social security benefits such as family allowance, maternity/paternity pay, sickness benefit and state pensions are paid through systems developed by KMD.

With main sites in Copenhagen, Aarhus, Odense, and Aalborg, KMD has around 3,000 employees and generated revenue of DKK 4.7 billion in 2013.

Please tell us about yourself and your organization My name is Rasmus Theede, I am corporate vice president of group security in KMD. KMD is the biggest IT company in Denmark, and we deliver critical IT services to most of Denmark. We work primarily with the public services sector, but we are also moving into the private sector at the moment.

How mission-critical is security for your business? Security is key for KMD and our strategy. We have pretty much all Danish citizens’ personal data in our systems, so we cannot tolerate any kind of data breaches. We have seen a lot of other companies in Denmark and Europe suffer serious attacks, and our board of directors is very keen that we maintain the best in security in Denmark.

How are you organized to achieve your security goals? Is intelligence important? Over the last few years we have strengthened our identity and access management department, and our information security department. I report directly to the CEO and we have a lot of people in the operations and software development teams that help us achieve the highest level of security.

Intelligence is key for us, and we work together with a lot of different parties to achieve it – not just RSA but also the Danish defence ministry. We have seen other companies and some of our customers collect a lot of information but they don't really have the intelligence behind it to actually look at what’s going on. We’re using the intelligence we get from our partners to spot signs of intrusion.

What challenge drove you to work with RSA? In Denmark, as in most other places around the world, security has typically been very much about processes and standard security technologies like firewalls and anti-virus software. What we have seen over the last five or six years is that attacks have been much more severe, and much more advanced, so we need to alter the way we are thinking and look into specific details about advanced attacks.

Why did you choose to work with RSA? I have a very good relationship with RSA from my previous jobs, but we also took into consideration the view of the industry in general, and of analyst houses like Gartner. RSA has been recognized for its strength in security for many years, and it’s a trusted partner of ours. On top of that, we have a similar strategic approach, so we actually chose to go to market together. What we’re actually using within KMD is what we’re selling to our customers.

Why did you choose RSA NetWitness Logs and Packets, NetWitness Endpoint and Security Operations Management? We chose them because the three solutions work well together, so we can look at what's going on both on our perimeter and on the client. A lot of the malware we see today is very hard to detect so we look at different clients, and NetWitness Endpoint is great at enabling us to detect this unknown malware and the people trying to hide in our network.

You are also deploying RSA’s Advanced Security Cyber Defence Services, what do you expect there? Well we need to work together with large partners that see attacks from all over the world, so if we see similar attack types in KMD that RSA sees somewhere else, we need to be able to react very quickly. It’s about having intelligence quickly so we can react in minutes or hours instead of days. Some of the attacks we have seen in Denmark have gone undiscovered for maybe a couple of hundred days, and we simply cannot live with that. Our goal is to be able to detect attacks within ten minutes.

What business value have you realized from working with RSA? Bringing RSA together with some of our other security vendors means we actually have what we call a defence-in-depth environment. We don't have any missing pieces anymore. We can detect advanced malware and security incidents on the perimeter, and use RSA Archer to register and handle them all. It's the backbone of our security analytics center.

To view the full video interview, go to http://www.emc.com/link