RSA senior director of eGRC strategy and solutions, David Walter, caught up with ARN to talk about the synergy between RSA and Archer, as well as the road ahead.
Patrick Budmar (PB): How did you end up at RSA?
RSA senior director of eGRC strategy and solutions, David Walter (DW): I have a finance background and worked in public accounting before I became a client of Archer eight years ago while I was at the Washington Post newspaper. After that, I joined the Archer team seven years ago and did a few things along the way, and I became responsible for its product and led it from specialising in information security and policy management into broader enterprise risk and compliance. Overall, I’ve been seven years with the organisation and two years with RSA.
PB: It has been two years since Archer was acquired by RSA. How has the deal worked out for both companies?
DW: The first thing that came out of the acquisition was reach in terms of the sales organisation, channel support, professional services and customer support that we were unable to do on our own. At the time of the acquisition, we had no employees based outside the U.S., and the only client we had outside the U.S. were multinationals that had some presence overseas. For example, in Australia our only customer was NAB before the acquisition. Since then, we’ve tripled our revenue. A lot of that had to do with the fact that we have been able to train and get a much larger sales force educated, as well as a support team helping us to spread the technology. Another thing that we got and really appreciated was more rigour around product development, which in turn led to better support and management of quality engineering.
PB: How was 2011 for RSA?
DW: IT transformation in terms of Cloud and big data was big last year, and you’re going to keep hearing about it this year. From a Cloud perspective, what you hear about and has been well validated is that a large stumbling block with Cloud adoption is security and compliance, and Archer has a solution that we have put together with VMware. It help us measure the VMware configuration against baselines to help prove and show visibility to the compliance of your virtualised environment in relation to the appropriate regulation that you must comply with. Clients that leverage that get over the stumbling blocks and start getting on the journey to the hybrid and public Cloud. Archer has been at the forefront of getting over that stumbling block and breaking those barriers down.
PB: What does RSA have in store for 2012?
DW: We have organised ourselves at RSA around what we call security management compliance to really help combat advanced threats. From our perspective, I think we’ve seen too much focus in the industry being spent on preventative controls such as antivirus and firewalls. The more educated CSOs and CIOs are coming to terms with that they have been compromised, and you can no longer assume those controls are going to work flawlessly. The game changes if you have that mindset and it needs to become about monitoring detection and response, so if you are compromised you know that they’re there. A lot of this comes from learnings we had ourselves from our breach in March 2011, and the positive for us is that it put a laser focus in developing solutions to that problem.