Underinvestment blamed for IT security RSA disaster

So says Philip Lieberman, president and CEO of Lieberman Software, noting that RSA is now replacing all of the 40 million SecurID two-factor authentication hardware tokens in existence. "This incident shows there is a very strong business case for sustained and planned investment in security," says Lieberman. "By my estimates, this breach is going to cost RSA a minimum of $400 million to replace 40 million tokens. This is not just bad news for RSA Security – it paints the rest of the IT security industry in a bad light." Lieberman lays the blame at the door of senior management of EMC "for treating the SecurID division as a cash cow that received little to no investment after RSA was acquired by EMC". He insists that a swift review of SecurID products show that they have "languished in innovation and development investment" since the takeover. "EMC is guilty of milking the RSA cow dry, neglecting it, getting it sick, and then selling the tainted beef. The tragedy is that, had they provided just a little bit of food and care to the cow, they could still be receiving milk and have a healthy cow today."