Art Coviello, President RSA – Open Letter to Customers

On March 17, 2011, RSA publicly disclosed that it had detected a very sophisticated cyber attack on its systems, and that certain information related to the RSA SecurID® product had been extracted.

June 6, 2011

To Our Customers:

On March 17, 2011, RSA publicly disclosed that it had detected a very sophisticated cyber attack on its systems, and that certain information related to the RSA SecurID® product had been extracted.

We immediately published best practices and our prioritized remediation steps, and proactively reached ou to thousands of customers to help them implement those steps. We remain convinced that customers who implement these steps can be confident in their continued security, and customers in all industries have given us positive feedback on our remediation steps.

Certain characteristics of the attack on RSA indicated that the perpetrator's most likely motive was to obtain an element of security information that could be used to target defense secrets and related IP, rather than financial gain, PII, or public embarrassment. For this reason, we worked with government agencies and companies in the defense sector to replace their tokens on an accelerated timetable as an additional precautionary measure. We will continue these efforts.

Over the past several weeks, an unprecedented wave of cyber attacks against varied and high-profile targets such as Epsilon, Sony, Google, PBS, and Nintendo have commanded widespread public attention These attacks are totally unrelated to the breach at RSA, but point to a changing threat landscape and have heightened public awareness and customer concern.

Against this backdrop of increasingly frequent attacks, on Thursday, June 2, 2011, we were able to confirm that information taken from RSA in March had been used as an element of an attempted broader attack on Lockheed Martin, a major U.S. government defense contractor. Lockheed Martin has stated that this attack was thwarted.

It is important for customers to understand that the attack on Lockheed Martin does not reflect a new threat or vulnerability in RSA SecurID technology. Indeed, the fact that the only confirmed use to date o the extracted RSA product information involved a major U.S. defense contractor only reinforces our view on the motive of this attacker.

We remain highly confident in the RSA SecurID product as the leading multi-factor authentication solution and we also feel strongly that the specific remediations we have provided to customers will help to deliver the highest levels of customer protection. However, we recognize that the increasing frequency and sophistication of cyber attacks generally, and the recent announcements by Lockheed Martin, may reduce some customers' overall risk tolerance.

As a result, we are expanding our security remediation program to reinforce customers' trust in RSA SecurID tokens and in their overall security posture. This program will continue to include the best practices we first detailed to customers in March, and will further expand two offers we feel will help assure our customers' confidence:

An offer to replace SecurID tokens for customers with concentrated user bases typically focused on protecting intellectual property and corporate networks.

An offer to implement risk-based authentication strategies for consumer-focused customers with a large, dispersed user base, typically focused on protecting web-based financial transactions.

We will continue to work with all customers to assess their unique risk profiles and user populations an help them understand which options may be most effective and least disruptive to their business and their users.

RSA's technologies, including RSA SecurID authentication, help protect much of the world's most critical information and infrastructure. The threats to digital information continue to escalate.

As the leader in authentication solutions, our goal is to ensure that this growing threat environment does not impede the tremendous potential and opportunity of a trusted digital world. We believe that SecurID is the most powerful multi-factor authentication solution in the industry.

We will continue to invest heavily in both our SecurID and our risk-based authentication technologies. We will provide additional factors for strong authentication. We will integrate these solutions with our cybercrime intelligence to better identify suspicious behavior targeted at networks, transactions and user sessions. We will ensure that these technologies provide trusted access to virtual and cloud computing resources, leveraging our Cloud Trust Authority. And we will help customers more effectively create the kinds of layered defense capabilities essential to combat today's advanced threats by drawin on our broad portfolio of data loss prevention, security event management, deep packet inspection technologies, and our extensive services expertise.

Our customers remain our first priority.

Art Coviello
Executive Chairman

For more information on all remediation actions, customers should contact their local sales representative or call the following numbers:

U.S.: 1-800-782-4362, Option #5 for RSA, Option #1 for the RSA SecurID Remediation Program Canada:

1-800-543-4782, Option #5 for RSA, Option #1 for the RSA SecurID Remediation Program

International: +1-508-497-7901, Option #5 for RSA, Option #1 for RSA SecurID Remediation Program