With the evolving nature of the cyber landscape and the ever growing importance of how security decisions affect the business, security leaders must keep one eye on the business and one on security operations. This balancing act is keeping security leaders on their toes. To help with this challenge, Dell SecureWorks has written a collection of white papers for security leaders that focuses on the latest cyber-criminal trends, the transformation of security leadership roles, and the ideal framework for communication across organizations.
If you compared a current survey of “top concerns of cloud adoption” with one conducted five years ago, you would see the No. 1 issue being security, followed by data privacy or protection. What is different now is the concern for securing applications and data in the cloud is driven more by practical security concerns rather than conceptual ones. This white paper provides clear recommendations for securing applications and data in the cloud and focuses on security in third-party cloud Infrastructure-as-a-Service (IaaS) environments, the different stages of organizations’ deployments, and how security is shared between the Cloud Service Provider (CSP) and customer.
Ponemon Institute presents the 2015 Global Study on IT Security Spending & Investment report focused on understanding how companies are investing in technologies, qualified personnel and governance practices to strengthen their security posture. The study, sponsored by Dell SecureWorks reveals challenges with today’s approach to security spending and investments and highlights key findings in overall expenditures, the budgeting process, where spending takes place and the misalignment between budgets and areas of greatest risk.
Recent survey results tell us that 60% of security personnel believe the severity and 49% believe the prevalence of advanced and evasive threats is on the rise, leaving most enterprises with one or more operational blind spots that lead to longer threat actor “dwell times.” With 65% of respondents saying attacks have evaded preventative security controls, the techniques used by threat actors to penetrate traditional cybersecurity defenses continues to get more sophisticated. In this paper we will explore how to eliminate blind spots by combining advanced network and endpoint detection technology with the right people, process and intelligence for greater organizational visibility to detect, investigate and eradicate the advanced and evasive threat.
At a time when businesses are digitally interconnected more than ever, the nature of enterprise risk and uncertainty is fundamentally changing. Cyber criminals are targeting not only entire organizations but also every individual that works for, or conducts business with it. New corporate initiatives enabled by IT improve efficiency, but they trigger a wide range of vulnerabilities that can expose your company’s most valuable assets, from trade secrets to customer accounts. Learn what motivates cyber criminals, what they want from your business and some leading practices for resilience against them.
Recent security events in the healthcare industry have created a heightened awareness of the threat(s) to the electronic Protected Health Information (ePHI), for which they are responsible to maintain the confidentiality, integrity and availability. The effort to protect this information can no longer be sufficiently addressed through the pursuit of compliance to the HIPAA Regulation alone. The healthcare industry must center their vision on security and the security controls and policies necessary to provide the “Optimum Security”, based on that organization’s operating environment, necessary to defend against the increasing number of threat actors, threats, and attack surfaces against which an attack might be launched. This 5 page topic brief describes how Dell SecureWorks brings its core assets of each service area to bear when assisting a Healthcare client in the design, implementation, and continuous oversight of a Strategic Information Security Program aimed at “Optimum Security” for that client’s unique operational environment.
Securing an enterprise can be complex and overwhelming. With the cyber landscape constantly evolving it is important to have a strategic security partner and security plan in place to protect your network. As CISO’s roles have shifted from a technical minded to a more strategic business focused position, security has become a business enabler. With so many moving parts, where should an organization begin to focus as it relates to security? This white paper will outline five Pragmatic steps an enterprise should take to enhance their security in 2015.
Highly targeted attacks that use specially modified malware are challenging businesses of all sizes. Wielded by threat actors intent on stealing trade secrets, intellectual property and other high-value data, these attacks evade detection by traditional security controls and even some sandboxing technologies built to dynamically analyze malware. Combatting these attacks consumes significant amounts of remediation time and security budgets. Security teams need to rethink their people-process-technology mixes and strengthen them to defeat these new threats, which are on the upswing. A new approach – an innovative combination of threat intelligence and next-generation sandboxing – can help businesses enhance their security postures to outsmart and outmaneuver attackers.
Dell SecureWorks’ Counter Threat Unit (CTU) Director of Malware Research Joe Stewart and SecureWorks Network Security Analyst David Shear, who researched the Underground Hacker Markets last year, revisited the hacker underground to see if prices for stolen credit cards, fullz (a dossier of an individual’s credentials which can be used to commit identity theft and fraud), bank accounts and hacker services had gone up or down in price.
Across the US, Europe and Asia, adherence to Payment Card Industry Data Security Standard (PCI DSS) compliance requirements continues to grow. However, challenges remain for many organizations in meeting and maintaining their compliance obligations under PCI DSS. Many organizations are not prepared for their next round of assessments, despite having successfully met PCI DSS requirements in the past. A number of factors get in the way for many organizations. Added to this is a lack of education on the new compliance requirements mandated in PCI 3.0. This document includes practical guidance and recommendations for ensuring ongoing compliance with PCI DSS.
The move to 100% electronic medical records, the emergence of Healthcare.gov and the increase of electronic protected health information exchanged online has created an increased number of attack surfaces, vulnerable to exploitation possibilities. The final passing of HIPAA Omnibus places greater emphasis on protecting the confidentiality, integrity, and availability from potential risks to compromise. It has created a paradigm shift from a compliance focus to a security focus managed through a Strategic Information Security Program. This paper discusses the approach taken by Dell SecureWorks in assisting a client in their efforts to design and implement a Strategic Information Security Program unique to their security and compliance requirements.
This white paper defines advanced threats, reviews the types of techniques advanced threat actors use as they relate to the kill chain, recommends specific steps for an effective defense strategy and defines how Dell SecureWorks services can help organizations detect, defend and eradicate advanced threats.
Distributed denial-of-service (DDoS) attacks are prevalent and growing, especially in the financial services industry. According to a Ponemon Institute survey, 64% of banking IT professionals reported a DDoS attack in 2012, and 43% expected attacks to increase in 2013.
How Much Should Your Organization Spend on Cyber Security? Your organization’s finances depend upon your network to run securely. But how do you know the right amount to invest in cyber security to protect your assets?
Information security best practices are all about mitigating risks. There is no 100 percent fail-safe security program, device or system. It takes an orchestrated effort between managed security services, threat intelligence and incident response to provide the strongest defense. This paper presents the advantages of a single-outsourced solution for managed security services and incident response. A qualified MSSP with experienced incident responders on staff can significantly reduce the time it takes to control a breach. Using security operations data gathered from monitoring and managing the network, responders have a head start on a swift response.
European data protection law permits an organization to use a Managed Security Service Provider ('MSSP') such as Dell SecureWorks. Actually, not only does the law permit the use of a MSSP, but in many respects it also supports it, in the sense that good quality managed security services provide an enhanced level of security measures, expertise and awareness and enable organizations to make efficient use of their resources, thereby enabling them to achieve better data security and meet the requirements of the law. This White Paper has been prepared by Dell SecureWorks in collaboration with legal firm Field Fisher Waterhouse LLP. It explains the legal position and considers the characteristics of a good quality MSSP for data protection law purposes. In doing so, it debunks certain common myths about European data protection law, such as that it prohibits the use of third parties in data processing operations or the transfer of data to other European Union (EU) countries or outside the European Economic Area (EEA).
“It is not a question of if --- but when --- your organization will experience a serious security breach,” according to Forrester Research analysts in their “Planning for Failure” Report (Nov. 2011). What are you doing to prepare? This white paper recommends ways to improve your organization’s incident response capabilities and to be well prepared for a breach. We identify three of the most critical decisions security leaders must make upon detecting a security breach, and provide advice for how to address each one.
Having a strong Computer Incident Response Plan (CIRP) in place before a security breach occurs can minimize the duration, disruption and cost of a breach. This white paper by TechTarget, provides relevant guidance on how to justify a CIRP and reports that having an effective response capability can save an average of $1.2 million per data breach. The paper dives deeper into an overview of a CIRP, how a plan can reduce costs, why incident response is so challenging and offers six best practice recommendations to follow when creating a CIRP.
What are the Payment Card Industry Data Security Standard (PCI DSS), and why are they important? Who must comply with them? This whitepaper offers a high-level overview of the standards, validation requirements, and enforcement trends. It also discusses why PCI compliance matters and how your organization can benefit from a robust security and compliance program.
Mobile device usage has increased significantly in many industries, including higher education. While there are many benefits to widespread mobile device adoption, there are also potential risks that IT departments must carefully manage to avoid security breaches of personally identifiable information (PII), and the negative media coverage that accompanies a reported breach. This whitepaper addresses ten of the most common mobile device threats facing higher education and makes recommendations on how to combat them.
Despite ongoing efforts to strengthen their security posture, healthcare companies are still largely deficient in managing security. A key contributor to this trend has been a lack of effective policies and controls to detect and respond to Advanced Persistent Threats (APTs.) This whitepaper describes the APT threat to healthcare organizations and offers strategies for forming defensive strategies to address the risks.
Higher education institutions are facing numerous data security challenges in the form of tight budgets, the need for unrestricted connections, online learning resources, mobile devices, and through increased regulations. One of the most insidious types of attacks today is Advanced Persistent Threats (APTs.) This whitepaper describes the APT threat to higher education and offers strategies for forming defensive strategies to addess the risks.
This update from the Dell SecureWorks Counter Threat Unit research team provides important news, insights and predictions on the threat landscape and related IT security issues, including reports on customer trends, attack campaigns, advanced persistent threat developments, vulnerabilities, mobile security, industrial control systems and a special report on financial sector activity, covering Jan-March 2012. This is the latest in a series of quarterly threat intelligence reports provided by the CTU team.
Advanced Persistent Threats (APT) are a serious concern in the today’s threat landscape. They represent a threat to an organization’s intellectual property, financial assets and reputation. The defensive tools, procedures and other controls commonly put in place to handle commodity security threats are often ineffective against targeted APT-style attacks.
Are you waving the white flag? Has your SIEM failed to meet expectations despite your significant investment? If you are questioning whether your existing SIEM can get the job done, you are not alone. Given the rapid evolution of SIEM/Log Management offerings – and the evolution of requirements with new application models and cloud – you should be wondering whether a better, easier, less expensive solution can meet your needs. This white paper from security analyst firm Securosis takes a candid look at the reasons to consider a new security management platform and best practices for doing so.
The retail landscape is changing faster and more dramatically than ever before. At the same time, retailers face an ever-growing threat of losses through attacks against point-of-sale systems, mobile devices and computers by criminals trying to steal payment card data and customer information. This paper outlines the problems retailers face and why it is a target, and provides practical recommendations on what they can do to address these challenges.
Maintaining adequate data security is challenging for investment firms and banks, which must grapple with a widening array of security and regulatory issues. With attacks leading to losses in the hundreds of millions of dollars, many financial firms are seeking — and finding — help in the battle against online crime. This paper outlines the threats facing banks, credit unions, and other financial institutions, and what they can do to address them.
If you are evaluating how to meet an information security or compliance need, and want to be sure the investment will pay off for your organization, having credible information from a trusted authority is invaluable. This case study will help you. Read a commissioned study conducted by Forrester Consulting, “The Total Economic Impact of Dell SecureWorks Managed Security Services.” (Study published Nov. 2011)
As mobile device usage in healthcare organizations and clinical settings has proliferated, risks and breaches have followed. This paper outlines how mobile devices are used today in healthcare and where the investments in this technology are heading. The paper also outlines what the common specific risks and breach repercussions are in using mobile devices, and how to mitigate these risks using four key tactics.
This paper outlines the federal Meaningful Use data security requirement, the penalties and incentives associated with Meaningful Use, and elements to create a successful strategy for developing a strong security posture. Also detailed is the importance of fitting a security risk analysis into the larger picture of maintaining HIPAA compliance.
Security concerns in healthcare have compounded as more providers move online due to increasing incentives and penalties in a complex regulatory environment where enforcement is encroaching. Concurrent with this trend, though, major breaches continue to occur, and are likely accelerating. Healthcare companies need to have a sound strategy in place for addressing these concerns, and a well-rounded understanding of the risk they are individually tasked with managing. This article explains some of these trends, outlines the risks involved, and offers potential solutions to reduce risk in an increasingly complex healthcare data environment.
Security is the major concern for companies that are considering moving their data and business processes to the cloud. To have sound security in the cloud, companies need to enforce precise access management controls and practice very disciplined, rigorous cloud vendor management. This paper offers 10 tips that businesses should implement in order to reduce the security risks in the cloud.
According to Dell SecureWorks' data, hacker attacks targeting its retail customers increased 43 percent between the last nine months of 2010 and the first nine months of 2011. From January through September 2011, SecureWorks blocked an average of 91,500 attacks per retail customer, as compared to 63,581 attacks per retail customer April through December 2010.
Cyber attacks on law firms are growing and 46 states have enacted or are considering data breach notification legislation that can have costly consequences for law firms. Those are just two reasons why it is critical for law firms to stay current on info security threats and potential solutions.
In the confidentiality, integrity, and availability metrics of information security, also known as the CIA Triad, denial-of-service (DoS) attacks impact availability. In a broad context, the term 'denial-of-service' has a general definition covering many types of attacks.
If you are a manager responsible for information security, it is likely that you constantly look for the most cost-effective ways to secure your organization. In most cases, that includes periodically evaluating “doing security in-house” vs. working with a managed security provider. This new white paper --- based on a survey of 150 info security and IT professionals --- may help you if you are thinking about that question.