Highly targeted attacks that use specially modified malware are challenging businesses of all sizes. Wielded by threat actors intent on stealing trade secrets, intellectual property and other high-value data, these attacks evade detection by traditional security controls and even some sandboxing technologies built to dynamically analyze malware. Combatting these attacks consumes significant amounts of remediation time and security budgets. Security teams need to rethink their people-process-technology mixes and strengthen them to defeat these new threats, which are on the upswing. A new approach – an innovative combination of threat intelligence and next-generation sandboxing – can help businesses enhance their security postures to outsmart and outmaneuver attackers.
Dell SecureWorks’ Counter Threat Unit (CTU) Director of Malware Research Joe Stewart and SecureWorks Network Security Analyst David Shear, who researched the Underground Hacker Markets last year, revisited the hacker underground to see if prices for stolen credit cards, fullz (a dossier of an individual’s credentials which can be used to commit identity theft and fraud), bank accounts and hacker services had gone up or down in price.
Across the US, Europe and Asia, adherence to Payment Card Industry Data Security Standard (PCI DSS) compliance requirements continues to grow. However, challenges remain for many organizations in meeting and maintaining their compliance obligations under PCI DSS. Many organizations are not prepared for their next round of assessments, despite having successfully met PCI DSS requirements in the past. A number of factors get in the way for many organizations. Added to this is a lack of education on the new compliance requirements mandated in PCI 3.0. This document includes practical guidance and recommendations for ensuring ongoing compliance with PCI DSS.
Lake Area Bank, a community bank with 7 locations in Minnesota, was a victim of a phishing attack. Unsure if any data was stolen, the bank engaged Dell SecureWorks for incident response and digital forensic services. Dell SecureWorks consultants were available to provide them with answers to their questions and saved the Bank time and thousands of dollars. Read this case study to learn more about how the Lake Area Bank also relies on Dell SecureWorks for 24/7/365 protection, compliance, and boost IT staff efficiency.
As the needs of your business continue to change, technology and personnel change too. To combat this evolving environment, you will need a concise blueprint of your current security infrastructure to identify areas that may be vulnerable to cyber-attacks. Dell SecureWorks’ Security and Risk Consulting Security Design and Architecture team provides the expertise and analysis to help your organization enhance its security posture, reduce risk, facilitate compliance, and improve operational efficiency.
With high value digital information stored on their networks, servers and websites, investment management firms of all sizes are attractive targets for cyber attack, but many are not prepared to be on the "front lines" of cybersecurity. To address this, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) announced a Cybersecurity Initiative to assess cybersecurity preparedness for regulated firms in the investment industry.
The move to 100% electronic medical records, the emergence of Healthcare.gov and the increase of electronic protected health information exchanged online has created an increased number of attack surfaces, vulnerable to exploitation possibilities. The final passing of HIPAA Omnibus places greater emphasis on protecting the confidentiality, integrity, and availability from potential risks to compromise. It has created a paradigm shift from a compliance focus to a security focus managed through a Strategic Information Security Program. This paper discusses the approach taken by Dell SecureWorks in assisting a client in their efforts to design and implement a Strategic Information Security Program unique to their security and compliance requirements.
The paradigm shift from a compliance focus to a security focus being driven by HIPAA Omnibus is also causing a greater emphasis being placed on information security plans from a business perspective. This business perspective can only be realized by instituting a program based on risk assessments and analyses that provide objective cost justifications for further investment. A Strategic Information Security Program provides the model on which to build the processes needed to gain and maintain the business perspective. This solution brief provides insight into the skills Dell SecureWorks can provide in the design, implementation and maintenance of such a program.
In 2013, 13.1 million consumers were victims of identity fraud or theft. Your identity can be stolen in a variety of ways: by cyber thieves; by unscrupulous vendors; or by those who are pilfering identification cards, bank statements, and other items from your mail box or online. The Dell SecureWorks CISO team addresses some common identity theft scenarios in this Protecting Yourself Against Identity Theft article. They also provide methods to help you prevent theft as well as tips on recovering from a theft if it were to occur.
Since it’s almost certain that every organization will experience a cyber security incident at some time, you need to be well prepared in advance. According to the 2013 Verizon Data Breach report, 22 organizations, mainly in manufacturing and professional services, with only one to 100 employees became a victim to cyber espionage last year. And 23 firms, mainly in manufacturing with 101 to 1,000 employees, also were breached.
Vertafore, the leading provider of cloud insurance software, engaged Dell SecureWorks to put security at the center of its operations and protect its customers. Read this case study to learn how Vertafore extends its significant internal security capabilities by collaborating closely with Dell SecureWorks Managed Security Services, Incident Response capabilities and Global Threat Intelligence services.
Ensuring fast, safe and secure payment card transactions is a key component of OnCue Marketing’s company mission. Learn how Dell SecureWorks Security and Risk Consulting and Managed Security Services helped this gas station and convenience store chain achieve PCI compliance, build a strong security program and give OnCue more time back to focus on supporting their rapidly growing business.
This white paper defines advanced threats, reviews the types of techniques advanced threat actors use as they relate to the kill chain, recommends specific steps for an effective defense strategy and defines how Dell SecureWorks services can help organizations detect, defend and eradicate advanced threats.
Keeping funds and transaction information secure from prying eyes is of the utmost importance when handling finances. So too should it be when working with digital currencies. This white paper explores best practice approaches and concepts to ensure businesses and consumers alike don't wind up with their digital currencies walking out the door.
Distributed denial-of-service (DDoS) attacks are prevalent and growing, especially in the financial services industry. According to a Ponemon Institute survey, 64% of banking IT professionals reported a DDoS attack in 2012, and 43% expected attacks to increase in 2013.
How Much Should Your Organization Spend on Cyber Security? Your organization’s finances depend upon your network to run securely. But how do you know the right amount to invest in cyber security to protect your assets?
No matter the size of your organization, advanced cyber-attacks represent a credible threat and risk to your organization. Whether a cybercriminal, disgruntled activist, competitor or nation-state actor, Chief Information Security Officers (CISOs) must address the risk these adversaries pose to their organization.
The best offense is a good defense when it comes to your network’s security. Understanding the common cyber security tests and assessments that your organization can perform to evaluate their security posture is the first step in that process. The, Which is Assessment is Right For Me, white paper serves as both an informational guide to help you determine your organizational goals in Meeting or Exceeding Compliance, Mitigating Risk or heightening Security Resiliency and the corresponding services that can best help you achieve them. In the end, you will be able to more accurately determine which assessment may be appropriate to meet your organizational needs and goals.
Information security best practices are all about mitigating risks. There is no 100 percent fail-safe security program, device or system. It takes an orchestrated effort between managed security services, threat intelligence and incident response to provide the strongest defense. This paper presents the advantages of a single-outsourced solution for managed security services and incident response. A qualified MSSP with experienced incident responders on staff can significantly reduce the time it takes to control a breach. Using security operations data gathered from monitoring and managing the network, responders have a head start on a swift response.
According to the report, "Organizations around the world continue to seek ways to address the increasing security risk landscape by leveraging MSSPs with experienced personnel and comprehensive security risk management capabilities."
European data protection law permits an organization to use a Managed Security Service Provider ('MSSP') such as Dell SecureWorks. Actually, not only does the law permit the use of a MSSP, but in many respects it also supports it, in the sense that good quality managed security services provide an enhanced level of security measures, expertise and awareness and enable organizations to make efficient use of their resources, thereby enabling them to achieve better data security and meet the requirements of the law. This White Paper has been prepared by Dell SecureWorks in collaboration with legal firm Field Fisher Waterhouse LLP. It explains the legal position and considers the characteristics of a good quality MSSP for data protection law purposes. In doing so, it debunks certain common myths about European data protection law, such as that it prohibits the use of third parties in data processing operations or the transfer of data to other European Union (EU) countries or outside the European Economic Area (EEA).
Across the US and the UK, adoption of the Payment Card Industry or PCI compliance requirements is slowly gaining momentum. However, many organizations are finding that they are not prepared for their next round of assessments, despite having successfully met PCI requirements previously, as demonstrated by a Report on Compliance (ROC) or Self-Assessment Questionnaire (SAQ). This paper outlines the challenges of maintaining compliance, and three important steps merchants can take to successfully address them.
Bring-your-own-device (BYOD) programs, which allow employees to use their personal smartphones, tablets and laptops in and out of the work environment, are changing the IT landscape. Organizations around the world are embracing BYOD, because it allows executives and employees to use the mobile devices, service providers and operating platforms of their choice and allows them to be more productive and conduct business activities outside of working hours. But just as there are considerable benefits, there are information security concerns for all organizations.
Higher education institutions face common information security issues – tight budgets, mobile devices, low awareness of security risks. These common challenges make these institutions easy targets for hackers. More and more users are online using unprotected devices. They don’t understand threat actors and their tradecraft. Due to those tight budgets, most IT departments in higher education facilities don’t have the means to do anything about this perfect storm.
The Dell SecureWorks Incident Response and Digital Forensics team helps organizations of all sizes prepare for, respond to and recover from even the most complex and large-scale security incidents. This paper is designed to help you ask tough, direct questions of any Incident Response services provider to determine the vendor’s capabilities, and if that vendor represents the best fit based on your organization’s particular needs. We highly recommend asking these questions when evaluating outside assistance with your incident response function.
Examining threats over an extended period of time reveals current trends as well as clues about the future direction of attacker activity. The Dell SecureWorks Counter Threat Unit™ (CTU) research team analyzed activity from calendar year 2012, focusing specifically on the conditions that create threat scenarios and on notable trends in software vulnerabilities, global-scale threats, distributed denial of service (DDoS) attacks, Advanced Persistent Threats, and mobile threats.
Law firms are embracing Bring-Your-Own-Device (BYOD) programs, which allow employees to use their personal smartphones, tablets and laptops in and out of the work environment. But just as there are considerable benefits, there are information security concerns for law firms and their clients. Law firms have become targets for hackers seeking insider information on a firm’s clients. Hackers are after personal and financial information, patents, trade secrets, details of mergers and acquisitions and other information. BYOD, if not used securely, opens one more window of opportunity for hackers. This article outlines the risks and provides recommended best practices for risk mitigation.
Cloaked by malware, aliases and misspellings, cyber spies are usually invisible entities who quietly wreak havoc on their target. Follow the gripping story in Bloomberg Businessweek of how a notorious hacker’s identity is unmasked by the Counter Threat Unit’s Director of Malware Research Joe Stewart , with the help of another independent researcher.
“It is not a question of if --- but when --- your organization will experience a serious security breach,” according to Forrester Research analysts in their “Planning for Failure” Report (Nov. 2011). What are you doing to prepare? This white paper recommends ways to improve your organization’s incident response capabilities and to be well prepared for a breach. We identify three of the most critical decisions security leaders must make upon detecting a security breach, and provide advice for how to address each one.
All small to medium sized business face security challenges regardless of industry. This Q&A with Jeff Multz, director of Small and Medium-Sized Business, Dell SecureWorks, discusses the biggest threats to information security, how the industry is addressing them, preventative steps, internal communication to ensure proper security controls and security incident response.
Based on direct experience working with customers who have experienced security incidents, our Dell SecureWorks Counter Threat Unit research team has developed a set of 10 recommended best practices to help minimize the duration and impact of a security breach. This white paper also includes 18 additional recommendations regarding technical issues, configuration and processes.
Having a strong Computer Incident Response Plan (CIRP) in place before a security breach occurs can minimize the duration, disruption and cost of a breach. This white paper by TechTarget, provides relevant guidance on how to justify a CIRP and reports that having an effective response capability can save an average of $1.2 million per data breach. The paper dives deeper into an overview of a CIRP, how a plan can reduce costs, why incident response is so challenging and offers six best practice recommendations to follow when creating a CIRP.
Learn how Dell can help your organization meet and maintain each of the Payment Card Industry Data Security Standard (PCI DSS) requirements with a combination of hardware, software, and services. In addition to managed security and consulting services from Dell SecureWorks, Dell also offers endpoint protection and systems management, as well as data protection and encryption.
What are the Payment Card Industry Data Security Standard (PCI DSS), and why are they important? Who must comply with them? This whitepaper offers a high-level overview of the standards, validation requirements, and enforcement trends. It also discusses why PCI compliance matters and how your organization can benefit from a robust security and compliance program.
Between 2009 and early 2012, more than 18 million patients’ Protected Health Information (PHI) was compromised. Over the past year alone, healthcare breaches in the U.S. have increased by 32%. As these numbers demonstrate, securing medical information is one of the most pressing issues facing hospitals and other healthcare organizations. While many obstacles make it difficult for healthcare providers and partners to implement security programs that work on both a technical and human level amidst a “perfect storm” of risk, the implementation of basic controls can help such organizations reduce the majority of their risk. This paper, published in the Journal of Healthcare Information Management, explores the trends driving the need for more comprehensive security programs while continuing to embrace new technology, and why an approach that incorporates factors such as mobile devices is critical for positive change throughout the healthcare security ecosystem.
Mobile device usage has increased significantly in many industries, including higher education. While there are many benefits to widespread mobile device adoption, there are also potential risks that IT departments must carefully manage to avoid security breaches of personally identifiable information (PII), and the negative media coverage that accompanies a reported breach. This whitepaper addresses ten of the most common mobile device threats facing higher education and makes recommendations on how to combat them.
Knowledgeable IT professionals know all too well the amount of work they face in supporting HIPAA compliance. But they also appreciate that adding technologies for HIPAA compliance is an opportunity to make improvements in overall IT security that increase the organization’s bottom line. This report addresses the healthcare security and compliance landscape and recent penalties that have been levied; and outlines Dell KACE and Dell SecureWorks solutions designed to help meet HIPAA compliance guidelines.
Despite ongoing efforts to strengthen their security posture, healthcare companies are still largely deficient in managing security. A key contributor to this trend has been a lack of effective policies and controls to detect and respond to Advanced Persistent Threats (APTs.) This whitepaper describes the APT threat to healthcare organizations and offers strategies for forming defensive strategies to address the risks.
Higher education institutions are facing numerous data security challenges in the form of tight budgets, the need for unrestricted connections, online learning resources, mobile devices, and through increased regulations. One of the most insidious types of attacks today is Advanced Persistent Threats (APTs.) This whitepaper describes the APT threat to higher education and offers strategies for forming defensive strategies to addess the risks.
This whitepaper defines the differences between advanced threats and "commodity threats," reviews the types of advanced threat actors and the stages of advanced threat attacks, recommends specific steps for an effective advanced threat defense strategy and defines how Dell SecureWorks services can help organizations with intelligence, operations, visibility, incident response, testing and security awareness.
This update from the Dell SecureWorks Counter Threat Unit research team provides important news, insights and predictions on the threat landscape and related IT security issues, including reports on customer trends, attack campaigns, advanced persistent threat developments, vulnerabilities, mobile security, industrial control systems and a special report on financial sector activity, covering Jan-March 2012. This is the latest in a series of quarterly threat intelligence reports provided by the CTU team.
Retailers everywhere are developing mobile applications to interact socially, send coupons, disburse advertisements and increase sales. As mobile access and applications grow, however, so do the security challenges. So, how do you keep the bad guys out while still being innovative and keeping up with the latest technologies? This white paper outlines the top 10 must-know tips for deploying secure mobile applications.
Advanced Persistent Threats (APT) are a serious concern in the today’s threat landscape. They represent a threat to an organization’s intellectual property, financial assets and reputation. The defensive tools, procedures and other controls commonly put in place to handle commodity security threats are often ineffective against targeted APT-style attacks.
Forrester has released its March 2012 Wave report on managed security service providers, reporting on nine companies that are rated as Leaders or Strong Performers. Forrester researched, analyzed and scored the providers on 60 criteria, with a goal of helping security, risk and IT professionals select the right partner for their managed security services.
Are you waving the white flag? Has your SIEM failed to meet expectations despite your significant investment? If you are questioning whether your existing SIEM can get the job done, you are not alone. Given the rapid evolution of SIEM/Log Management offerings – and the evolution of requirements with new application models and cloud – you should be wondering whether a better, easier, less expensive solution can meet your needs. This white paper from security analyst firm Securosis takes a candid look at the reasons to consider a new security management platform and best practices for doing so.
The retail landscape is changing faster and more dramatically than ever before. At the same time, retailers face an ever-growing threat of losses through attacks against point-of-sale systems, mobile devices and computers by criminals trying to steal payment card data and customer information. This paper outlines the problems retailers face and why it is a target, and provides practical recommendations on what they can do to address these challenges.
Maintaining adequate data security is challenging for investment firms and banks, which must grapple with a widening array of security and regulatory issues. With attacks leading to losses in the hundreds of millions of dollars, many financial firms are seeking — and finding — help in the battle against online crime. This paper outlines the threats facing banks, credit unions, and other financial institutions, and what they can do to address them.
Dell SecureWorks has been positioned in the Leaders quadrant of Gartner's newly released Magic Quadrant for MSSPs, North America, 2011. The Gartner Magic Quadrant is a graphical portrayal of vendor performance in a market segment, including categories for leaders, challengers, visionaries and niche players. Criteria by which the vendors are measured include a company’s completeness of vision and ability to execute.
If you are evaluating how to meet an information security or compliance need, and want to be sure the investment will pay off for your organization, having credible information from a trusted authority is invaluable. This case study will help you. Read a commissioned study conducted by Forrester Consulting, “The Total Economic Impact of Dell SecureWorks Managed Security Services.” (Study published Nov. 2011)
As mobile device usage in healthcare organizations and clinical settings has proliferated, risks and breaches have followed. This paper outlines how mobile devices are used today in healthcare and where the investments in this technology are heading. The paper also outlines what the common specific risks and breach repercussions are in using mobile devices, and how to mitigate these risks using four key tactics.
This paper outlines the federal Meaningful Use data security requirement, the penalties and incentives associated with Meaningful Use, and elements to create a successful strategy for developing a strong security posture. Also detailed is the importance of fitting a security risk analysis into the larger picture of maintaining HIPAA compliance.
Security concerns in healthcare have compounded as more providers move online due to increasing incentives and penalties in a complex regulatory environment where enforcement is encroaching. Concurrent with this trend, though, major breaches continue to occur, and are likely accelerating. Healthcare companies need to have a sound strategy in place for addressing these concerns, and a well-rounded understanding of the risk they are individually tasked with managing. This article explains some of these trends, outlines the risks involved, and offers potential solutions to reduce risk in an increasingly complex healthcare data environment.
Security is the major concern for companies that are considering moving their data and business processes to the cloud. To have sound security in the cloud, companies need to enforce precise access management controls and practice very disciplined, rigorous cloud vendor management. This paper offers 10 tips that businesses should implement in order to reduce the security risks in the cloud.
According to Dell SecureWorks' data, hacker attacks targeting its retail customers increased 43 percent between the last nine months of 2010 and the first nine months of 2011. From January through September 2011, SecureWorks blocked an average of 91,500 attacks per retail customer, as compared to 63,581 attacks per retail customer April through December 2010.
Small and mid-sized businesses are losing as much as $1 billion per year to cybercrime by some estimates, and SMBs are finding it more and more challenging to protect themselves. SMBs need to have comprehensive endpoint security in place as well as sound network security. This paper lists 8 simple steps that your organization can take to help protect financial data and minimize the risk.
Today’s smartphones and tablets represent the easiest means for a hacker to gain access to your corporate network. Protecting these devices is much more difficult since they have fewer API’s and lack an operating system as robust as Windows or Linux. Organized crime is focusing on smartphones because it’s much easier to get the data they want. This paper describes the 10 most common smartphone threats and offers high level best practice suggestions for mitigating the risk.
We have recently released a white paper on firewall management which defines five focus areas that are keys to an effective firewall defense. The five areas were defined by our security operations team, based on real-life experience and cases. Each is illustrated with a specific, real-life example. Following the five recommendations in this report can save you time, money and administrative headaches. Download the report today.
Cyber attacks on law firms are growing and 46 states have enacted or are considering data breach notification legislation that can have costly consequences for law firms. Those are just two reasons why it is critical for law firms to stay current on info security threats and potential solutions.
More than 40 million U.S. consumers will be using mobile banking by 2012, The Tower Group research firm predicts. Protecting confidential data on mobile devices presents a number of special challenges. For example, most mobile devices do not delete data in the same way that laptop computers do, increasing the risk that someone could access confidential data if it is not properly encrypted. This brief white paper provides six key guidelines for developing and maintaining secure mobile banking apps.
In the confidentiality, integrity, and availability metrics of information security, also known as the CIA Triad, denial-of-service (DoS) attacks impact availability. In a broad context, the term 'denial-of-service' has a general definition covering many types of attacks.
Security Information Management(SIM) can be a very valuable tool for any organization. There is work to be put in with this solution though, and there are some pitfalls as well.
If you are a manager responsible for information security, it is likely that you constantly look for the most cost-effective ways to secure your organization. In most cases, that includes periodically evaluating “doing security in-house” vs. working with a managed security provider. This new white paper --- based on a survey of 150 info security and IT professionals --- may help you if you are thinking about that question.
Dell SecureWorks has been positioned in the Leaders quadrant of Gartner's newly released Magic Quadrant for MSSPs, North America, 2010. Dell SecureWorks is a leading provider of world-class information security services with more than 2,900 clients worldwide. Organizations of all sizes, including more than fifteen percent of the Fortune 500, rely on Dell SecureWorks to protect their assets, support compliance and reduce costs.
This paper provides an executive-level primer on cybercrime by covering key profiles of cyber criminals, their methods and their motivations. After reading this Executive Brief, you will have a better understanding of the cybercrime threat.