Incident Response Insights Report 2018

Risks, remedies, and best practices for defending against cyber threats

In this report you will learn:

Emerging threat trends based on 2017 incident response engagements
How you might be vulnerable
How to respond faster and more effectively when an incident does occur
Planning and preparation strategies to increase organizational resilience

All too often companies are learning the hard way — during an incident — how they could have been better prepared to mitigate the risk or reduce the damage.

In 2017, Secureworks’ formidable team of incident responders and analysts helped hundreds of organizations navigate through complex and high-risk security incidents. We analyzed the lessons learned, studied global threat trends, and captured the key findings in Secureworks annual Incident Response Insights Report, 2018. It offers data and best practices to help you prepare better, defend faster, and respond more effectively in the face of threats that put your business at risk. In 50% of IR engagements over the past 12 months, for example, organizations had insufficient end point or network visibility to respond successfully. Advanced threats went undetected for an average of 380 days.

Findings also include emerging global threat trends, methods of attack, key recommendations for maturing your IR program, and what has, and hasn’t, been working as organizations put both proactive and emergency response procedures to the test.

In almost every case where software vulnerabilities were exploited by an adversary to gain access to a network or system, the vendor had released security patches for those vulnerabilities months beforehand. Don Smith, Senior Director, Secureworks Counter Threat Unit™ (CTU) Operations & Analysis

Get Your Complimentary Paper

All fields are required.

Access Now

We generate around 2 billion events each month. With Secureworks, we are able to crunch down that number to 20-30 high fidelity alerts — and that makes my team's job much easier.

Sunil Saale, Head of Cyber and Information Security, Minter Ellison

Red Cloak™ Threat Detection and Response isn’t just the next generation of SIEM, it’s an evolution.

David Levine, CISO, Ricoh Group

Why Secureworks^®?

The old approaches to cybersecurity are no longer adequate. It’s time for something new. Layered defenses can create almost as many problems as they solve, and security teams struggle to keep up with the threat. What you need is context across all your layers of defense with the right people, processes, and technology working together in concert. That’s how Secureworks can help. Using 20+ years of industry knowledge, advanced analytics, industry-leading threat intelligence, and the network effect of more than 4,000 customer environments, we provide world-class cybersecurity solutions to customers around the globe. This unmatched experience empowers our customers to be Collectively Smarter. Exponentially Safer.™

Our Managed Detection and Response (MDR) solution is comprehensive, powered by our cloud-native software Red Cloak™ Threat Detection and Response that uses AI and machine learning to deliver better outcomes for your security operations. MDR unifies telemetry from your existing security technology to maximize visibility, reduce complexity, and enable you to move at the speed of the threat. Learn more about how Managed Detection and Response uses contextualized visibility to improve your organization’s security posture.