Retained Service helps handle data security incidents.

Press Release Summary:



Retained Computer Incident Response Service helps organizations prepare for and respond to cyber security incidents such as phishing and hacker attacks. Clients can choose to apply retainer and select from up to 9 services in categories of incident response and forensics, planning and analysis, as well as testing and capability analysis. Should incident occur, SecureWorks can function as integral part of organization's incident response team.



Original Press Release:



SecureWorks Launches New Retained Incident Response Service to Assist Organizations in Handling Information Security Incidents



ATLANTA, April 23 -- SecureWorks, a leading Security as a Service provider, announced its new Retained Computer Incident Response Service. The service is designed to help organizations prepare for and respond to cyber security incidents such as phishing, hacker attacks, etc. During the one year retainer contract period, clients can choose to apply the retainer and select from up to nine services in the categories of incident response & forensics, planning & analysis and testing & capability analysis. This service and many others are delivered by SecureWorks' Professional Services team and the Counter Threat Unit(TM), SecureWorks' applied security research team.

Incident Response & Forensics

Should an incident occur, SecureWorks can function as an integral part of an organization's incident response team. SecureWorks will perform an incident analysis using forensics and will recommend the most effective means to minimize the impact of the security event. SecureWorks uses a variety of log analysis and forensic tools to capture/analyze stored data. After SecureWorks concludes the analysis, they will summarize the incident and work with the organization's key employees to help them understand how and why the incident happened and how to recover effectively. Forensics can be performed onsite or remotely.

Incident Response Planning & Analysis

In preparation for a potential incident, SecureWorks can conduct a logging configuration review and an assessment of logging controls, control plans and policies. The assessment of current logging configurations helps organizations ensure that sufficient data is collected and secured from various system log files. SecureWorks can also evaluate the capability of an organization's system configurations to see whether they create sufficient information to assist in response to security incidents.

Additionally, SecureWorks can review a client's Computer Incident Response Plan (CIRP) that organizations have in place. If a client does not already have a CIRP, SecureWorks will assist them in developing one to help them reliably detect and respond to security incidents at both a strategic and tactical level. When creating a CIRP, SecureWorks will help organizations with program development, policy integration and governance procedures. Additionally, a CIRP from SecureWorks will include common incident definitions, scenario definitions, escalation procedures, gap analyses and prioritization of incident types and recovery goals/objectives.

Incident Response Testing & Capability Analysis

SecureWorks can also facilitate the creation and assessment of testing procedures to see if organizations have a sound plan and to see how well they respond to a declared incident. Testing procedures will include walk-through tabletop exercises or full-fledged war gaming of the CIRP. SecureWorks will analyze the results of the testing and integrate them into the CIRP. A CIRP should be tested regularly to stay familiar with the procedures and to assess if there is a need for modification to the plan.

"Recently publicized security incidents experienced by companies like Tenet Healthcare in February and Hannaford Bros. supermarket chain in March are examples of the prevalence of data breaches that continue to hurt good companies," said Erik Petersen, vice president of Professional Services at SecureWorks. "Our new incident response service allows companies to take a proactive approach by retaining SecureWorks prior to a problem occurring in order to best prevent a cyber attack. Unlike other retained forensics services, you don't have to be hacked to use your retained hours with SecureWorks. That's what makes us unique." Petersen added, "We provide these services for all levels of organizational maturity. Whether you are simply getting started in developing your CIRP or have been working on your plan for years, SecureWorks can integrate into your process."

About SecureWorks

With over 2,000 clients, SecureWorks is one of the market's leading Security as a Service providers. Organizations are protected from external and internal cyber threats through SecureWorks' Managed Security Services, On-Demand Security Information and Event Management (SIEM) platform, the SecureWorks Counter Threat Unit(TM) and three fully synchronous Security Operations Centers (SOCs) staffed with SANS GIAC certified analysts working 24x7 to safeguard client systems. SecureWorks has won SC Magazine's "Best Managed Security Services" award for 2006, 2007 & 2008, Best Intrusion Prevention 2006 and has been named to the Inc 500 and Deloitte lists of fastest-growing companies. For more information, visit www.secureworks.com .

CONTACT: Lisa King, SecureWorks, +1-404-486-4463, lking@secureworks.com

All Topics