Growing up towards the end of the cold war, as school children we would regularly do “duck and cover” drills. You know, in preparation for an event such as nuclear detonation or fallout – we would practice ducking underneath our sturdy desks and cover our heads just to protect ourselves. In the enterprise, you could set up security to your heart’s delight, but many shops just don’t have the time, expertise or planning to do emergency testing, and that goes for actions that are taken in the event of a security breach. An announcement from HP Enterprise Services aims to change that with a set of security services that are designed to deal with security breaches. HP’s Security Breach Management Solution is designed to provide for the response, remediation, and mitigation to security breaches.
In a briefing with Andrzej Kawalec, CTO of HP Enterprise Security Services, the gravity of security breach response was made rather clear:
“It’s nearly impossible for organizations to prevent a breach, but they can take control of how they respond,” said Andrzej Kawalec, chief technology officer, Enterprise Security Services, HP. “Combining HP’s portfolio of services and software, the HP Breach Management Solution arms clients with the tools and resources to monitor, manage and respond to breaches head on, minimizing their impact while readying for the next attack.”
Kawalec incidentally provided confirmation of some of the issues I brought forward in the article I posted last week on Amazon Web Services and the challenges of the enterprise running standard security tools and compliance in those environments.
Prepare for Attacks
Combining HP’s services expertise with security intelligence software, a comprehensive breach response approach is achieved through the services. When breaches occur, the right response is critical, as they can have great costs in term of reputation damage and legal ramifications. I wrote about this impact in a story on the findings of the Ponemon Institute back in October.
“The financial impact of cybercrimes is pretty staggering. For the U.S. the cost associated with a cybercrime is $8.9 million.”
You can see how this is rather critical. HP Security Breach Management Solution addresses enterprise breach response from end to end. Starting with the Forensic Readiness Service, which helps clients proactively establish policies and procedures in the event of a breach, and helping clients get ahead of attacks before they occur. From there, the service addresses the entire security life cycle, all the way through to immediate response measures. Proper capabilities in response to a breach is significant in managing risks to an organization. Through this combined approach, the services provide for significant breach management for the modern enterprise.
With HP Security Breach Management Solution, clients can:
- Contain attacks immediately with HP Breach Response Service, which provides 24/7 expert monitoring to detect and respond to intrusions. In the event of a breach, HP dispatches a team of security professionals to the client’s location to assess and investigate the breach and provide recommendations for reducing exposure to future vulnerabilities.
- Develop a clear set of processes and policies for the collection and analysis of evidence following security incidents with HP Digital Forensic Services.
- Adhere to regulatory compliance for use in legal investigations and audits following an incident by leveraging HP e-Disclosure and e-Discovery Services, which help organizations develop tight policies and processes for capturing and logging data.
- Collect, log, sort and filter relevant security events with HP Security Information and Event Management (SIEM) Services, which leverage HP ArcSight offerings, to enable IT security operations to identify threats and protect systems against them.
- Mitigate the consequences of data loss or deletion through designing and implementing processes for backup and recovery with HP Data Recovery Services.
Breach response times that are adequately planned and ready to use are critical to an organization when the inevitable occurs. Incidents do happen. Daily. If you’re not prepared to roll your own due to a lack of personnel resources, expertise, capital, or time, this is exactly the kind of service designed to fill those gaps. It is also very sound to launch a collaborative effort with HP’s service to validate the components you do have in place.