2. As the Internet of Things explodes,
so does the attack on surface and
security risks. So we're thinking
deeply about how to secure, this new,
even more connected world.”1
— Michael Dell
Dell Technologies Chairman and CEO
Cybersecurity | 2019 | 2
3. Contents
Dell Technologies provides
a wide range of cybersecurity
solutions to protect and restore
the client environment in the
event of a cyberattack.
Solutions are categorised under the
following delivery models:
ASSESSMENT
SOLUTIONS
MANAGED
SERVICE
SOLUTIONS
PRODUCT
SOLUTIONS
1: CYBERSECURITY CONTEXT
& BACKGROUND
2: DEFINE CYBERSECURITY STRATEGY
3: IMPLEMENT STRATEGY
& SECURE ENVIRONMENT
4: RESPOND & RECOVER
5: LEVERAGE ADVANCED INTELLIGENCE
6: DELL TECHNOLOGIES —
YOUR TRUSTED PARTNER
Cybersecurity | 2019 | 3
5. Cybercrime alone costs nations more than
$1 trillion globally, far more than the record
$300 billion of damage due to natural disasters
in 2017. We ranked cyberattacks as the biggest
threat facing the business world today — ahead
of terrorism, asset bubbles, and other risks.”2
Paul Mee & Til Schuermann
Harvard Business Review
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 5
6. Cybersecurity in a Technology Dependent Society
In today’s always-on, always-connected economy,
businesses are under pressure to enhance their
cybersecurity strategy and prove to their customers
that data protection is critical to their customer
engagement strategy.
As the world economy continues to digitise operations, supply
chains, business transactions, and employee and customer
services, cyberattacks are expected to continue to pose as
one of the major threats to the world.
With ‘Cyberattacks’ and ‘Data Fraud and Theft’ taking
3rd and 4th place on the World Economic Forum 2018 list
of Global Risks, the spotlight is on organisations to ensure
critical information remains secure and private 3
.
The number of attacks is growing exponentially with hacking
and malware accounting for 48% and 30% of attack tactics 4
.
The likelihood that all malware will be discovered before harm
is done is low, and the discovery time for an attack is on
average 197 days 5
.
This time gap provides opportunity to map the network, escalate
privileges and plan a devastating attack, ranging from extortion
(ransomware) to outright destruction of business-critical
systems. These types of cyberattacks can disrupt a business,
leading to costly remediation, revenue loss, negative publicity,
and lasting customer distrust.
The average cost of a data breach is $3.86 million, an increase
of 6.4% compared to 2017 5
. The likelihood of a breach recurring
over the next two years is 27.9%.
Even with the most sophisticated security solutions, cyber
criminals are constantly learning from previous attacks and
exploiting vulnerabilities. With continued advancements in
machine learning capabilities, the threat of an attack should
not be ignored.
The following sections outline some of the motives behind
cyberattacks, the types of cyberattacks and how they intrude
on your business, and some of the common points of entry.
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 6
7. 76% of breaches are
financially motivated 6
.
In particular, there has been a
huge increase in ransomware,
with attackers entering an
organisation’s systems to take
control, sending alerts to users
to notify them that their data
has been ceased until receipt
of ransom fee.
Governments have quickly
realised that cyberattacks
are quicker, cheaper and
easier than traditional
warfare methods.
With potentially detrimental
impacts to society, and even
harder to detect methods of
manipulation, government entities
are exploring the creative ways to
infect a rival state’s society.
Cybercriminals leverage the
practice of scanning, monitoring,
collecting, and exfiltrating
sensitive information in order
to extort, blackmail or gain
advantage over a rival business.
Politically motivated extremist
groups and non-state actors
using computers to cause harm
or fear pose a major threat to
critical infrastructure,
Financial services, military,
energy, utilities, transportation
and government offices are
highly attractive targets.
Cyberattacks Motives
Financial State
Sponsored
Intelligence
Gathering
Terrorism
The use of computers and
computer networks to promote
political or social change.
Hacktivist groups such as
WikiLeaks & Anonymous have
shed light on some of the social
injustices that exist in the world
and demand those responsible,
be held accountable for their
actions. Hacktivism accounted
for 4.7% of cyberattacks in 2017 7
.
Hacktivism
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 7
8. On average, advanced
cyberattacks go
197 days undetected 5
.
Being aware of how
cyberattackers infect systems
can help your business detect
abnormal activity and potentially
help detect an attack early on.
Here are some of the common
types of cyberattack:
Data Integrity
Distributed Denial of Service
Malware
SQL Injection
Snooping
Cyber-Collection
Malicious data manipulation can be detrimental
to a business. This is a highly sophisticated, and
easily undetectable cyberattack that causes users to
doubt the accuracy of their information. Manipulating
public opinion through smear campaigns or changing
information in a medical system are two examples of
how this type of attack poses a huge threat to society.
This type of attack uses multiple compromised
systems to attack servers, networks, and
systems to flood and exhaust resources
forcing the network to fail and deny service
to legitimate users.
Malware refers to the practice of
deploying malicious software, including
ransomware, spyware, viruses and
worms to infect and breach a network.
This can result in blocked access to
files and systems, criminals covertly
obtaining sensitive information, and
disruption to service, amongst others.
Deploying malicious code into an SQL-based
server can force the server into revealing
information it wouldn’t normally reveal.
This type of attack can allow attackers
to tamper with services enabling them to
pose as other individuals, void transactions,
change data, destroy data and approve
administrative access to users.
Similar to the act of eavesdropping, snooping is the
practice of unauthorised access to systems and data.
This can include monitoring of keystrokes, passwords,
login information, communications, webcams etc.
Used by nation states to conduct espionage
and even corporate spies to gather intelligence
on rivals, cyber collection is similar to snooping
but is with the intention to scan, collect and
exfiltrate sensitive information. An example
of this is the famous Stuxnet computer
worm first uncovered in 2010.
Types of Cyberattack
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 8
9. Points of Entry
Insider
Outdated
Infrastructure
Phishing Emails
Web Browser
Social Media
Platforms
Unused Systems
Zero-Day Exploit
28% of cyberattacks
come from an insider with
legitimate access (4). These
attacks are particularly hard
to guard against.
It is crucial to update and patch
infrastructure. As technology
continues to rapidly accelerate and
develop, cybercriminals will look to
exploit legacy infrastructure. In 2018
outdated security controls was the
2nd greatest vulnerability. (11)
Arguably the most commonly used point
of entry, phishing exploits the naivety of
users by sending emails that appear to
be from a reputable source but contain
malicious software. These emails require
users to engage with a link or a login portal
etc. for the software to be deployed.
Browsers are constantly connecting users
to the outside world. These browsers rely
on plugins (Flash, JavaScript etc.), but like
other software, these plug-ins come with
security flaws that cybercriminals love to
take advantage of. 64% of companies have
experienced web-based attacks. (8) Perhaps
more worryingly, 77% of compromised
attacks in 2017 were file-less. (9)
Third party applications, instant
messaging services and comments
sections are all quick ways for
cybercriminals to deploy malicious
software to vulnerable users.
Cybercriminals target unused
systems and resources because
they typically aren’t monitored
and it's easier to go undetected
for longer.
When network vulnerabilities
are announced, cybercriminals
will actively seek opportunities
to exploit this before a patch is
issued and implemented.
Unused Systems
Zero-Day Exploit
Social Engineering
Exploiting the human element of
IT, cybercriminals seek to deceive,
manipulate, or intimidate people to
hand over information and gain
access to information systems.
In 2017, 43% of cyberattacks
involved social engineering. (10)
Social Engineering
Being aware of vulnerable
points of entry will help
protect the business.
Here are some common points
of entry for cybercriminals:
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 9
10. Dell Technologies Security Transformation
Dell Technologies unites seven technology
leaders in one company with the power
to drive digital and security transformation.
Dell Technologies provides a wide range of cybersecurity solutions
underpinned by a robust cybersecurity delivery methodology.
Dell Technologies' cybersecurity framework is focused on ensuring
our clients manage cyber risk to grow and protect business value.
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 10
11. Dell Technologies Cybersecurity Capabilities
Dell Technologies deliver
the following capabilities
to our clients:
Deep expertise across the technology
stack from the datacentre right through
to end-user devices
A focus on continued R&D in cyber, digital
security and trust
Commitment to a wider ecosystem
of partners that leverages leading edge
cyber innovation
International cyber skills and leading capability
in cyber, digital trust and IT transformation
A world class threat intelligence network
that leverages machine learning and deep
learning technologies
Shared commitment to sustainability
delivering technology solutions that are
sustainable and low carbon
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 11
12. Dell Technologies Cybersecurity Delivers Key Business Outcomes
Dell Technologies
Cybersecurity Capabilities:
Business Outcomes and
Deliverables Include:
Deep expertise DEFINED STRATEGY
AND ROADMAP
Commitment to a wider ecosystem
REAL TIME VISIBILITY
OF EMERGING THREATS
International cyber skills
ADVANCED PROTECTION
A world class threat
intelligence network
OPERATIONAL RESILIENCE
Shared commitment to sustainability
Define
Cyber Strategy
Implement
Cyber Strategy
Respond and
Recover from
an attack
Dell Technologies
Cybersecurity Methodology
Leverage World Class Threat Intelligence Network
A focus on continued R&D
RISK AND COMPLIANCE
LEADERSHIP & CULTURE
Our proven methodology is supported by a portfolio of leading
cybersecurity solutions that protect and secure your IT environment.
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 12
13. Dell Technologies Security Transformation Portfolio
We assess our clients cybersecurity landscape and we
work with them to define cyber strategies and actionable
roadmaps in line with strategic objectives.
We ensure our clients always have measures
in place in the event of an attack.
Assess Environment
& Define Strategy
Implement Strategy
& Secure Environment
Respond & Recover
Our methodology is enabled by our robust portfolio of cybersecurity solutions.
Leverage Advanced Threat Intelligence
We provide real time threat data to equip security teams to proactively detect
and manage cyber threats and respond more effectively to cyber incidents.
Solutions include:
We implement cybersecurity products and services in line
with business objectives to drive growth, protect value
and stay on top of cyber threats.
Solutions include: Solutions include:
• Maturity Assessment
• Adversarial Testing
• Cloud Security Consulting
• Infrastructure Security
• Application Security
• End-User Devices Security
• Governance, Risk, Compliance & Controls Operations
• Threat Detection & Response
• Incident Response
• Cyber Recovery Solution
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 13
14. Dell Technologies Cybersecurity Solutions Deliver Business Outcomes
In this document, we outline some of our leading cyber solutions. This diagram illustrates which solutions deliver the
relevant business outcomes.
DEFINED STRATEGY
AND ROADMAP
ADVANCED
PROTECTION
RISK AND COMPLIANCE
LEADERSHIP & CULTURE
OPERATIONAL
RESILIENCE
REAL TIME VISIBILITY
OF EMERGING THREATS
Infrastructure Security
Governance, Risk,
and Compliance
Fraud Prevention
Advanced Threat
Intelligence
Maturity Assessment,
Cyber Strategy and
Roadmap
Applications Security Cybersecurity Operations Incident ResponseAdversarial Assessment
End-User Device Security Cyber RecoveryCloud Security
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 14
15. ASSESSMENT
SOLUTIONS
PRODUCT
SOLUTIONS
MANAGED SERVICE
SOLUTIONS
Delivery Models
Dell Technologies cybersecurity solutions are categorised under the following delivery models:
These include solutions that determine
the risk maturity, exposure and future
cyber strategy and roadmap.
These include solutions that are provided
by Dell Technologies' Managed Service
capability on behalf of our clients.
These include solutions that can
be deployed and embedded within
a client environment to protect,
secure and build resilience.
Working in Partnership with Consulting Firms
We work with leading Advisory, Consulting and Partner firms to support clients to deliver successful security
transformation, risk management and cyber strategy programmes.
1: Cybersecurity Context & Background
Cybersecurity | 2019 | 15
16. Assess your cybersecurity landscape and define a strategy
that aligns to business objectives and the IT environment.
DEFINE
CYBERSECURITY
STRATEGY
DEFINED STRATEGY
AND ROADMAP
Deliverable
2: Define Cybersecurity Strategy
Cybersecurity | 2019 | 16
17. Define Cybersecurity Strategy
It is imperative to understand your current state
cybersecurity environment before determining
future state strategy.
A strong cyber strategy helps drive growth, protects value and enables
our clients to stay on top of cyber threats. This will prepare our clients
to remain resilient in the event of an attack.
The following section outlines how Dell Technologies designs and
delivers cybersecurity strategies in line with business objectives.
2: Define Cybersecurity Strategy
Cybersecurity | 2019 | 17
18. Assess Environment& Define Cybersecurity Strategy |
Secureworks helps you assess your current cybersecurity
maturity level to determine a starting point for vulnerability
remediation. We help to identify gaps and inform your future
state cybersecurity strategy. Underpinned with leading proven
methodologies, this service delivers the following outcomes:
Current State Analysis
We help you understand your current overall security posture by analysing people,
process, technology and level of risk across your business.
Defined Strategy
We will work with you to develop a roadmap to deliver this strategy. The strategy is
designed in line with your business objectives and risk landscape. Strategies are based on
a defined target state that is determined by your business's threat exposure.
Business Case
The business case is based on a clear understanding of your threat exposure and
target state. The business case outlines the level of investment and executive
sponsorship needed to drive growth and protect your business.
Secureworks helps you minimise risk in your business by testing
your current security methods to identify vulnerabilities and gaps,
and provide a remediation roadmap. The service delivers the
following tests:
Conduct Penetration Testing
Identify network vulnerabilities and validate cybersecurity defences with
Secureworks experts.
Test Application Security
Protect your web applications, mobile applications and APIs by enhancing your
cybersecurity posture with actionable, customised recommendations based on the
latest tactics used by attackers.
Leverage Simulated Attacks Testing
Secureworks Red Team leverages artificial and human intelligence and unmatched visibility
across the threat landscape to develop threat scenarios that pose the most risk to their
clients. Secureworks testers combine various techniques to simulate the attacker.
Maturity Assessment, Cyber Strategy and Roadmap Adversarial Assessment
ASSESSMENT SOLUTIONS ASSESSMENT SOLUTIONS
DEFINED STRATEGY AND ROADMAP
2: Define Cybersecurity Strategy
Cybersecurity | 2019 | 18
19. The report both validated our existing defence
posture and listed ways we could improve,
which became our security roadmap. It also
boosted our security awareness and confidence
by educating us about cybersecurity threats
andcorresponding controls.”
Evan Waller
IT Infrastructure Manager
Talking Rain Beverage Company
For more information: bit.ly/2LwjoCe
Our Clients say...
Cybersecurity | 2019 | 19
2: Define Cybersecurity Strategy
20. There are three capability areas that can be leveraged, these include:
Cloud computing adoption has been
increasing rapidly with cloud specific
spending expected to grow at more
than six times the rate of general
IT spending through 2020 12
. Cloud
security governance can be challenging
and requires the right level of strategic
oversight and investment from
the start.
Dell Technologies’ cloud security assessment and
consulting services guide businesses through the
security considerations of cloud adoption ranging from
the strategy to delivery of migrating to a public, private
or hybrid environment.
Dell Technologies integrates cyber resilience into
management and government processes and extends
that integration deep into the technology environment
providing extensive protection to our clients.
Cloud Security
Assessment
Determine if your business is secure
and compliant with mandates for your
industry. Secureworks measures the
security posture of the cloud provider
and offers recommendations for a
cloud security framework based on the
business’ goals and objectives.
Cloud Governance,
Risk and Compliance
Consulting services helps design and
calibrate security operations to help
businesses move to the cloud securely
and without risking data security.
Strategic
Cloud Selection
This includes recommendations for
data classification and selecting the
best cloud solutions based on your
data and privacy requirements.
Define Cybersecurity Strategy |
Cloud Security (Private & Public)
ASSESSMENT SOLUTIONS
DEFINED STRATEGY AND ROADMAP
2: Define Cybersecurity Strategy
Cybersecurity | 2019 | 20
21. ADVANCED PROTECTION RISK AND COMPLIANCE
LEADERSHIP & CULTURE
Business Outcomes
Implementing and embedding cyber strategies
and solutions in line with business objectives
and surrounding risk landscape.
IMPLEMENT STRATEGY
& SECURE ENVIRONMENT
Cybersecurity | 2019 | 21
3: Implement Strategy & Secure Environment
22. Implement Strategy & Secure Environment
Nefarious actors seek to exploit vulnerabilities across
every aspect of the business and IT landscape. The
rise of connectivity has called for an increased focus
on cybersecurity across the entire business model
and organisational culture.
Businesses need to ensure that every part of their organisation is
protected and that the right protection strategies are embedded
across the end to end value chain. Organisations need to build digitally
resilient cultures in which a culture of trust and an understanding of
cybersecurity is widely appreciated by all business functions and
not just technology stakeholders.
Dell Technologies cybersecurity capability covers every aspect
of the value chain from infrastructure to business operations.
This includes implementing cybersecurity tools, systems,
procedures and precautionary measures to protect the following:
IT INFRASTRUCTURE
END-USER DEVICES
GOVERNANCE,
RISK & COMPLIANCE
SECURITY OPERATIONSAPPLICATIONS
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 22
23. Dell Technologies Cybersecurity Portfolio
Digital Workplace
Platform
Cloud Native Security
Network Virtualisation Security
Cloud Security
Backup & Data Protection
END-USER
DEVICES
APPLICATIONS
INFRASTRUCTURE
Fraud Prevention
Compliance Management
Identity and Access Management
GOVERNANCE, RISK,
AND COMPLIANCE
SECURITY OPERATIONS
The following framework outlines the scope of Dell
Technologies solutions across the IT Operating Model
and end to end value chain.
The Dell Technologies cyber methodology and portfolio of cybersecurity
solutions are focused on equipping our clients with the right cyber
capabilities, tools and insights to protect and grow their business.
Our methodology and supporting cyber solutions protect the full IT
operating environment and end-to-end business model.
Define
Cyber Strategy
Implement
Cyber Strategy
Respond and
Recover from
an attack
Our proven methodology
manages cyber risk
to grow and protect
business value across
your IT Operating Model
Dell Technologies
Cybersecurity Methodology
IT Operating Model
Leverage World Class Threat Intelligence Network
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 23
24. Dell Technologies delivers a secure, modern
infrastructure which is resilient and protected
from the ground up.
Companies today attribute more of their security issues to improper
network segmentation than the volume of threats overall. In response,
network virtualisation is becoming a key piece of the security apparatus
for leaders across industries as organisations leverage the power of
virtual capabilities to enable strategic security initiatives 13
.
Dell Technologies solutions help enhance cybersecurity whilst reducing
the burden on the run of the business. The following solutions help
organisations achieve a secure environment at the infrastructure layer.
Infrastructure
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 24
25. Addressing Security
Vulnerabilities with Zero Trust
Organisations are restructuring
their infrastructure in a way
that allows all data to be protected
regardless of where it sits in
the network.
The Zero Trust security model is the premise
that there is no longer a trusted and untrusted
network, but rather all networks are untrusted
and need to be secured equally. Organisations
are exploring how network virtualisation and
micro-segmentation can increase the security
of their network.
75% are exploring how network
virtualisation can help better protect their
network from security threats 13
.
These three strategies deliver the following benefits:
• Improved Security
Network virtualisation enables easier control and isolation
of environments and assets.
• Improved Network Visibility
Virtualisation technology to enhance isolation improves
control within those protected network segments,
empowering security teams to respond more intelligently
to attacks.
• Improved Business Continuity
Network virtualisation technology can enable a more
adaptable recovery mechanism for leadership and is
a key piece of any redundant system.
Separates day-to-day business data from
sensitive enabling security and risk teams
to place the proper security and access
controls on sensitive data segments.
These three strategies deliver the following benefits:
• Enhanced Control
Quickly identify privileges for certain data types to enable
businesses to quickly respond to changing security needs.
• Improved Visibility and Protection
Understand where data exists, and which users are
supposed to have access to improve monitoring and agility.
• Stop lateral Spread of Threats
Micro-perimeters are created around specific sets of data
to inhibit the spread of threats.
Infrastructure Networking |
Network Virtualisation Micro-segmentation
PRODUCT SOLUTIONS PRODUCT SOLUTIONS
ADVANCED PROTECTION
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 25
26. Infrastructure Networking |
VMware NSX Datacentre (NSX) delivers
consistent, automatable network security
to workloads. Network security policies
can be defined based on application
contexts and enforced on every individual
workload, without the need to touch
the physical network.
The NSX platform allows cybersecurity policies
to be defined based on application, user, and workload
contexts. Network security teams have more flexibility
to design policies that are resilient in the face of
ever-changing applications.
Providing insight into network traffic flow between and
within applications, it automatically suggests security
groups and policies for achieving micro-segmentation.
To meet these changing
demands of network security,
VMware’s network and
virtualisation security platform
enables a software-defined
approach to networking that
extends across datacentres,
clouds, and endpoints.
Network & Virtualisation
Security Platform
PRODUCT SOLUTIONS
ADVANCED PROTECTION
Benefits
Holistic Application Visibility
Decrease the amount of time that your network
security teams spend in application security
review cycles.
Consistent Enforcement of Security Controls
Stop managing separate policies for different parts
of the environment. With NSX Datacentre, you
can enforce network security policies that span
multi-data-centre and hybrid cloud environment.
Adaptive Network Security Policies
Automatically provision security policies for each
workload that will remain with the workload even
as the application changes over time.
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 26
27. Our Clients say...
Ensuring the reliable and lasting security of
sensitive information is one of the main tasks of
the IT department. The implementation of the NSX
platform will bring us unprecedented possibilities for
micro-granulation of security settings, and hence
more selective and improved protection
of individual applications.”
Miroslav Prokeš
Director of ICT Development
and Operations,
Prague Stock Exchange
For more information: bit.ly/2V78TK3
Cybersecurity | 2019 | 27
3: Implement Strategy & Secure Environment
28. Backup & Data Protection
Hardware failure, human error, natural disasters,
cybercriminals – these actors pose risks to your
business continuity. As consumers continue to
demand 24/7/365 accessibility, businesses must
employ a robust backup and disaster recovery
plan to ensure minimal disruption to the business
and customers.
The following solutions outline how Dell EMC helps your business define
a backup architecture roadmap, choose the most appropriate backup
appliance, and leverage industry-leading software to transfer data.
Infrastructure
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 28
29. Infrastructure |
Blueprint for Backup
Architecture reviews current
data protection operations to
provide an overall assessment of
the backup services provided by
the IT organisation, identify gaps
between the backup and archive
services and the requirements
to protect and manage data.
It also recommends appropriate changes in
people, processes or technology to improve
the backup services and identify roadmap
and time frames for implementing the
remediation recommendations.
Dell EMC offers a robust set
of data protection solutions
both software and hardware
that can protect all applications
wherever they live (on-premises
or public cloud).
Our backup solutions offer performance of
up to 68 TB per hour, significantly reduce
backup and archive storage requirements
by 10 to 55 times, and shrink bandwidth
requirements by up to 98%.
Consolidating backup, archive and disaster
recovery on a single platform, our backup
solutions ensure data recoverability,
and seamlessly integrates directly with
enterprise applications or primary storage.
Blueprint for
Backup Architecture Backup & Recovery
Flexible Investment Options
PRODUCT SOLUTIONSASSESSMENT SOLUTIONS
ADVANCED PROTECTION
Dell EMC offer flexible options to invest and consume data
protection solutions, options include:
Build
Leverage software to transfer
data to a purpose built target
offering flexibility to scale
software independent of
hardware.
Buy
An integrated approach
combining software, hardware,
compute, networking and storage
in a single appliance for simple,
easy and scalable protection.
Software Defined
Software only option available
across all solutions can be
procured and deployed on
commodity hardware.
As-a-Service
Leverage all the advanced
capabilities and benefits of
our solution through a service
provider who can fully host
backup environment for private
cloud capabilities.
Cloud
All solutions can be deployed
in the public cloud.
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 29
30. Infrastructure |
Dell EMC’s data protection
solutions are cloud-enabled
with the ability to natively tier
deduped data to the public,
private or hybrid cloud.
Our cloud backup and recovery solutions
have been created in partnership with
leading cloud providers like Amazon AWS,
Microsoft Azure & Google Cloud Platform,
so businesses can deploy and scale the
right-sized cloud data protection no matter
where data lives.
Cloud Backup
(Public & Private)
Dell EMC’s Data Protection software enables business to:
The Data Protection Suite spans across on-premise, direct to cloud and workloads within the cloud.
PRODUCT SOLUTIONS
On Premise Backup to Cloud Protect in Cloud
ADVANCED PROTECTION
• Backup and recover in the cloud
• Achieve cloud disaster recovery
• Move workloads to the cloud
• Protect workload in the cloud
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 30
31. Applications
As applications are increasingly more accessible
over the network, cybersecurity continues to be
a prevalent concern during the development cycle.
A sound application security strategy will ease the process
of patch management, and minimise the risk of malicious code
being deployed.
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 31
32. Cloud Native Security
PRODUCT SOLUTIONS
Applications |
There are three principles of cloud-native security:
Repair
Repair vulnerable software as soon as updates are available.
Organisations can repair vulnerable operating systems and application
stacks consistently within hours of patch availability. Pivotal refers to this
as a “stemcell,” and we update the stemcell with the latest OS patches
for Pivotal Cloud Foundry customers.
Repave
Repave servers and applications from a known good state. With Pivotal
Operations Manager, enterprises can repave every virtual machine in their
datacentre from a known good state every few hours without application
downtime. They can deploy applications from a continuous integration
tool such as Concourse, and application containers will also be repaved
every few hours.
Rotate
Rotate user credentials frequently, so they are only useful for short
periods of time. In order to easily rotate system credentials every few
minutes or hours, Pivotal customers can use identity management
systems with multi-factor authentication to help safeguard systems
as we work on automated credential management.
Prior to implementing Pivotal Cloud Foundry,
we had many manual processes as part of our
security procedures for deploying new applications.
We used to have developers spending roughly
four weeks to get all of the security elements
they needed done by various security teams and
infrastructure teams for their project. Today, they
can get everything they need in a few seconds.”
Michael Ehrman
Information Security Manager,
Kroger Company
For more information: bit.ly/2Brem5d
ADVANCED PROTECTION
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 32
33. Applications |
VMware AppDefense is a datacentre
endpoint security product that
protects applications running in
virtualised environments. AppDefense
understands an application's intended
state and behaviour, then monitors for
changes that indicate a threat. When
a threat is detected, AppDefense
automatically responds.
AppDefense generates authoritative alerts coupled
with automated response capabilities which allow
the Security Operations Centre to focus on catching
and eradicating threats from their environment,
rather than sifting through noisy data and
investigating threats that aren’t there.
To ensure security are aligned with modern
applications, AppDefense creates a common source
of truth between application teams and the security
teams, streamlining the security review and
readiness process.
AppDefense
PRODUCT SOLUTIONS
AppDefense complements our other security solutions
very nicely by filling a gap that we didn’t have covered
before. Ransomware attacks against hospitals do happen,
and you can lose thousands of computers in minutes.
With AppDefense and NSX Datacentre bolstering our
Sphere foundation, we can mitigate risk by extending
a zero-trust model across the network, all the way
to the endpoints. It’s a powerful combination.”
Christopher Frenz
Assistant Vice President of IT Infrastructure
Interfaith Medical Centre
For more information: bit.ly/2EFkw58
ADVANCED PROTECTION
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 33
34. An increase in remote working, the gig economy,
and bring-your-own-device programmes, has required
a stronger focus on how organisations manage
devices, applications, and access permissions.
The solutions on the following page focus on easing end-user security.
End-User Devices
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 34
35. VMware Workspace ONE is an
intelligence-driven digital workspace
platform powered by VMware AirWatch
Technology. The platform enables
organisations to simply and securely
deliver and manage any app on any
device with an integrated digital
workspace platform.
Workspace ONE integrates access control, application
management and multi-platform endpoint management
and is available as a cloud service or for on-premises
deployment. The comprehensive and predictive
security feature Workspace ONE Trust Network
provides a comprehensive and modern approach
to enterprise security for your employees, apps,
endpoints and networks.
With capabilities to protect, detect and remediate
modern-day threats, Workspace ONE Trust Network
combines access, device and app management, and
analytics with an ecosystem of integrated partner
solutions based on a framework of trust.
Workspace ONE
End-User Devices |
With Workspace ONE, we can have a laptop ready with all
security policies in less than half a day. It can be shipped off to
an employee, who can start using it as early as the next day.
That capability will be even more valuable as we continue to
globalise our workforce and continue to refine a true out-of-
the-box service delivery model. As a security company, we take
endpoint security and compliance very seriously, and AirWatch
technology helps us keep our laptops healthy and compliant.”
Mark Zigadlo
Vice President of IT,
Cofense
For more information: bit.ly/2ShCT41
PRODUCT SOLUTIONS
ADVANCED PROTECTION
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 35
36. Adopting a Risk-Based Mindset
Dell Technologies works in partnership with leading
advisory firms to instil a risk-based mindset and
enable your organisation to take the right steps
towards securing your digital future.
Ensuring that business leaders and executives build a culture
and environment where people understand how to behave securely
and do the right thing is paramount to the success of our cybersecurity
solutions. Any solution, no matter how prescient, is only as good as
its execution.
We believe cybersecurity and compliance need support at board level
and are not to be outsourced solely to a technology team. They require
strategy and governance to get this right. Digital relationships with
customers, suppliers and others expose businesses to new areas of
risk that need to be managed.
We support senior management and boards to shape a strategic
response to risk as well as provide detailed technical expertise.
The following section outlines Dell Technologies' cyber solutions
on governance, risk and compliance.
Governance, Risk & Compliance
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 36
37. Cyber Incident
Risk Management
Improve maturity in defending against attacks,
detecting breaches and applying remediation, with
action aligned to organisational risk objectives.
Data Privacy
Risk Management
Infuse business context into compliance processes
and technology, with monitoring capabilities to
alert stakeholders to regulatory changes.
Third Party
Risk Management
Develop a strategy to pro-actively manage third-
party risk around loss events, opportunity cost and
potential impacts to achieving objectives.
Digital Business Resiliency
Risk Management
Integrate information governance into corporate
infrastructure and business processes so
compliance becomes routine.
The four key areas are detailed below:
ASSESSMENT SOLUTIONS
Governance, Risk & Compliance | RISK AND COMPLIANCE LEADERSHIP & CULTURE
Risk Framework
RSA’s Risk Framework is designed
to help organisations tackle some of
the most complex and fastest-moving
risks emerging from digital business
practices. This service encompasses
two offerings:
• In-depth assessments of your risk
business' management maturity
• A detailed roadmap for maturing
practices across the domains
outlines on the right.
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 37
38. Our Clients say...
We have all of the elements of the RSA Archer Suite.
The Governance, Risk and Compliance module has very
expansive capabilities and is critical in enabling us to drive
the risk culture ME bank needs. It gives us the ability to
push clear accountability into our front-line management
concerning the risks and controls that they own. We’ve
been able to significantly reduce the time it takes for them
to accurately report to the governance committees.”
Joe McDavitt
Risk Assurance Manager,
ME Bank
For more information: bit.ly/2QHvTkj
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 38
39. Governance, Risk & Compliance |
Integrated Risk Management
Once a business determines the level
of risk posed, a detailed roadmap
can be developed to drive increased
security maturity using the RSA Risk
Framework. RSA delivers a robust
Integrated Risk Management platform
to help implement security measures
and reduce enterprise risk for
our clients.
RSA’s Archer Suite, a leader in the 2018 Gartner
Magic Quadrant for integrated risk management,
empowers you to manage multiple dimensions
of risk on one configurable, integrated software
platform. With RSA Archer, a business can
implement risk management processes based on
industry standards and best practices.
This delivers improved levels of risk management
maturity, more informed decision-making and
enhanced business performance.
RSA Archer has six elements to provide an integrated approach:
RSA Archer Audit
Management
Transform your internal audit function
from reactive and compliance focused
to become a proactive and strategic
enabler of the business.
RSA Archer Enterprise
& Operational Risk
Management
Gain a clear, consolidated view of risk
across your business by aggregating
disparate risk information in one central
solution.
RSA Archer Regulatory
& Corporate Compliance
Management
Establish a sustainable, repeatable
and auditable regulatory compliance
program by consolidating information
from multiple regulatory bodies.
RSA Archer
Business Resiliency
Automate business continuity and
disaster recovery planning and
execution to protect your organisation
from crisis events.
RSA Archer IT & Security
Risk Management
Compile a complete picture of
technology and security-related risks
and understand their financial impact
to improve decision-making.
RSA Archer Third
Party Governance
Get an accurate picture of third-party
risk while managing and monitoring
the performance of third-party
relationships and engagements.
PRODUCT SOLUTIONS
RISK AND COMPLIANCE LEADERSHIP & CULTURE
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 39
40. Our Clients say...
RSA Archer has helped us evolve from an
organisation that was constantly chasing
data and information… Now we have a
source of record where employees can
more quickly access and consume data
and make decisions based on it.”
Reid Stephan
Director of IT Security,
St. Luke’s Health System
For more information: bit.ly/2EL1B97
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 40
41. Fraud Prevention
RSA Fraud & Risk Intelligence
Suite brings together fraud
protection, adaptive authentication,
web threat detection and fraud
intelligence services to protect your
business and consumers from online
and mobile fraud, phishing, account
takeover and data breaches.
This offering improves organisations’
fraud detection and prevention capabilities,
enhances their fraud intelligence, and
provides secure consumer access, 3D secure
authentication, behavioural analytics, and
mobile transaction protection.
Governance, Risk & Compliance |
We needed to change our way of doing online
banking. After talking to advisories to understand
how we should address our customers in the future,
we found that the best way to do that would be to
go with a reliable partner like RSA, that is well known
through the audit and security community. They have
partnered with us to help us, and enable us to do
better online banking."
Hakon Akerlund
IT Security Manager,
Landsbankinn
For more information: bit.ly/2Qv8fSO
PRODUCT SOLUTIONS
RISK AND COMPLIANCE LEADERSHIP & CULTURE
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 41
42. Governance, Risk & Compliance |
Identity & Access Management
RSA SecureID Suite goes beyond
traditional identity and access
management, using identity insights,
threat intelligence and business
context to provide secure access
to all users, across all applications,
from the ground to the cloud.
It brings together multi-factor authentication,
risk-based access management, identity
governance and user lifecycle management
in one powerful suite of solutions.
PRODUCT SOLUTIONS
It used to take over 600-hours for the team
just to execute one recertification campaign.
With the consolidation and automation from
the RSA Identity Governance & Lifecycle
deployment we’ve been able to slash this
time by 50%.”
Ritesh Mohan
Identity and Access Management,
Dell
For more information: bit.ly/2CqZyW7
RISK AND COMPLIANCE LEADERSHIP & CULTURE
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 42
43. Managed Detection & Response (MDR)
Accelerate security with an all-encompassing,
flexible solution.
The MDR solution provides businesses with advanced protection,
detection and response capabilities throughout your environment,
on-premise and cloud, from endpoints to servers and network devices.
The holistic solution, which features several key Secureworks services,
includes threat intelligence, security monitoring capabilities, server
monitoring, Intrusion Prevention System capabilities (IPS), Endpoint
Detection and Response, Cloud Security Monitoring, and Emergency
Incident management.
Outlined over the next two pages are four of the Secureworks
Managed Services solutions.
Cybersecurity Operations |
MANAGED SERVICE SOLUTIONS
ADVANCED PROTECTION
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 43
44. 1.
Advanced Threat
Services
Secureworks expert security Counter
Threat Unit™ (see section 5) use
advanced tools and techniques
to thoroughly dissect malware to
determine its functionality, purpose,
composition and source.
The intelligence from our CTU informs
our Managed Security, Incident
Response (IR), and Threat Intelligence
services to help you close the gap
between your defences and the latest
cyber threats. Findings from an IR
engagement, calls into our Security
Operations Centres (SOCs), and results
from endpoint scans are quickly applied
to security device signatures and policies,
attacker black lists, event correlation,
threat analysis and response procedures.
2.
Security Management
& Orchestration
Our Intrusion Prevention System
technology removes the burden of
device or signature management while
helping clients eliminate malicious
inbound and outbound traffic.
Provided on a 24x7 basis, this fully
managed solution helps enable
clients to comply with regulations
to protect against the latest threats
and vulnerabilities, and demonstrate
the effectiveness of security controls
through comprehensive reporting. As
a fully managed service, Secureworks
augments your existing security team,
eliminating the need to increase
in-house headcount.
Cybersecurity Operations |
Managed Detection & Response (MDR) continued
The cost of just maintaining our
previous intrusion detection and
prevention system was more
expensive than the overall cost
of Secureworks. We saved
$60,000 in the first year, and
we avoided having to hire
a full-time security expert.”
Kevin Pilgrim
Executive Vice President and Chief Information Officer,
Lone Star National Bank
For more information: bit.ly/2EEIbU9
ADVANCED PROTECTION
MANAGED SERVICE SOLUTIONS
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 44
45. Cybersecurity Operations |
3.
Vulnerability Management
Secureworks Vulnerability Management
performs internal and external scan audits
across network devices, servers, web
applications, databases, and other assets
in on-premise and cloud environments.
Perform scan audits across internal and
external environments, both on and off-
premises. Reduce recovery time and enrich
your approach by leveraging deep security
expertise from resources in our Security
Centre of Excellence (SCoE) serve as
extension of your security team.
4.
Security Monitoring
We provide you with real-time monitoring,
correlation and expert analysis of activity
occurring in your environment. Powered
by the CTU, we help unify and simplify
your security operations with a powerful
combination of artificial and human
intelligence.
Built upon billions of event data points, daily
monitoring across 4,400 clients worldwide,
and global threat visibility driven by the
CTU, this solution allows you to see more,
know more and respond faster. We staff
our SOCs with an elite team of researchers,
analysts, engineers and consultants,
who provide our clients with continuous
investigation of real threats.
MANAGED SERVICE SOLUTIONS
Managed Detection & Response (MDR) continued
350,000
400%
remediated up to 350,000 vulnerabilities monthly
improvement in remediation of urgent vulnerabilities
For more information: bit.ly/2GClIZt
ADVANCED PROTECTION
3: Implement Strategy & Secure Environment
Cybersecurity | 2019 | 45
46. Equipping our clients with leading cyber solutions and
a proven methodology to build operational resilience
in the event of an attack.
RESPOND
& RECOVER
Cybersecurity | 2019 | 46
4: Respond & Recover
OPERATIONAL RESILIENCE
Business Outcomes
47. Implementing precautionary measures to take
a proactive approach to security is the best way
to keep ahead of threats.
However, as the threat landscape is constantly changing and attacks
continue to grow more sophisticated, Dell Technologies recommends
our clients always have a response and recover strategy in place, so that
in the event an attack does occur, the business can function as normal.
Taking this approach will equip the business with worst case scenario
remediation plans to ensure the business can continue to operate as
normal. The following solutions outline Dell Technologies Response
& Recovery cybersecurity solutions.
Respond & Recover
4: Respond & Recover
Cybersecurity | 2019 | 47
48. Respond |
Fraud Prevention
The RSA NetWitness Platform,
a leader in Gartner’s 2018 Magic
Quadrant for Security Information
and Event Management, applies
the most advanced technology to
enable security teams to work more
efficiently and effectively.
It uses behavioral analysis, data science techniques
and threat intelligence to help analysts detect and
resolve both known and unknown attacks before
they disrupt your business.
The platform uses machine learning to automate
and orchestrate the entire incident response
lifecycle. This allows security teams to collapse
disparate security tools and the data they generate
into a single, powerful, and fast user interface.
PRODUCT SOLUTIONS
RSA NetWitness®
Platform
enables the experts in our
cyber defence centre to
understand the true nature,
scope and impact of an
incident and empowers
them to take immediate,
targeted action.”
K Lakshmi Narayanan
AVP and Head of Cybersecurity
Technology and Operations,
Infosys
For more information: bit.ly/2BAMrjr
Incident Response
Secureworks accredited
cyber incident response
team backed with proprietary
Secureworks Threat Intelligence
and purpose-built response
technologies helps you resolve
complex cyber incidents at scale.
Our services help you reduce response time
and incident impact by leveraging Secureworks
seasoned incident responders.
Using purpose-built response technologies enriched
with years of cyberattack and threat group data to
help you respond to and mitigate cyber incidents
efficiently and effectively.
MANAGED SERVICE SOLUTIONS
OPERATIONAL RESILIENCE
4: Respond & Recover
Cybersecurity | 2019 | 48
49. Recover – Dell EMC Cyber Recovery Solution |
Datacentres are a fundamental part of
business infrastructure. An attack on this
infrastructure can not only devastate a
business commercially but can have a
much wider impact on society as a whole
as it disrupts core services to customers.
This threat to society has meant that there
is an increased focus on protecting backup
systems and enhancing disaster recovery
capabilities so that in the event of an
attack, businesses can continue to
function as normal.
BUSINESS CHALLENGE
Whilst proactive solutions can help to protect businesses
from cyberattacks, insider threats still pose a huge risk to the
business and are much harder to detect and defend against.
Whether it is a rogue employee or an intruder has taken over
access of your systems, businesses must protect their ability
to recover in order to minimise disruption to the running of the
business and impact on customers.
THE SOLUTION
Dell EMC’s Cyber Recovery solution protects your business’
most critical data by leveraging an air gapped cyber
recovery vault and limiting access to authorised personnel
only. This sophisticated, secure backup solution ensures
critical data is physically and virtually separate from production
systems. The vault is only accessible to the network when it is
transferring data – it then disconnects leaving the vault
in true isolation.
PRODUCT SOLUTIONS
OPERATIONAL RESILIENCE
One of the most poignant
things I’ve heard a client say
about this solution is that:
“This solution is the
difference between business
continuance and business
existence. In the absence
of this capability we might
cease to exist after a
successful cyberattack.””
Todd Lieb
Cyber Recovery Lead,
Dell EMC
Operational Resilience in the Event of an Attack
4: Respond & Recover
Cybersecurity | 2019 | 49
50. This solution works best in
addition to disaster recovery
and backup systems.
Dell EMC recommends to
only backup 10-15% of your
most critical data in the
vault, updating once per day
and storing data for up to
30 days.
In the event of an attack,
this solution enables you
to recover data in its
last known true state to
be moved back into the
corporate network to enable
your business to operate
as normal.
Dell EMC Cyber Recovery Solution
PRODUCT SOLUTIONS
Recover | OPERATIONAL RESILIENCE
PRODUCTION
APPS
DISASTER
RECOVERY
/ BACK UP
MANAGEMENT PATH
Perimeter Defense - Authorised Users
NO MANAGEMENT PATH
CSO Cleared Personnel Only
CORPORATE NETWORK CYBER RECOVERY VAULT
• Management orchestration
• Backup application
• Analytics tools
• Recovery
PROTECTION STORAGE
COMPUTE FOR:
AIR
GAP
Network connected
once a day
Backup
10-15% of
most critical
data for up
for up to
30 days
1. Planning
Identify critical data
to host in vault
2. Isolation
Move critical data
into isolated vault 3. Analysis
Continually analyse vault
for unusual behaviour
4. Recovery
In the event of an attack,
data is recovered from
its last known true state
from the vault to the
corporate network
4: Respond & Recover
Cybersecurity | 2019 | 50
51. Assess business critical systems to
protect and create dependency maps
for associated applications and services,
as well as the infrastructure needed to
recover them.
The service generates recovery
requirements and design alternatives,
identifies the technologies to analyse, host
and protect data, along with providing a
business case and implementation timeline.
The centrepiece of the solution is the
cyber recovery vault, an isolated and
protected part of the datacentre.
The vault hosts critical data on Dell
EMC technology used for recovery
and security analytics.
The goal of the vault is to move data away
from the attack surface, so that in the event
of a malicious cyberattack, organisations
can quickly resort to a good, clean copy of
data to recover critical business systems.
Using vault protections around the isolated
data also protects it from insider attacks.
Dell EMC Cyber Recovery automates the
synchronisation of data between production
systems and the vault, and creates
immutable data copies.
Cyber Recovery’s automated workflow
includes the ability to create sandbox
copies that organisations can use for
security analytics. Analytics can
automatically be performed on a
scheduled basis.
CyberSense applies over 40 heuristics to
determine indicators of compromise and
alert the user.
Cyber Recovery stays ahead of the
bad actor by enabling tools such as
CyberSense which incorporate Artificial
Intelligence and Machine Learning
analytics methods to the vault.
Automate recovery workflows to
perform recovery and remediation after
an incident and bring business resiliency
to a higher level.
Cyber Recovery allows customers to
leverage dynamic restore / recovery
procedures using existing disaster
recovery procedures that bring business
critical systems back online.
Dell EMC and its ecosystem partners
provide a comprehensive methodology
for protecting data, as well as performing
damage assessments and forensics to
either recover your systems or remediate
and remove the offending malware.
This robust business resilience solution is made up of four components:
1. Planning 2. Isolation 3. Analysis 4. Recovery
Dell EMC Cyber Recovery Solution
PRODUCT SOLUTIONS
Recover | OPERATIONAL RESILIENCE
4: Respond & Recover
Cybersecurity | 2019 | 51
52. Financial institutions are among the most
targeted organisations for cyberattacks
and our responsibility is to ensure the highest
levels of security for our members and the
financial assets they entrust us with.
All it takes is for one successful intrusion or
ransomware attack to seriously disrupt any
business and if the bad guys are smart enough
to know where your backups are, you’re left
with no protection.
Dell EMC Cyber Recovery helps my team
isolate all of our critical data off-network,
giving us confidence in our business
resilience in the event of a worst-case
cyberattack scenario.”
Bob Bender
Chief Technology Officer,
Founders Federal Credit Union
For more information: bit.ly/2eYyAcn
The most effective plans for cyber threat
resilience must include provisions to
protect and isolate the data protection
infrastructure.
By design, data protection systems are
architected on the same networks as
production systems and are therefore
part of the potential attack surface.
Dell EMC offers a smart solution that
employs an air-gapped Cyber Recovery
Vault, along with automated software
that helps isolate, analyse and recover an
organisation’s critical data so business can
resume in the event of a cyber intrusion or
ransomware attack.”
Christophe Bertrand
Senior Analyst,
ESG
For more information: bit.ly/2IZEtnn
Our Clients say... Industry Analysts say...
4: Respond & Recover
Cybersecurity | 2019 | 52
53. Providing clients with leading edge advanced threat
intelligence that monitors the threat landscape in real time.
LEVERAGE
ADVANCED
INTELLIGENCE
REAL TIME VISIBILITY
OF EMERGING THREATS
Business Outcomes
5: Leverage Advanced Intelligence
Cybersecurity | 2019 | 53
54. Secureworks threat intelligence services provide
businesses with full visibility of the threat landscape.
Secureworks provides clients with context for trends
to monitor how threat actors behave, and where
a business may be most vulnerable for an attack.
Combining human and supervised machine learning intelligence
gives the Secureworks Counter Threat Unit (CTU) research team
unparalleled insight into the threat landscape, across technology
and business environments.
Leverage Advanced Threat Intelligence
5: Leverage Advanced Intelligence
Cybersecurity | 2019 | 54
55. Leverage Advanced Threat Intelligence
Detect More Threats
With visibility across thousands of signals in an
environment, businesses can be aware of when,
where and why hackers act.
The Network Effect
Your business is strengthened by
Secureworks visibility across an entire
client base. Gain insight into real-world
malicious tactics beyond what any
business could achieve on their own.
Secureworks operates as follows:
Respond Smarter
The Counter Threat Platform (CTP) leverages a supervised
machine learning component that continuously powers our
platform’s auto-resolve capabilities and rapid predictive
capability delivery.
Predict & Prevent Future Threat
Secureworks cuts through the noise of your security
environments to help predict and prevent certain
threats altogether.
55+
Countries
230k
Devices
Monitored
330
Vendor
Products
4,300+
Clients
850k
Endpoints Threat
Groups
135+
Detect More Threats
5: Leverage Advanced Intelligence
Cybersecurity | 2019 | 55
56. Threat Intelligence
Detect more threats, respond smarter,
and predict & prevent future threats
Threat actors are constantly developing new methods to penetrate
your environment. Threat intelligence can alert you to emerging global
threats that may affect your organisation’s operations, impact its financial
performance, expose customer data, and damage your organisation’s
brand and reputation.
The CTU research team provides our analysts, security consultants
and incident responders with deeper insight and enriched context into
attacker tactics, techniques and procedures.
The team focuses on maintaining and delivering the capabilities
that are shown on the following page.
5: Leverage Advanced Intelligence
Cybersecurity | 2019 | 56
57. Threat Intelligence |
Security Innovation and ‘Big Data’
Our team collects and analyses vast amounts of threat
data as a result of our global visibility across thousands of
client environments and other data sources.
We refine this data into intelligence applied across our
managed security operations, and actionable enterprise
defence strategies. This intelligence is tailored to the
requirements of the client to identify potential threats
and adversaries that represent a direct, credible risk.
Threat Intelligence Support
You will be provided with direct access to CTU
researchers for information regarding threats,
vulnerabilities and advisories.
When a request is submitted, a CTU researcher will
respond within one business day. Direct access to this team
enhances your internal security capabilities by providing
expert guidance and consultation as needed.
Our technology and security experts correlate and
analyse attack data from tens of thousands of monitored
security devices and critical information assets worldwide,
processing billions of events every day.
Attacker Database
Malware Analysis and Reverse Engineering
Secureworks has unmatched malware analysis and
reverse engineering expertise, powered by the CTU
research team.
Using advanced tools and techniques, our world-class
researchers thoroughly dissect malware to determine its
functionality, purpose, composition and source. Our experts
will advise you of the malware code’s potential impact to
your networks, systems and information assets, and make
recommendations for the malware’s removal.
Enterprise Brand Surveillance
Enterprise Brand Surveillance is specific to the
environments, organisations and executives of our
clients. Secureworks researchers and security
consultants are highly versed in the practices and
nuances of intelligence formulation.
From this visibility, as well as private sources, our Attacker
Database contains IP addresses and domain names of
servers hosting exploits and malware, botnet Command
and Control (C&C) servers and other known malicious
activity. XML feeds are updated daily, giving valuable
context to your security team.
Countermeasures
Secureworks leverages the intelligence provided by
our global visibility and expert research, and converts
it into countermeasures – creating a continuously
improving technology that adapts with the changing
security landscape.
When anomalous activity is detected, our CTU researchers
perform thorough analysis to discover new attack
techniques and threats. This process, which is unique to
Secureworks, enables our CTU research team to identify
real threats “in the wild” and develop countermeasures
that protect our clients before damage is done.
MANAGED SERVICE SOLUTIONS
REAL TIME VISIBILITY OF EMERGING THREATS
5: Leverage Advanced Intelligence
Cybersecurity | 2019 | 57
58. McLaren Case Study
For more information: bit.ly/2VBGGLI
Working in partnership, Secureworks apply
machine learning as well as human and artificial
intelligence to process 30 billion logs annually,
prioritising legitimate threats while cutting out the
noise that can hinder productivity and innovation.
Cybersecurity | 2019 | 58
5: Leverage Advanced Intelligence
60. Your Trusted Cybersecurity Partner
This section provides an overview of Dell Technologies' capability and brands, our partnerships and
alliances, and our commitment to sustainability.
Dell Technologies is a combination of seven technology leaders who collectively provide industry leading end-to-end security solutions. We help
ensure our customers keep pace with the digital economy and the threats that come with it. Servicing more than 98% of the Fortune 500,
we provide a robust end-to-end cybersecurity portfolio.
With continual investment in threat intelligence and a family of brands working across the entire technology landscape, Dell Technologies
acts as a trusted partner that can support you along the entire journey. A high level overview of our brands is described in the following pages.
6: Dell Technologies
Cybersecurity | 2019 | 60
61. Develop an organisational
understanding to manage
cybersecurity risk to systems,
people, assets, data, and
capabilities.
Develop and implement
appropriate safeguards to ensure
delivery of critical services.
Develop and implement appropriate
activities to identify the occurrence
of a cybersecurity event.
Develop and implement appropriate
activities to take action regarding a
detected cybersecurity incident.
Develop and implement
appropriate activities to maintain
resilience and to restore any
capabilities that were impaired
due to an incident.
Dell Technologies Security Transformation Aligns to the NIST Framework
Identify Protect Detect Respond Recover
Dell Technologies offer a robust cybersecurity portfolio aligned to the National Institute of Standards
and Technology Cybersecurity Framework.
With capabilities to enable our clients to prioritise and manage business risk, we design security into our infrastructure to improve
cybersecurity posture. We do this by providing security tools that help manage and mitigate risk, and ultimately help protect your
business against advanced adversaries.
6: Dell Technologies
Cybersecurity | 2019 | 61
62. Dell Technologies Overview
Dell EMC enables organisations to
modernise, automate and transform
their datacentre using industry-leading
converged infrastructure, servers,
storage and data protection technologies.
Businesses get a trusted foundation to
transform their IT and develop new and
better ways to work through hybrid cloud,
the creation of cloud-native applications
and big data solutions.
Secureworks enriches clients’ defenses
with intelligence from 270 billion cyber
events observed each day, developing
data-driven security solutions for your
organisation to detect and prevent
breaches and cyberattacks.
RSA offers business-driven security
solutions that uniquely link business
context with security incidents to help
organisations manage digital risk and
protect what matters most.
The following provides an overview of the Dell Technologies brands:
For more information,
visit DellEMC.com
For more information,
visit Secureworks.com
For more information,
visit RSA.com
6: Dell Technologies
Cybersecurity | 2019 | 62
63. Dell Technologies Overview
VMware software powers the world’s
complex digital infrastructure. The
company’s compute, cloud, mobility,
networking and security offerings
form a dynamic, consistent digital
foundation to deliver the apps that
power business innovation.
Pivotal transforms how companies
build and run software so they can
innovate at start-up speed by using
cutting-edge software development
methodologies, a modern cloud
platform, and analytics tools.
Virtustream provides cloud solutions
built for the enterprise that are designed
to run your most complex and critical
applications with performance, security,
and efficiency – whether private,
public or hybrid.
For more information,
visit Virtustream.com
For more information,
visit Dell.com
Dell gives today’s workforce what they
need to securely connect, produce,
and collaborate; anywhere at any time.
Award-winning desktops, laptops, 2-in-1s
and thin clients; powerful workstations
and rugged devices made for specialised
environments, as well as monitors,
docking and endpoint security solutions
and services, workers get exactly what
they need to work the way they want.
The following provides an overview of the Dell Technologies brands:
For more information,
visit Pivotal.io
For more information,
visit VMware.com
6: Dell Technologies
Cybersecurity | 2019 | 63
64. Partnerships
At Dell Technologies, we are continually developing our technology with cybersecurity at the heart of
our strategy. We do this by working with an extensive partner ecosystem to ensure we are constantly
innovating and ahead of the curve.
Our Partners
Successful security transformation is based on working in collaboration with a wider ecosystem. Dell Technologies has an award-winning partner
ecosystem and also works with other industry-leading providers to deliver end-to-end integrated solutions spanning infrastructure, applications,
security and protection to improve customer experience and insights.
We hold our partners to the same high social and environmental standards we set for ourselves. We are committed to driving transparency,
accountability and continuous improvement throughout our solution and delivery model.
6: Dell Technologies
Cybersecurity | 2019 | 64
65. Partnerships
Dell Technologies Capital (DTC)
Our Ventures practice invests in companies
developing innovative solutions relevant to
the Dell Technologies family of businesses.
DTC invest in early stage companies like Twistlock
and RedLock to provide deep domain expertise and
offer world-class go-to-market opportunities to our
portfolio companies.
LORCA
Dell Technologies is a proud sponsor of
the London Office for Rapid Cybersecurity
Advancement (LORCA). Backed by The
Department for Digital, Culture, Media &
Sport (DCMS) and delivered by Plexal,
Deloitte and the Centre for Secure
Information Technologies, LORCA is the
UK's dedicated space for cyber innovation.
Through bespoke cohort programmes and industry
forums, it brings together innovators, corporates,
investors, academics, and engineers to scale later-stage
cyber solutions that meet industry’s biggest challenges.
For more information: bit.ly/2LSdpI7 For more information: bit.ly/2qh2nSx For more information: bit.ly/2UVgmvy
RBS NatWest Accelerator
At the heart of NatWest’s Entrepreneur
Accelerator network is its comprehensive
programme of free mentoring, insight and
bespoke coaching, specifically designed to
meet the needs of entrepreneurs who want
to grow and scale their business.
Dell Technologies is proud to be part of an innovative
partnership with the UK’s largest fully funded business
accelerator which has supported nearly 10,000
entrepreneurs to start, scale and succeed since it
launched four years ago.
6: Dell Technologies
Cybersecurity | 2019 | 65
66. Sustainability
Every day, Dell Technologies is pairing technology
with innovation to make a positive social and
environmental impact – building a Legacy of Good.
Dell is committed to putting our technology and
expertise to work, where it can do the most good
for people and the planet, making possible today
what was impossible yesterday.
The Legacy of Good Plan provides the detailed blueprint for how
Dell Technologies will achieve sustainable growth, while delivering our
purpose and vision. It covers all aspects of our business, incorporates
all our brands and companies, and covers every country we work in.
It aims to create change across our value chain – from our operations,
to our sourcing and the way consumers use our products. And it is
designed to drive profitable growth and fuel innovation, in the right way,
so that all our stakeholders benefit.
Every team member at Dell shares this commitment because being
a good company is the right thing to do, but it is also right for our
business. Dell is creating real value for customers, employees, and
partners while driving social and environmental good in the community.
We are committed to giving back more than we take.
For more information: Dell.to/2QMJwyp
By 2020, the good
that will come from
our technology will be
10 times what it takes
to create and use it.
6: Dell Technologies
Cybersecurity | 2019 | 66
67. Contact Details
Dayne Turbitt
Senior Vice President UKI
Dayne.Turbitt@Dell.com
bit.ly/2xGgo0p
Margarete McGrath
Chief Digital Officer UKI
Margarete.Mcgrath@Dell.com
bit.ly/2NGJdUq
Chris Miller
RSA Sales Director
Chris.Miller2@RSA.com
bit.ly/2V9Tl82
Simon Godfrey
Secureworks Sales Director
SGodfrey@Secureworks.com
bit.ly/2V5J3pD
www.DellTechnologies.com
@DellTech
Cybersecurity | 2019 | 67
67
68. References
1
"Michael Dell 2018 - Security Transformation.", Dell Technologies World 2018, 2018, https://bit.ly/2R6zOqR
2
"How a Cyber Attack Could Cause the Next Financial Crisis", Paul Mee & Til Schuermann, 2018, https://bit.ly/2x7Ura8
3
"The Global Risks Report 2018", World Economic Forum, 2018, https://bit.ly/2EOF8EM
4
"2018 Data Breach Investigations Report", Verizon, 2018, https://vz.to/2EDSa7x
5
"2018 Cost of a Data Breach Study: Global Overview", Ponemon, 2018, https://bit.ly/2M7zZPB
6
"2018 Data Breach Investigations Report", Verizon, 2018, https://vz.to/2EDSa7x
7
"2017 Cyber Attacks Statistics", Hackmageddon, 2018, https://bit.ly/2p9F8Kd
8
"2018 15 Alarming Cybersecurity Stats And Facts In 2018", https://bit.ly/2AssY4K
9
"The 2017 State of Endpoint Security Risk Report", Ponemon, 2018, https://bit.ly/2M5luaM
10
"2017 Data Breach Investigations Report", Verizon, 2018, https://vz.to/2LKCODh
11
"2018 Is cybersecurity about more than protection?" EY Global Information Security Survey 2018–19, https://go.ey.com/2yePi0J
12
"Cloud adoption to accelerate IT modernization", Nagendra Bommadevara, Andrea Del Miglio, and Steve Jansen, 2018, https://mck.co/2FfS5aE
13
"Enabling Zero Trust Security Through Network Virtualisation And MicroSegmentation." Forrester, 2018, https://bit.ly/2R1UCzL
Cybersecurity | 2019 | 68
68