BlogResources

D3’s Cyber Security Blog

  • All
  • Automation and Orchestration
  • Banking and Finance
  • Breach of The Month
  • Compliance
  • Conferences
  • Digital Forensics
  • Events
  • Healthcare
  • Human Resources
  • Incident Response
  • News
  • Other Cyber Security
  • Physical Security
  • Solutions
  • Stories From The Front Lines
  • Technology General
  • Utility

Getting off the Ground with SOAR—SecurityWeek

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Something we often hear from prospective customers is that they don’t have any substantial incident response program in place and are apprehensive about jumping straight into implementing a comprehensive platform like D3. While this is undoubtedly a big […]

D3 Closes Fiscal Year 2018 with Record Growth

It has been a banner year for D3, with lots of new customers, new technology, new team members, and even a new office. In fact, we’ve essentially doubled in size in the past year, and are continuing to grow. Of course, this success can be traced to the evolution of our solutions, which have placed […]

Data Breach of the Month: Timehop

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry.   In […]

The Evolution of SOAR Platforms — SecurityWeek

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. D3 is part of an evolution in security operations platforms that is now commonly referred to as SOAR (security orchestration, automation, and response). Demand for SOAR is undeniably at an all-time high, as evidenced by the many recent […]

Threat Intelligence Use Cases

Threat intelligence is becoming an increasingly prominent element of security operations. In fact, Gartner predicts a 15x increase in the number of large enterprises using commercial threat intelligence by 2020. Threat intelligence comes in many forms, with numerous vendors and several distinct use cases. In this article, we’ll look at some of the use cases […]

Data Breach of the Month: PageUp

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In each […]

SOAR Like An Eagle: The Key to Fast and Full-Lifecycle Incident Response

Senior Principal Analyst and ESG Fellow, Jon Oltsik, recently reported on security orchestration, automation and response (SOAR) platforms in two articles for CSO Magazine. You can read them here and here. Notably, Jon found that platforms like D3 Security are driving SOAR’s evolution, by combining automation with extensive decision support and case management capabilities. Basically, […]

How Much Does a Data Breach Really Cost You?

“If you protect your paper clips and diamonds with equal vigor, you will soon have more paper clips and fewer diamonds.”– Dean Rusk, former US Secretary of State   Do you know how much your organization stands to lose if it were to suffer a data breach? Even the legendary Warren Buffet has recently admitted […]

How SOAR Makes a Security Analyst More Impactful

Security orchestration, automation, and response (SOAR) solutions are valuable for everyone on a security team, from people on the front lines to managers and executives tracking reports and metrics from a birds-eye view, or even compliance and legal personnel working outside the SOC. Of all the roles that SOAR supports, security analysts see the most […]

Infosec Europe 2018 Recap

Last week, D3 sponsored the InfoSecurity Europe trade show at the Olympia in London. “InfoSec” is Europe’s top cyber security trade show, with every imaginable product and service represented, including our award-winning Security Orchestration, Automation, and Incident Response platform, known as SOAR. It was great to see that many of the attendees and speakers—whether from […]

Why Modern Manufacturers Need Cybersecurity Incident Response

Despite the constant news about cyber threats and the growth in major breaches, many companies are overly focused on prevention, while overlooking incident response and handling practices. With today’s environment of an increasing attack surface, numerous security tools, overworked analysts, and a non- stop barrage of attacks, taking another look at existing policies and operating […]

Data Breach of the Month: Rail Europe North America

  Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In […]

Five Strategies for Extending Automation and Orchestration Beyond the SOC —SecurityWeek

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Automation and orchestration are top of mind for much of the security industry these days, and the past few years have seen great advances in how they can be applied to the rapid analysis and triage of security […]

D3 at Infosecurity Europe 2018

The D3 team is getting ready to fly to the UK for Infosecurity Europe 2018, taking place June 5-7 in London. It’s the largest information security event in Europe, so we’re excited to show off our latest innovations, connect with security professionals from around the world, and learn about how information security is being approached […]

Quick Guide to GDPR [Infographic]

After much speculation, analysis, and companies scrambling to update their privacy policies, GDPR finally became widely enforceable last week. Despite all the commotion, a lot of people still don’t know though the basic facts of GDPR: what it is, who it applies to, and what it requires for compliance. We’ve put together the following infographic […]

Why Companies Need to Centralize Security Operations: Part 2

In Part 1, we looked at the status quo of security systems as they are used in organizations, the reality that automation should be a baseline rather than a novelty in today’s security landscape, and we explored why centralization is essential. In Part 2 below, let’s look at how and why organizations need to think […]

Introducing Christian Reina, D3’s Director of Incident Response Practice

We couldn’t be more excited to welcome Christian Reina, CISSP, CISM, CRISC, CISA, PMP to the D3 team. Christian will serve as the Director of D3’s Incident Response Practice, a role to which he brings almost 20 years of experience in security operations, incident response, compliance and risk management. Christian most recently served as Information […]

Data Breach of the Month: Panera Bread

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In each […]

2018 GDPR Compliance Report

D3 Security is a sponsor of the newly released 2018 GDPR Compliance Report. The report was produced by Cybersecurity Insiders, and comprises results from a survey of more than 500 IT, cybersecurity, and compliance professionals about how their organizations are readying themselves for GDPR, which takes effect in a matter of weeks. We recommend that […]

Why Companies Need to Centralize Security Operations: Part 1

Enterprises need a centralized security solution: a system that connects the infrastructure to allow seamless bidirectional data flow between each system and the enterprise security control center. Despite digital applications permeating nearly every aspect of our lives, many enterprises’ daily processes are still largely manual, siloed, and rigid. As needs arise and new tools are […]

RSA 2018 Recap: Show Me the Orchestration (and the Metrics)

In the cybersecurity world, it’s hard to think of an event more important than each year’s RSA conference. No other event gives us the chance to engage with customers, prospects, partners and industry analysts, the way RSA does.  From our perspective as a vendor, it seems that each year has a bit of a theme. […]

Why Mass Transit Could Be the Next Big Target for Cyber Attacks — SecurityWeek

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Cyber attacks can cluster around certain industries for a period of time, once a particular method of attack has proven to be successful. Examples in recent years include ransomware in healthcare and user data breaches in tech. In […]

Where the World Talks Security – RSA 2018

It’s that time of year again! Our team is on its way to San Francisco to take part in the world’s leading cybersecurity event, the 2018 RSA Conference. D3 Security will be joining the ranks of those standing against cyber threats and we are eager to connect with like-minded industry professionals to discuss new approaches […]

Data Breach of the Month: City of Atlanta

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In each […]

Standardize HR Procedures to Eliminate Biased Investigations

The impact of an HR scandal can compound when it is not handled properly, creating additional reputational and financial damage to an organization. This is why HR case management is such an important asset for enterprise HR teams. Using D3’s HR platform, you can put your investigations “on-rails”, so that investigators are guided through each […]

Incident Response Platforms are Essential Tools for Meeting GDPR Reporting Timelines

With the dawn of the GDPR era just weeks away, impacted organizations around the world are scrambling to determine the tools they need to achieve compliance and dodge massive fines. As a developer of incident response solutions, we’ve been digging into GDPR to see how we can help. We’ve determined that incident response platforms (IRPs) […]

Winning Best Security Automation Platform Was Just the Beginning

While it might not be as glamorous as the Oscars, the cybersecurity industry has its own awards season, culminating in the red-carpet SC Awards during the RSA conference in April. So far in 2018, D3 Security has had a remarkable awards season, with our Incident Response Automation Platform earning the Gold Medal win for Security […]

Data Breach of the Month: Decatur County General Hospital

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In each […]

D3 Cyber Incident Response Product Guide

D3 has a truly unique cyber incident response offering, which makes it hard to classify—let alone do justice with a quick explanation. This is why we’ve written a comprehensive guide that takes you through the entire product journey. D3’s full-lifecycle capabilities are what sets it apart, so the product guide details the entire breadth of […]

What Are the Steps of Incident Response?

In our line of work, we find that IT and security professionals often forget that incident response (IR) is a process, and not a singular action. Not building and coordinating the steps of incident response correctly within your IR plan will render it useless, making serious incidents like ransomware and data breaches more crippling and […]

High Tensions Often Cause Incident Response to be Derailed — SecurityWeek

The latest article in the series written by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Stan’s three-part series covers the important incident response steps that many companies overlook. In this excerpt from the article, Stan describes the importance of understanding the baseline in your organization in order to better […]

D3 Security Launches Guided Case Management

One of the things that sets D3 apart is the deep case management functionality we provide as part of our full-lifecycle incident response solution. We are excited to announce that we have built on that strength with a totally reimagined Guided Case Management module, which will bring unprecedented levels of guidance to cybersecurity investigations. These […]

Data Breach of the Month: Oklahoma State University Center of Health Sciences

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In each […]

D3 Incident Response & Case Management Platform a Finalist for SC Trust Awards

We are thrilled to announce that our Digital Forensics Case Management System was named a finalist in the Best Computer Forensic Solution category for the SC Media 2018 Trust Awards. Our forensics solution is truly unique, as it is the only solution that brings sorely needed case management capabilities to digital forensics. This allows forensics […]

Strong Incident Response Starts with Careful Preparation- SecurityWeek

An article written by the Director of D3’s Cyber Security Practice, Stan Engelbrecht, is currently featured on SecurityWeek. Stan’s article is the first in a three-part series on often-overlooked steps in the incident response process. The following is a brief excerpt from the article. Head over to SecurityWeek to read the piece in its entirety. […]

Is Your HR Department Equipped to Enforce the Standards of the #MeToo Era?

Get the white paper here. The Wave of Change The reckoning began with the downfall of Harvey Weinstein, and rapidly spread throughout entertainment and government, toppling hugely prominent and powerful figures along the way. Now the conclusion is clear: the culture has shifted, and sexual harassment, abuse of power, and other types of workplace misconduct are […]

Incident Response: What to Automate (and Why)

Let’s get one thing straight: Security automation and orchestration are at the heart of D3’s Incident Management Platform. Our platform’s security automation features streamline the investigation and context-gathering aspects of response, and also provide automated actions, such as blocking IPs and closing ports. The time-savings are significant; according to Vahid Foroushani, our Chief Scientist and [...]

Data Breach of the Month: NiceHash

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In each […]

Avoiding Cyber Crime During the Holidays

We all can’t help but do more shopping than usual around the holidays, and cybercriminals know this. Especially with the popularity of online shopping, there are huge opportunities for unscrupulous scammers, hackers, and other crooks to take advantage of the high volume of transactions and urgency of shoppers toward the end of the year. To […]

Managing Financial Crime with D3

The Challenge: Dealing with crime is nothing new for financial institutions. The lucrative target they present has always inspired innovation and persistence among thieves, fraudsters, and other criminals, but the digital era is increasing the potential attack surface to a previously unthinkable degree. The old challenges still exist, but now with the ubiquitous use of […]

Data Breach of the Month: Imgur

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In each […]

Key Findings from Five Major Cybersecurity Reports

At D3, we are always evolving our products to meet the needs of our customers and stay on the forefront of cyber incident response technology. This requires us to always be informed on the latest industry research, in order to understand the present and future of incident response, and where our solutions fit in to […]

D3 Incident Response Platform Integrations: VirusTotal and DomainTools

Knowledge is power. The phrase is especially true in the context of an enterprise SOC, where limited information can lead to hours wasted investigating a meaningless alert, or worse, allowing a dangerous incident to slip by undetected. In the fast-paced world of cybersecurity incident response, how you get the information you need is paramount. There […]

Data Breach of the Month: Disqus User Data Exposed for Five Years

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In each […]

Trump’s Twitter Disabled: Protecting Against Insider Threats

For a few minutes on November 2nd, the most famous Twitter account in the world went offline. The account in question was of course @realdonaldtrump. Twitter was quick to attribute the incident to nonspecific “human error”, but soon after clarified that a rogue customer support employee deliberately disabled the account on his last day with […]

See Your Response Plan in Action with D3’s Visual Playbook Editor

There are immediate benefits to simply having visual representations of your response plans. Incident response is complex. It often requires involvement from several internal groups, and by its nature, tends to be needed most during crises or other chaotic situations. Having visual playbooks helps you to sidestep the “fog of war” effect, such that you [...]

Data Breach of the Month: North Korea Steals American and South Korean War Plans

Welcome to our first Data Breach of the Month post, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security industry. In each […]

Next-Generation Threat Management: White Paper and Webinar from D3 and the Chertoff Group

We recently produced two significant pieces of thought leadership in collaboration with the Chertoff Group, which are both now available. The pieces—a white paper and a webinar—focus on the future of the incident response industry, looking at how vendors can evolve their solutions to support the changing needs and goals of organizations. In broad terms, […]

New Report Details the Fight Against Ransomware

The 2017 Ransomware Report, a comprehensive study produced in partnership with D3 Security, was published on September 26. The report compiles survey answers collected by Crowd Research Partners from over 500 cybersecurity professionals to create a complete picture of ransomware in 2017, including how it is impacting organizations, and what they’re doing to combat it. […]

The Importance of Case Management for Digital Forensics

D3 fills a significant gap by bringing true case management functionality to the typical digital forensics process. Many forensics suites have features that they refer to as case management, but their capabilities can only be applied to singular pieces of evidence; there is no “end-to-end” tracking of an investigation. This forces investigators to document cases, [...]

Why D3 is the “Perfect” Incident Response Platform for Splunk Users

D3 is excited to support our partner Splunk as a Mega-level sponsor of .conf2017: The 8th Annual Splunk Conference.  The conference—running from September 25-28 in Washington, DC—consistently draws some of the most innovative folks in the security business, and it’s one of our favorite places to connect with our customers, make connections, and show off […]

Avoiding Rigidity in Incident Response Automation

The idea that many analysts and CISOs are concerned about automating and orchestrating security actions should come as no surprise. After all, human decision-making leverages years of relevant experience and training, plus it can pivot on a dime, bringing valuable agility to the SOC. But the fact is, human decision-making simply can’t keep up to […]

How to Get More Value from Your Junior Security Analysts

There’s nothing better for your incident response program than an experienced security analyst. But these days, you’re lucky if you have more than one or two on your team, and with such high demand for their skills, it might not be feasible budget-wise to hire as many as you’d like. So if an all-star team [...]

The Equifax Breach: How Companies Can Respond to Major Security Incidents

The Most Damaging Data Breach Ever? Equifax, one of the largest American credit reporting agencies, announced yesterday that a data breach had exposed the personal data of 143 million customers. While not the largest data breach ever in terms of the number of records—that ignominious honor still goes to Yahoo—it may be considered the most […]

Saving Valuable Time with Incident Response Automation

Being chronically understaffed means that SOC and IR teams are hit doubly hard by sudden increases in the volume and sophistication of security alerts.  Analysts on these teams must contend with dozens of systems and data sources, and largely manual investigative processes. This forces analysts to spend an inordinate amount of time information gathering, and [...]

Involving “Legal” in Incident Response: The Three Pillars

As cybersecurity has become one of the defining issues of our era, it has intertwined with legal concerns to the point that the two can no longer be completely separated. Where it was once possible for security and legal teams to have minimal interaction, current laws, regulations, and the growing severity of cyberattacks necessitate regular […]

The Importance of Full-Lifecycle IR to Support Automation

Automation and orchestration have quickly become an integral part of incident response (IR), and grabbed the industry’s attention in the process. That’s because SOC and IR teams have long needed a way to keep up with daily barrages of advanced threats and alerts. But the shine of the spotlight has attracted a number of vendors […]

5 Common Incident Response Problems that Automation and Orchestration can Help Solve

Most companies that are struggling with their incident response program fall into two categories: They don’t realize what their problems are, because they’ve always done things a certain way They know exactly what their problems are, but don’t have the resources to fix them Whichever category your company is in, you probably have many of [...]

Incident Response: What to Automate (and Why)

Let’s get one thing straight: Security automation and orchestration are at the heart of D3’s Incident Management Platform. Our platform’s security automation features streamline the investigation and context-gathering aspects of response, and also provide automated actions, such as blocking IPs and closing ports. The time-savings are significant; according to Vahid Foroushani, our Chief Scientist and [...]

Cybersecurity Incident Response Buyer’s Guide

Sometimes it seems like you need to be a CISSP just to understand the variety of incident response platforms (IRPs) on the market. Cybersecurity incident response is still a relatively young industry, and the solutions on offer comprise a wide range of different functionality and technology. Compounding this confusion is the fact that the terminology [...]

How to Avoid HIPAA’s Wall of Shame: Protecting Against Ransomware Attacks

The healthcare industry is a lucrative target for cybercriminals. Healthcare organizations are often laggards in adopting cybersecurity and data management best practices, a vulnerability that criminals have been quick to exploit. In the first half of 2017, 149 breaches have compromised nearly 2.7 million Protected Health Information (PHI) records from across the country. Out of [...]

Automated Incident Response: Bringing Automation and Orchestration Together

If you’ve spent time evaluating cyber incident response platforms (IRPs), you’ve undoubtedly felt the hype surrounding automation and orchestration. And rightfully so. When applied correctly, automation and orchestration can drastically reduce incident response times and eliminate manual tasks—big pluses to over-worked, under-staffed SOC teams. But the truth is that IRP vendors are increasingly using “automation [...]

4 Ways Your Incident Response Platform Can Help Reduce False Positives

False positives are to the security analyst what cats in trees are to the fire brigade: wasted time and a distraction from the real emergencies. So imagine if a firefighter had to deal with tens of thousands of cats in trees, the way an analyst does with false positives! There would be a lot of [...]

Why Are Ransomware Attacks So Successful?

Ransomware helped cyber criminals pad their Bitcoin wallets with $1B in 2016, according to the FBI.  The threat has continued unabated in 2017, with major attacks dominating the headlines and driving profits in excess of $5B. Compared to 2015 when “only” $325M was generated, ransomware has quickly metastasized into one of the world’s major cybersecurity [...]

Delivering (and Measuring) Incident Response ROI

Let’s be honest: every vendor talks about how their incident response platform (IRP) can save you time, lower your costs, and reduce security risks. And they’re probably right; IRPs are valuable tools for almost any organization. However, there are several distinct approaches to designing an IRP, which means that ROI can differ significantly between platforms. [...]

Work Smarter, Not Harder: 5 Steps to Streamlined Incident Response

It’s a common problem in any workplace: you get so caught up dealing with a constant stream of tasks that you never have the chance to evaluate how you’re going about them. This can go on for months or even years before someone takes a step back and realizes that implementing selected process improvements could […]

How Vulnerable are Modern Cars to Hacking?

The most recent film in the Fast & Furious franchise contained a memorable set piece in which a hacker remotely takes control of hundreds of cars, sending them racing through the crowded streets of Manhattan, dropping out of multi-story parking garages, and colliding in massive pileups. This might be just an over-the-top action movie fantasy, [...]

Why an IT Ticketing System Won’t Work for Incident Response

Cybersecurity incident response is a relatively young corporate function. So it’s no surprise that companies are trying to leverage tools they already have to manage incidents and assign tasks. For many organizations, this means trying to configure an incident management workflow into their IT ticketing or IT service management (ITSM) product. Not surprisingly, ITSM vendors [...]

EU GDPR Data Breach Requirements: What You Need to Know to Avoid a 20M EUR Fine

On May 25, 2018, the General Data Protection Regulation (GDPR) will go into effect across the EU. The purpose of this regulation is to harmonize Europe’s regulatory environment by creating a ‘one-stop shop’ for data protection. The GDPR applies to European companies in all sectors, but also any business that processes or collects the personal [...]

5 Critical Steps for Your Cybersecurity Incident Response Plan

While cybersecurity teams are generally overwhelmed these days, the moments after a major incident can be especially hectic. That’s why it’s critical to have an incident response plan in place, including workflows that are tailored to common threats like malware, DDoS, and many others. A good plan will establish roles, collaboration and communication procedures, as […]

Incident Response Platforms: 10 Features to Look For

Incident response platforms (IRPs) are powerful software solutions with wide-ranging feature sets. Many features are common across platforms, but each vendor has a unique approach to incident response, and the features they include or omit from their solution will reflect that perspective. At D3, we’ve been honing our approach to incident response for the past [...]

Clery Act Compliance: How to Establish and Build Upon Clery Compliance

Since its introduction in 1990 following the brutal murder of Jeanne Clery, a freshman at Lehigh University in Pennsylvania, the Clery Act has posed reporting and compliance challenges to higher education institutions. Some of the common challenges include establishing the baseline reporting, and understanding what sites actually qualify as “on-campus”. To help address these challenges, [...]

Risks Affecting Point of Sale Terminals

We recently published a briefing on the subject of securing ATM networks that includes a lot of information that will be valuable to banks, payment card companies, retailers, and any other organizations whose business involves ATMs. You can check out that document here. As a companion piece to the ATM security briefing, we wanted to [...]

Cyber SAR Requirements – What They Are And How We Can Help

In October, 2016, the Financial Crimes Enforcement Network (FinCEN) published an advisory regarding financial institutions’ obligations related to cyber crime. The key takeaway from the advisory is that suspicious activity reports (SARs) should be filed for cyber events, even when they do not result in a financial transaction. The advisory is not intended to establish [...]

Hacking Hollywood: Cyber Security Threats in the Entertainment Industry

The reach and profile of entertainment companies make them an attractive target for a diverse group of adversaries, each with their own motivations and methods. Insiders, content pirates, hacktivists, and state-sponsored attackers—all of these threats pose a tangible risk to the financial, legal and reputational standing of entertainment companies.  In Hollywood, even the comparatively benign [...]

How a Centralized Incident Management Platform can Help Utilities Manage NERC CIP Requirements

The Critical Infrastructure Protection (CIP) program administered by the North American Electric Reliability Corporation (NERC) holds Utilities to a broad set of security standards in order to minimize risk to the power grid across North America. NERC CIP standards are comprehensive—encompassing cyber and physical risk management, incident response, and reporting, among other elements—yet they can [...]

The True Cost of a Breach- Infographic

We all know that security breaches can cost companies millions in regulatory fines and lost business. Plus, investigation and remediation costs can run into the millions of dollars, especially for attacks perpetrated by well organized adversaries. In other words, the cumulative cost of a breach becomes its true cost. To illustrate the full cost of [...]

INCIDENT RESPONSE TRENDS IN 2017

Analysts and security professionals agree that 2016 brought cyber security unprecedented levels of attention, with vivid examples of cyber attacks in the news, and a seemingly constant string of hacks, ransomware, and other malicious incidents. The ubiquity of cyber incidents has led to a major shift in how organizations approach incident response (IR). No longer [...]

Stories From The Front Lines: The Silo Effect vs. The Single Source of Truth

Preface: This is the last installment of our three-part blog series called “Stories from the Front Lines”.  This installment is slightly different, in that it features three different archetypical characters from different departments.  Each of the problems they face is different, but keep reading to get to the part about a common solution. Story: Kevin, a security […]

How to Comply With 23 NYCRR 500: 5 Ways Our Cyber Incident Managment Platform Can Help

In February of 2017, the New York State Department of Financial Services (NY DFS) released the updated version of their Cybersecurity Requirements for Financial Services Companies (23 NYCRR 500). The new legislation, which takes effect on March 1, reflects a growing concern in the NY DFS regarding the impact of cyber attacks on the operations [...]

How Root Cause Analysis Can Help Your Hospital Avoid the Largest HIPAA Fines

The Health Insurance Portability and Accountability Act or HIPAA provides data privacy and security provisions for safeguarding medical information. HIPAA regulations are enforced by the Department of Health and Human Service’s Office for Civil Rights (OCR). This office carries out its mandate by investigating complaints filed with it as well as conducting compliance reviews to [...]

5 Incident Response Takeaways from the Yahoo Breach Fallout

The ongoing fallout from the 2014 data breach at Yahoo has personally cost CEO Marissa Mayer upwards of $14 million. On March 1, Mayer announced on her blog that she had agreed to forego her annual bonus and equity grant, due to the breach happening on her watch as CEO. The bonus is worth $2 [...]

Stories From The Front Lines: Digital Forensics Case Management Systems

Preface: This is the second installment of a 3-part blog series called “Stories from the Front Lines”.  Each installment will feature a different security industry persona-archetype, inspired by real D3’s projects and interactions with customers.  Each will illustrate a common problem, and discuss an effective solution with the appropriate software tools. The Challenge Ankit is the [...]

Incident Response In the Energy Industry

In November 2015, Tripwire and Dimensional Research commissioned a study assessing the cybersecurity challenges faced by organizations in the energy sector. Respondents included over 150 IT professionals from the energy, oil & gas and utilities industries. In addition to this study, Tripwire surveyed 200 security professionals at the 2016 RSA conference asking them the following question: [...]

Cyber Security for the Manufacturing Industry

According to the 2016 Cyber Security Intelligence Index performed by IBM's X Force Research, manufacturing has moved up in the ranks to become the third most hacked industry second only to health care and information and communications. Businesses of these types include those that produce textiles, pharmaceuticals, electronics and automobiles (which is the most highly [...]

Stories From The Front Lines: Incidents, Root Cause Analysis & Building a Business Case

Preface: This is the first installment of a 3-part blog series called “Stories from the Front Lines”.  Each installment will feature a different user story, inspired by real D3’s projects and interactions with customers.  Each will illustrate a common problem, and explore an effective solution with the appropriate software-tools. The Story Meet Ashley, a senior [...]

Are Your Emails Safe From Prying Eyes?

The much-publicised Democratic National Committee (DNC) email hack that resulted in nearly 20,000 confidential email messages leaked to WikiLeaks takes place amid a highly politized post-election environment. The US government has been quick to point fingers and label the attack a state-sponsored cyber-attack orchestrated by the Russian government, however, culpability and politics are not the [...]

The Top 5 Features of D3 Security’s Avigilon Control Center Integration

The D3 team is proud to announce that the D3 ONE enterprise security platform has been successfully integrated with Avigilon's Control Center video management system. It's an exciting integration that saw Avigilon and D3 work together to produce functionality that is seamless, easy-to-use and technologically advanced. Most importantly, it’s a solution for a very real [...]

D3 Guard Tour: A Security Officer’s Best Friend

Imagine You're a Casino Security Manager One of your officers has spotted an agitated man near the high-limit table games.  The officer approaches, knowing that in order to make the right decision, he must figure out. Is he banned from the property or involved in previous incidents? Is he self-excluded from the state’s gaming establishments? [...]

[Webinar] Go Beyond Incident Response: The Benefits of a Complete Incident Management Platform

February 8, 2017 @ 3:00PM- 4:00PM EST  Enterprises face significant financial, reputational, intellectual property, and legal risks from data breaches, with all types of enterprises falling victim – from government agencies like Office of Personnel Management (OPM) and the Internal Revenue Service (IRS), to high-tech companies like LinkedIn and Snapchat, to Fortune 50 companies like […]

RSA Conference 2017

San Francisco, California Feb 13-17, 2017 Collectively RSA’s conferences draw over 45,000 attendees per year, making them the world’s largest provider of security events. However, the real value of RSA Conference lies not in the size, but in the valuable content that is provided and the commitment to finding new industry voices and new ways […]

Using IR Automation to Overcome the IT Skills Gap and Related Cybersecurity Workforce Shortages

“Cyber threats have evolved from targeting and harming computers, networks, and smartphones — to people, cars, railways, planes, power grids and anything with a heartbeat or an electronic pulse.” Steve Morgan, Hackerpocalypse: A Cybercrime Revelation Nearly half of all cyberattacks strike small and mid-sized businesses, and today’s enterprise IT databases and infrastructures face more complex, [...]

7 reasons why all enterprises need a NIST-compliant Cybersecurity IRP

As cyber attacks inflict increasing damage on organizations of all kinds across every sector of the economy, it has become critical for cybersecurity programs to evolve. Gone are the days of rudimentary intrusion detection systems and retroactive damage control following a security breach. To be truly effective in the 21st century, cybersecurity systems must be [...]

Cyber Resilience and Effective Incident Response: Why Your IT Ticketing System Doesn’t Cut It

In order to weather an attack in today’s ever-evolving cyber security climate, an organization must develop comprehensive cyber resilience. Cyber resilience involves the leveraging of detection, incident response (IR), and prevention methodologies that contribute to the overall flexibility and ultimate survival of an organization during and after an incident or disaster. Cybersecurity incidents require a [...]

The Value of Unifying SIEM data with your Incident Response Platform

Today’s security information and event management systems (SIEM) operate with a more extensive knowledge base than their predecessors, and they are more useful in detecting and logging data than ever before—but they are never more powerful than when they are paired with a unified incident response (IR) platform. According to industry expert and former Gartner [...]

Design an IRP That Exceeds NIST Standards

Whether you have already developed an incident response plan (IRP) or you’re just getting started, you can benefit from the best-practices and approaches outlined in the National Institute of Standards and Technology (NIST) Computer Security Incident Handling Guide. NIST has developed a comprehensive roadmap designed to help organizations build an IRP that will offer consistent, [...]

Five traits of highly effective CERT teams

Managing cyber security risks and threats effectively is about more than just having the right systems, plans, and protocols in place. It’s also about the people behind the operation who must manage these systems and make split-second decisions that could determine how quickly an incident can be contained and how much damage is caused. Cyber [...]

Improve your Incident Response Plan Through Automation

Cybersecurity is a tough, dynamic line of work. On any given day, you could be dealing with a phishing attack, insider breach, and previously unseen technology being used to launch an attack against your company. As cyberattacks become increasingly sophisticated, you must be prepared to invest time and resources to successfully defend against every potential [...]

Splunk> .conf 2016

Orlando, Florida Sept 26-29, 2016 A whole new world of opportunity exists in your data. Whether you want to improve IT performance, gain real-time business insights, understand user behavior, or reach new levels of security in your organization, .conf2016 has everything you need to help you achieve your goals. Join us in Orlando to catch […]

HPE Protect 2016

Gaylord National Resort and Convention Center National Harbor, MD September 13-16, 2016 Join D3 Cyber and over 2,000 security professionals to learn how to best focus on your business-critical digital assets and the interactions between them, to implement a more proactive and effective pan-enterprise approach to security and risk management that balances regulatory requirements, threats, […]

Is an Ounce of Protection Really Worth a Pound of Cure? Why you Need an Up-to-Date IRP

A cybersecurity incident response plan (IRP) is your organization’s best protection against the pervasive threat of a breach or attack. An IRP provides a roadmap for how your organization can secure and monitor its assets, engage in proactive planning and threat mitigation, and response during and after a cybersecurity incident. The National Institute of Standards [...]

Using the Past to Improve the Future – How IT Forensics Can Help Your IR Team

The field of IT forensics is built on performing highly structured, specialized investigations to find out exactly what happened during a cybersecurity incident and what was the root cause. Forensic investigators typically work alongside with cybersecurity incident response teams to get to the bottom of an incident after it has occurred; they use special protocols [...]

Tips to Help You Effectively Manage Your Cybersecurity Incident Response Team

A cybersecurity incident response team is the first and most important line of defense in preventing breaches and mitigating damage. Cybersecurity team members are highly trained professionals who thrive in a dynamic, ever-changing environment. One day, they’re making split-second decisions to protect an asset during a cyberattack, and the next, they’re poring over data intelligence [...]

Standardizing Your Incident Response

A cyber threat infiltrates your organization and a breach occurs. You and your team go into reactive fire-fighting mode. You isolate the threat and put it down. Crisis averted right? Well what if the attack was an APT (Advanced Persistent Threat)? Just because you pulled the thread and took care of one specific threat how [...]

Protecting Your Critical Infrastructure

The Patriot Act was passed in 2001 in response to terrorist attacks on American soil. However, we don’t usually think about how it helped define cybersecurity and how it continues to inform the framework for defining critical infrastructures and how we protect them in the US. With a growing number of connected devices, systems, as [...]

Critical Controls in Action

The story of the tortoise and the hare is relevant in building any cybersecurity program. When faced with the challenges that doing business online in our highly connected world presents, it may quickly seem like an arms race when it comes to cybersecurity. A race where every day there is a new way to conduct [...]

Dealing with an Insider Threat

Bob just killed the company, or did he? For many of us we spend more time with our co-workers then we do with our immediate families. Because of all this we don’t want to think that inside the pursuit of common goals, comradery, extended family and our team that there could be a bad egg [...]

Mall Security: Industry- Approved Tour & Incident Management System

D3 is widely used by shopping centers, retail malls and property management companies. Our strong client relationships in this sector have allowed D3 to enlist mall security teams to help us develop, and test, a purpose-built D3 feature set for this industry. The result is D3 ONE a fully integrated incident management, tour management, dispatching and [...]

Incident Response Software: 5 Things to Know

It doesn’t take a security professional to know that even the most infinitesimal incident can trigger much greater consequences. Because whether security, safety or compliance; even the smallest incidents can bring large and complex companies to their reckoning – by themselves or by contributing to “Death by a thousand cuts”. Clearly, the maxim “What you [...]

Hospital Cyber Security: Risk Reduction in 5 Easy Steps

Securing private health information and responding to security breaches have presented incredible challenges to hospitals whose healthcare records yield 10 to 20 times more value on the black market than credit card information. Moreover, the proliferation of BYOD, social media and phishing scams, mergers and acquisitions, rapid digitization of healthcare records—and ever-present human error—help feed a [...]

Incident Management Software Drive Cost Reductions at Utilities

With the unique ability to categorize different energy diversion types and perform theft analytics, D3 Security's Incident Reporting and Case Management products give utilities and their security teams an incisive view at the root cause of energy diversion losses. Theft Analytics Drive Energy Diversion Reduction for Utilities Reducing the impact of energy diversion is a major [...]

5 Benefits of Incident Response Software for Utility Companies

At D3 we help power and water authorities, utility regulators and mega-size utility corporations achieve new levels of security, investigation and employee safety. Most of the work is directed by our Energy & Utility Practice Group, an internal team dedicated to ensuring the success of D3’s utility customers. We asked team leaders to share the [...]

Clery Act Incident Reporting Software and Compliance

Compliance with the Clery Act has posed many challenges for higher education institutions, which is why D3's Clery Act Reporting and Compliance experience is an asset to all higher education organizations. This vital requirement is often performed incorrectly, with deficiencies only being revealed after an audit. At that point, significant fines and negative publicity are [...]

Incident Response Software and Guard Tour for Hospitals

Many leading healthcare organizations around the world have integrated D3's security management suite. The result has been higher quality, enhanced efficiency and applications that integrate seamlessly with existing policies and procedures. When it comes to security, healthcare organizations are unique in that they require applications built on pre-configured best practices in the industry, and yet the applications [...]

D3 Forensics Case Management System: CEIC’s Top 5 Features

D3 Security’s Forensics Case Management system garnered a lot of attention from CISOs, corporate investigators and eDiscovery specialists at the world’s largest data security and digital investigations conference, CEIC. They were impressed with how the workflows, automation features and logic built into the system managed custodians, data sources, tasks and evidence so efficiently and in accordance with the [...]

RFID Guard Tour System Now Available

Equipped with D3 Mobile, security officers can scan RFID badges at checkpoints, in turn tracking their tours, capturing high-quality security data and providing accurate performance and accountability measures to managers. Like barcode scanning, which is also available for the Guard Tour system, RFID badges can be configured to prompt security officers into extra actions, such [...]

The Top 3 Security Management Trends at ASIS 2014

Held at the sprawling Georgia World Congress Center in Atlanta, this year’s ASIS International Seminar & Exhibits was a big one for D3: from a 600 sq ft booth we churned out demo after demo of the D3 ONE Enterprise Security Platform—and its fully integrated Incident Reporting, Case Management, I.T. Forensics, Cybersecurity, Dispatch, Guard Tour [...]

Clery Act Compliance: Accountability for Colleges and Universities

The Clery Act was introduced in 1990 to enforce the disclosure of campus security policy and crime data of all universities and colleges in the U.S. after a serious incident occurred resulting in the death of 19-year-old Jeanne Clery. The U.S. Department of Education laid out four main requirements: each institution must provide an annual security [...]

D3 Users’ Conference 2014: Looking Back & Moving Forward

Only a few months ago, we announced our first annual D3 Users’ Conference—and on an action-packed May 20, 2014 in Chicago, D3 customers representing virtually every major industry mixed and mingled, shared best practices, and took part in product introductions, educational workshops and an outstanding keynote presentation courtesy of University of Pittsburgh Medical Center's Director [...]

D3 Security’s Lenel Integration Combines Access Control, Incident Reporting and Dispatch Software

D3 Security is proud to announce the integration of the D3 ONE Enterprise Security Platform with Lenel’s OnGuard access control system and D3 Security's inclusion in the OpenAccess Alliance Partnership. The integration represents a significant opportunity for Lenel and D3 Security customers to simultaneously increase automation and oversight; determine the root cause of access control events and [...]