DFS Ransomware Guidance for New York Financial Companies-post_thumbnail

DFS Ransomware Guidance for New York Financial Companies

  • Compliance
by Walker Banerd - August 25, 2021

New York’s Department of Financial Services (DFS) recently published a letter with their guidance on how regulated entities should work to prevent and mitigate ransomware attacks. The letter includes nine controls that regulated entities are expected to implement. The letter is important for both re...

Read More
Cyber Incident Response and Beyond: 6 Ways D3 Helps You Manage the Full Scope of an Incident-post_thumbnail

Cyber Incident Response and Beyond: 6 Ways D3 Helps You Manage the Full Scope of an Incident

  • Compliance ,
  • Forensics
  • Human Resources
  • Incident Response
  • SOAR
by Walker Banerd - September 21, 2020

Many SOAR platforms do a good job automating actions through playbooks that cover the basic security tasks needed to remediate simple threats. However, D3 has been in the incident response game since long before the acronym SOAR was even coined, and we have learned in our years of working with many ...

Read More
OSFI Incident Reporting Requirements: What You Need to Know-post_thumbnail

OSFI Incident Reporting Requirements: What You Need to Know

  • Compliance ,
  • Data Breach
  • Incident Response
by Walker Banerd - March 19, 2019

The Office of the Superintendent of Financial Institutions, a Canadian banking regulator, recently published an advisory regarding cyber security incident reporting, specifically, the imminent implementation of new rules around how and when technology and cyber security incidents must be reported. T...

Read More
How Much Does a Data Breach Really Cost You?-post_thumbnail

How Much Does a Data Breach Really Cost You?

  • Compliance ,
  • Data Breach
  • Incident Response
  • Industry
  • SOAR
by Alex MacLachlan - June 25, 2018

“If you protect your paper clips and diamonds with equal vigor, you will soon have more paper clips and fewer diamonds.” – Dean Rusk, former US Secretary of State   Do you know how much your organization stands to lose if it were to suffer a data breach? Even the legendary Warren Buffet h...

Read More
D3 at Infosecurity Europe 2018-post_thumbnail

D3 at Infosecurity Europe 2018

  • Compliance ,
  • Data Breach
  • Incident Response
  • SOAR
by Alex MacLachlan - May 31, 2018

The D3 team is getting ready to fly to the UK for Infosecurity Europe 2018, taking place June 5-7 in London. It’s the largest information security event in Europe, so we’re excited to show off our latest innovations, connect with security professionals from around the world, and learn about how info...

Read More
Quick Guide to GDPR [Infographic]-post_thumbnail

Quick Guide to GDPR [Infographic]

  • Compliance ,
  • Data Breach
by Walker Banerd - May 28, 2018

After much speculation, analysis, and companies scrambling to update their privacy policies, GDPR finally became widely enforceable last week. Despite all the commotion, a lot of people still don’t know though the basic facts of GDPR: what it is, who it applies to, and what it requires for complianc...

Read More
Why Companies Need to Centralize Security Operations: Part 2-post_thumbnail

Why Companies Need to Centralize Security Operations: Part 2

  • Compliance ,
  • Data Breach
  • Forensics
  • Incident Response
  • Industry
  • SOAR
by Walker Banerd - May 10, 2018

In Part 1, we looked at the status quo of security systems as they are used in organizations, the reality that automation should be a baseline rather than a novelty in today’s security landscape, and we explored why centralization is essential. In Part 2 below, let’s look at how and why organization...

Read More
2018 GDPR Compliance Report-post_thumbnail

2018 GDPR Compliance Report

  • Compliance ,
  • Data Breach
  • Incident Response
by Alex MacLachlan - May 3, 2018

D3 Security is a sponsor of the newly released 2018 GDPR Compliance Report. The report was produced by Cybersecurity Insiders, and comprises results from a survey of more than 500 IT, cybersecurity, and compliance professionals about how their organizations are readying themselves for GDPR, which ta...

Read More
Why Companies Need to Centralize Security Operations: Part 1-post_thumbnail

Why Companies Need to Centralize Security Operations: Part 1

  • Compliance ,
  • Data Breach
  • Incident Response
  • Industry
  • SOAR
by Walker Banerd - May 2, 2018

Enterprises need a centralized security solution: a system that connects the infrastructure to allow seamless bidirectional data flow between each system and the enterprise security control center. Despite digital applications permeating nearly every aspect of our lives, many enterprises’ daily proc...

Read More
Where the World Talks Security – RSA 2018-post_thumbnail

Where the World Talks Security – RSA 2018

  • Compliance ,
  • Events
  • News
  • SOAR
by Alex MacLachlan - April 16, 2018

It’s that time of year again! Our team is on its way to San Francisco to take part in the world’s leading cybersecurity event, the 2018 RSA Conference. D3 Security will be joining the ranks of those standing against cyber threats and we are eager to connect with like-minded industry professionals to...

Read More
Standardize HR Procedures to Eliminate Biased Investigations-post_thumbnail

Standardize HR Procedures to Eliminate Biased Investigations

  • Compliance ,
  • Human Resources
by Walker Banerd - March 29, 2018

The impact of an HR scandal can compound when it is not handled properly, creating additional reputational and financial damage to an organization. This is why HR case management is such an important asset for enterprise HR teams. Using D3’s HR platform, you can put your investigations “on-rails”, s...

Read More
How IR Platforms Can Help You Meet GDPR Reporting Timelines-post_thumbnail

How IR Platforms Can Help You Meet GDPR Reporting Timelines

  • Compliance ,
  • Data Breach
  • Incident Response
by Walker Banerd - March 20, 2018

With the dawn of the GDPR era just weeks away, impacted organizations around the world are scrambling to determine the tools they need to achieve compliance and dodge massive fines. As a developer of incident response solutions, we’ve been digging into GDPR to see how we can help. We’ve determined t...

Read More
Key Findings from Five Major Cybersecurity Reports-post_thumbnail

Key Findings from Five Major Cybersecurity Reports

  • Compliance ,
  • Data Breach
  • Incident Response
  • Industry
  • SOAR
by Walker Banerd - November 29, 2017

At D3, we are always evolving our products to meet the needs of our customers and stay on the forefront of cyber incident response technology. This requires us to always be informed on the latest industry research, in order to understand the present and future of incident response, and where our sol...

Read More
Involving “Legal” in Incident Response: The Three Pillars-post_thumbnail

Involving “Legal” in Incident Response: The Three Pillars

  • Compliance ,
  • Data Breach
  • Forensics
  • Incident Response
by Walker Banerd - August 30, 2017

As cybersecurity has become one of the defining issues of our era, it has intertwined with legal concerns to the point that the two can no longer be completely separated. Where it was once possible for security and legal teams to have minimal interaction, current laws, regulations, and the growing s...

Read More
How to Avoid HIPAA’s Wall of Shame: Protecting Against Ransomware-post_thumbnail

How to Avoid HIPAA’s Wall of Shame: Protecting Against Ransomware

  • Compliance ,
  • Data Breach
  • Incident Response
  • Industry
by Alex MacLachlan - July 13, 2017

The healthcare industry is a lucrative target for cybercriminals. Healthcare organizations are often laggards in adopting cybersecurity and data management best practices, a vulnerability that criminals have been quick to exploit. In the first half of 2017, 149 breaches have compromised nearly 2.7 m...

Read More
EU GDPR Data Breach Requirements: What You Need to Know-post_thumbnail

EU GDPR Data Breach Requirements: What You Need to Know

  • Compliance ,
  • Data Breach
  • Industry
by Stan Engelbrecht - May 19, 2017

On May 25, 2018, the General Data Protection Regulation (GDPR) will go into effect across the EU. The purpose of this regulation is to harmonize Europe’s regulatory environment by creating a ‘one-stop shop’ for data protection. The GDPR applies to European companies in all sectors, but also any busi...

Read More
Cyber SAR Requirements – What They Are And How We Can Help-post_thumbnail

Cyber SAR Requirements – What They Are And How We Can Help

  • Compliance ,
  • Incident Response
by Walker Banerd - April 13, 2017

In October, 2016, the Financial Crimes Enforcement Network (FinCEN) published an advisory regarding financial institutions’ obligations related to cyber crime. The key takeaway from the advisory is that suspicious activity reports (SARs) should be filed for cyber events, even when they do not result...

Read More
Meeting NERC CIP Requirements with a Centralized IRP-post_thumbnail

Meeting NERC CIP Requirements with a Centralized IRP

  • Compliance ,
  • Forensics
  • Incident Response
  • Industry
  • Physical Security
by Walker Banerd - March 29, 2017

The Critical Infrastructure Protection (CIP) program administered by the North American Electric Reliability Corporation (NERC) holds Utilities to a broad set of security standards in order to minimize risk to the power grid across North America. NERC CIP standards are comprehensive—encompassing cyb...

Read More
Stories From The Front Lines: The Silo Effect vs. The Single Source of Truth-post_thumbnail

Stories From The Front Lines: The Silo Effect vs. The Single Source of Truth

  • Compliance ,
  • Data Breach
  • Forensics
  • Incident Response
  • Industry
by Alex MacLachlan - March 16, 2017

Preface: This is the last installment of our three-part blog series called “Stories from the Front Lines”.  This installment is slightly different, in that it features three different archetypical characters from different departments.  Each of the problems they face is different, but keep reading t...

Read More
How to Comply With 23 NYCRR 500-post_thumbnail

How to Comply With 23 NYCRR 500

  • Compliance ,
  • Data Breach
  • Incident Response
  • Industry
by Walker Banerd - March 13, 2017

In February of 2017, the New York State Department of Financial Services (NY DFS) released the updated version of their Cybersecurity Requirements for Financial Services Companies (23 NYCRR 500). The new legislation, which takes effect on March 1, reflects a growing concern in the NY DFS regarding t...

Read More
How Root Cause Analysis Can Help Your Hospital Avoid HIPAA Fines-post_thumbnail

How Root Cause Analysis Can Help Your Hospital Avoid HIPAA Fines

  • Compliance ,
  • Data Breach
  • Forensics
  • Incident Response
  • Industry
by Alex MacLachlan - March 10, 2017

The Health Insurance Portability and Accountability Act or HIPAA provides data privacy and security provisions for safeguarding medical information. HIPAA regulations are enforced by the Department of Health and Human Service’s Office for Civil Rights (OCR). This office carries out its mandate by in...

Read More
5 Incident Response Takeaways from the Yahoo Breach Fallout-post_thumbnail

5 Incident Response Takeaways from the Yahoo Breach Fallout

  • Compliance ,
  • Data Breach
  • Incident Response
  • Industry
by Walker Banerd - March 10, 2017

The ongoing fallout from the 2014 data breach at Yahoo has personally cost CEO Marissa Mayer upwards of $14 million. On March 1, Mayer announced on her blog that she had agreed to forego her annual bonus and equity grant, due to the breach happening on her watch as CEO. The bonus is worth $2 [&helli...

Read More
Incident Response In the Energy Industry-post_thumbnail

Incident Response In the Energy Industry

  • Compliance ,
  • Incident Response
by Alex MacLachlan - March 6, 2017

In November 2015, Tripwire and Dimensional Research commissioned a study assessing the cybersecurity challenges faced by organizations in the energy sector. Respondents included over 150 IT professionals from the energy, oil & gas and utilities industries. In addition to this study, Tripwire sur...

Read More
Stories From The Front Lines: Part One-post_thumbnail

Stories From The Front Lines: Part One

  • Compliance ,
  • Forensics
  • Incident Response
  • Industry
by Alex MacLachlan - February 24, 2017

Preface: This is the first installment of a 3-part blog series called “Stories from the Front Lines”.  Each installment will feature a different user story, inspired by real D3’s projects and interactions with customers.  Each will illustrate a common problem, and explore an effective solution with ...

Read More
Webinar: Go Beyond Incident Response-post_thumbnail

Webinar: Go Beyond Incident Response

  • Compliance ,
  • Incident Response
by Alex MacLachlan - January 16, 2017

February 8, 2017 @ 3:00PM- 4:00PM EST  Enterprises face significant financial, reputational, intellectual property, and legal risks from data breaches, with all types of enterprises falling victim – from government agencies like Office of Personnel Management (OPM) and the Internal Revenue Service (...

Read More
7 Reasons why Enterprises Need a NIST-Compliant Cybersecurity IRP-post_thumbnail

7 Reasons why Enterprises Need a NIST-Compliant Cybersecurity IRP

  • Compliance ,
  • Incident Response
  • Industry
by Alex MacLachlan - October 27, 2016

As cyber attacks inflict increasing damage on organizations of all kinds across every sector of the economy, it has become critical for cybersecurity programs to evolve. Gone are the days of rudimentary intrusion detection systems and retroactive damage control following a security breach. To be tru...

Read More
Design an IRP That Exceeds NIST Standards-post_thumbnail

Design an IRP That Exceeds NIST Standards

  • Compliance ,
  • Incident Response
by Alex MacLachlan - October 14, 2016

Whether you have already developed an incident response plan (IRP) or you’re just getting started, you can benefit from the best-practices and approaches outlined in the National Institute of Standards and Technology (NIST) Computer Security Incident Handling Guide. NIST has developed a comprehensiv...

Read More
Protecting Your Critical Infrastructure-post_thumbnail

Protecting Your Critical Infrastructure

  • Compliance ,
  • Incident Response
  • Industry
  • Physical Security
by Alex MacLachlan - October 11, 2016

The Patriot Act was passed in 2001 in response to terrorist attacks on American soil. However, we don’t usually think about how it helped define cybersecurity and how it continues to inform the framework for defining critical infrastructures and how we protect them in the US. With a growing number o...

Read More
Critical Controls in Action-post_thumbnail

Critical Controls in Action

  • Compliance ,
  • Incident Response
by Alex MacLachlan - October 11, 2016

The story of the tortoise and the hare is relevant in building any cybersecurity program. When faced with the challenges that doing business online in our highly connected world presents, it may quickly seem like an arms race when it comes to cybersecurity. A race where every day there is a new way ...

Read More
Dealing with an Insider Threat-post_thumbnail

Dealing with an Insider Threat

  • Compliance ,
  • Data Breach
  • Forensics
  • Incident Response
by Alex MacLachlan - October 11, 2016

Bob just killed the company, or did he? For many of us we spend more time with our co-workers then we do with our immediate families. Because of all this we don’t want to think that inside the pursuit of common goals, comradery, extended family and our team that there could be a bad egg […]...

Read More
Hospital Cyber Security: Risk Reduction in 5 Easy Steps-post_thumbnail

Hospital Cyber Security: Risk Reduction in 5 Easy Steps

  • Compliance ,
  • Data Breach
  • Incident Response
  • Industry
by Alex MacLachlan - December 18, 2015

Securing private health information and responding to security breaches have presented incredible challenges to hospitals whose healthcare records yield 10 to 20 times more value on the black market than credit card information. Moreover, the proliferation of BYOD, social media and phishing scams, m...

Read More
Incident Management Software Drive Cost Reductions at Utilities-post_thumbnail

Incident Management Software Drive Cost Reductions at Utilities

  • Compliance ,
  • Incident Response
  • Industry
by Alex MacLachlan - June 8, 2015

With the unique ability to categorize different energy diversion types and perform theft analytics, D3 Security’s Incident Reporting and Case Management products give utilities and their security teams an incisive view at the root cause of energy diversion losses. Theft Analytics Drive Energy ...

Read More
Clery Act Compliance: Accountability for Colleges and Universities-post_thumbnail

Clery Act Compliance: Accountability for Colleges and Universities

  • Compliance ,
  • Physical Security
by Alex MacLachlan - October 6, 2014

The Clery Act was introduced in 1990 to enforce the disclosure of campus security policy and crime data of all universities and colleges in the U.S. after a serious incident occurred resulting in the death of 19-year-old Jeanne Clery. The U.S. Department of Education laid out four main requirements:...

Read More

Get Started with D3 Security

One platform to stop alert overwhelm. Transform how your security team works, by focusing its resources on real threats.
Get Started