The industry is following Dell’s announcement of a security breach that took place earlier this month. How do you assess their response?
Pravin Kothari, CEO at CipherCloud:
“On November 9, Dell disclosed a security breach where potentially customer names, emails and hashed passwords. Dell noted that they found no conclusive evidence that any data was extracted. Dell detected the attack and shut it down within one day.
In contrast, the average dwell time, or time from penetration to detection in the United States was 99 days in 2016 and 75 days in 2017. A typical skilled cyber attacker, as illustrated by red team testing, can obtain administrator credentials in just a few days after they get inside of the network. Worse yet, is that about 60%+ of cyberattacks are discovered by external sources and business partners – not by internal security or IT teams.
Today you cannot keep attackers out of your networks. Sooner or later they will penetrate the best protected networks. Dell detected the network penetration and shut it down rapidly. The goal today for every security operations center is to detect and shut down attackers with the most minimal dwell time. This is the leading edge of industry best practice for on-premise and cloud security. Dell has shown that the right mix of skilled personnel equipped with the right tools for visibility, threat and data protection can make a big difference.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.