One of the many critical tasks we undertake at DYOPATH is reducing the amount of time a hacker can occupy our clients’ environment when a breach occurs. This period of time between initial compromise and detection is known as dwell time. For clients with a robust security plan, dwell time can be minimized to under 24 hours. But this only accounts for roughly 50% of breaches. For the remaining 50%, organizations are without adequate protection, experiencing dwell times that can last weeks, months, and even years.
It was once assumed that large corporations excelled at safeguarding their customer and employee information. However, in the last several years, many said corporations have admitted to monumental breaches, some of which compromised personal data for years.
One of the most notorious examples of such an extensive dwell time after a breach is in the case of Marriott International. In one of the largest recorded breaches in history, intimate data of up to 500 million customers was exposed as threat actors went undetected in Marriott’s Starwood subsidiaries reservation systems for four long years.
Marriott acquired Starwood in 2016, which includes hotel chains St. Regis, Westin, Sheraton, Aloft, Le Meridien, Four Points, and W Hotels. These hotels were still using the IT infrastructure inherited from Starwood and had not, at the time, merged with the Marriott reservation system. Over the next four years, hackers had copied and encrypted customer information including names, addresses, phone numbers, emails, passport numbers, travel details, and credit card numbers.
The fact that it took Marriott four years to discover the breach points to a failed security plan with little to no threat detection and prevention.
Minimizing the Impact of a Data Breach
What’s important to understand is that preventing breaches is an impossibility. Any security professional that promises otherwise is not interested in selling the truth. When we take a look at today’s threat landscape, we can see very clearly that despite an arsenal of measures at our disposal to prevent intrusion, breaches still occur. At DYOPATH, we help our clients understand this with our transparent policies. So the question really becomes, how can we help our clients minimize the impact of an attack and reduce dwell time?
The answer comes in the way of our integrated Security Service Bundle. We use both a proactive and reactive approach to security at DYOPATH to ensure the proper measures are in place for detection and prevention and that a swift and thorough response plan is immediately executed at the first sign of a data breach.
DYOPATH’S Security Service Bundle
We encourage all of our clients to purchase a DYOPATH Security Service Bundle to provide them with the most comprehensive form of protection to mitigate security threats and reduce dwell time to as minimal as possible in the event of a breach. A Security Service Bundle with DYOPATH includes enterprise-grade technology, rapid crisis management, and highly skilled security experts for immediate response – a complete managed solution.
The secret to our successful protection is in our integrated approach to security. We don’t just provide one tool, but multiple forms of protection, delivering both proactive and reactive coverage against both system-generated and manual attacks. We use the appropriate technology coupled with expertly trained people to make sure that nothing slips by unnoticed.
We have a dedicated Security Operations Center as a Service (SOC) that is operated 24/7 by our security experts and provides vulnerability management to prioritize potential threats and minimize their attack surface. From here, they can manage the security functions of our clients’ organizations, setting up processes to monitor systems and networks and respond to any security incidents. DYOPATH’S SOC manages the fundamental elements of our Security Service Bundle. Alone, these elements do provide some protection. But together is where their true force lies, creating a formidable barrier against cyber risk, costly dwell time from breaches, and compromised data loss.
Security Information and Event Management
A Security Information and Event Management (SIEM) system is a set of tools that provide the information needed to detect and manage security events. DYOPATH’S SIEM tool provides a centralized location for identifying, monitoring, and recording security events in real-time. This information is then normalized to discover and detect anomalies that may be threats. Our team of experts can then analyze these threats for potential breaches and implement the appropriate necessary actions. DYOPATH’S SIEM stands apart from the competition because it is continuously fine-tuned by our professionals, providing hands-on threat management that is second to none while preventing unnecessary alarms and noise.
Endpoint Detection and Response
Our Endpoint Detection and Response (EDR) solution provides real-time continuous threat hunting and collection of endpoint data. Endpoints are remote computing devices, such as desktops, laptops, and smartphones, that communicate with an organization’s network. EDR provides visibility into these endpoints. Similar to our SIEM, EDR is able to detect, investigate, and remediate potential threats with automated responses and analysis capabilities. Our EDR works quickly once a threat has been detected and qualified, air gapping the device to prevent it from escalating the threat further.
Advanced Malware Protection
Advanced Malware Protection (AMP) is a specialized software designed to prevent, detect, and remove malicious software or fileless malware from a computer system. Additional malware threats that AMP protects against are Trojans, ransomware, adware, worms, and spyware. AMP helps to drastically improve visibility across protected systems, reducing the time it takes to discover security breaches and affected devices, in turn, minimizing dwell time.
Advanced Protection for Our Clients
DYOPATH’S Security Service Bundle delivers the broad, advanced protection that our clients need to defend their organizations in today’s threat landscape. As we mentioned, data breaches are not truly preventable, but discovering the intrusion and remediating the damage swiftly is the key to cybersecurity. When a business such as Marriott International faces extensive dwell time, it not only leads to costly damages and fines, but tarnishes the brand in the eyes of its customers. DYOPATH works to avoid this negative chain reaction for our clients with our extensive Security Service Bundle offerings.