Responding to the Advanced Persistent Threat

Manage webcast
Lee Lawson
The Dell SecureWorks Counter Threat Unit has monitored and responded to hundreds of APT attacks across our 3,000+ customer base in the last 12 months. The information gathered from this activity – and information shared with intelligence agencies around the world - includes advanced knowledge of the adversary, their tools and techniques. Most importantly the Counter Threat Unit has perfected how to identify, protect against and respond to APT attacks.

This webcast will examine the threat posed by Advanced Persistent Threats and look at the lifecycle of an attack. Lee Lawson, Security Architecht at Dell SecureWorks, will walk through a genuine APT attack and look at the different phases of attack that were encountered. Considering the motivation behind these attacks, and the range of tactics which are used, how concerned should you really be?

Lee will give insight into best practice for protecting your organisation from APTs, and how you should respond once an incident does occur.

Key topics covered in the webcast include:

•understanding the threat posed by APTs
•understand best practice for defending your organisation from APT attacks
•how to outwit an attacker that anticipates all your defensive moves

Lee Lawson is the Solutions Architect for Security and Risk Consulting Services at Dell SecureWorks EMEA. In this role he is in charge of envisioning and creating combinations of new and existing services to solve the most unique and difficult customer problems. His past experience was as a Principal Consultant managing the EMEA Security Testing and Response team responsible for all adversarial-testing services such as penetration testing, social engineering and physical intrusions, and all responsive services such as digital forensics and security incident response/handling. This background has provided him with a deep knowledge of the subject having led complex and challenging projects for customers in all industries.
May 1 2012
35 mins
Responding to the Advanced Persistent Threat
More from this community:

IT Security

  • Live and recorded (5954)
  • Upcoming (128)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
  • Complex Incident Response Investigations: How to Minimise Breach Impact Recorded: Jul 8 2015 55 mins
    Rafe Pilling, Senior Security Researcher, Dell SecureWorks
    How prepared are you for a data breach?

    With the threat environment growing more complex, and the rise in advanced and targeted attacks, how does your response plan hold up? Threat actors have changed their tactics; so must you.

    During this webcast, Rafe Pilling, Senior Security Researcher for Dell SecureWorrks Counter Threat Unit (CTU), will share advice based on real-world examples to help ensure your organisation is infinitely better prepared to respond to a security breach.

    Key topics covered include:

    · A view of the evolving threat landscape and how this could impact you

    · Examples of critical mistakes Dell SecureWorks has viewed in real-world cases

    · Developing a robust incident response plan

    · Maximising the value of current controls and improving your overall security posture
  • Five steps to improving security: A pragmatic approach Recorded: Jun 9 2015 46 mins
    Hadi Hosn, Managing Principal Consultant, Dell SecureWorks
    Information security is becoming more and more vital to organisations in an ever changing landscape with the role of the Chief Information Security Officer (CISO) growing in magnitude with hacker based activity, cloud computing, and work-from-anywhere initiative adding to the complexity. New privacy regulations, social media and BYOD have added further challenges and put additional strains on compliance…

    In this webcast, Hadi Hosn, Managing Principal Consultant at Dell SecureWorks, will discuss the five key areas we believe a CISO should focus today to help shape and drive a security programme. Hadi will focus on the most important areas that are applicable in all market sectors and centre in on those activities that, in his experience, deliver the most value, security improvement and return on investment.

    Key topics covered include:

    •Understanding your organisation’s extended enterprise

    •How to improve visibility into what’s going on in your environment

    •Building a culture of security in your organisation
  • Dell SecureWorks at InfoSecurity Europe 2015 Recorded: Jun 5 2015 2 mins
    Dell SecureWorks at InfoSecurity Europe 2015
  • Dell SecureWorks at InfoSecurity Europe 2015: Lee Lawson Presentation Recorded: Jun 5 2015 42 mins
    Lee Lawson, CTU Special Operations
    Detecting and Responding to Advanced Threats: Exposing the Skeleton in Your Closet
  • Benefits of Implementing ISO 27001 to your Organisation Recorded: Dec 17 2014 48 mins
    Hadi Hosn, Managing Principal Consultant
    Information is a business critical asset, forming the backbone of organisation globally, and driving growth. However, the security of information is often overlooked, which is why most security breaches actually come from within the organisation – a result of poor policy, procedures, staff training and their awareness of security risks.

    In response, organisations are now exploring the benefits of certifying to ISO27001 – the industry standard for information security.

    In this latest webcast, Hadi Hosn, Managing Principal consultant at Dell Secureworks, will discuss how certifying to ISO27001 provides a framework for implementing security controls and resolving security issues and can offer the business a competitive advantage and business enablement.

    This webcast will cover the following key topics:

    •Benefits of ISO27001 – Information Security Management System (ISMS)

    •Defining the ISMS scope

    •ISMS implementation and certification process overview
  • The Evolving Security Threat Landscape: Trends, Outlook and Next Steps Recorded: Oct 21 2014 55 mins
    Don Smith, Technology Director
    The webcast will take you on a journey through the threat landscape, taking in sights such as the latest activity on trojans and viruses, how the ‘bad guys’ are stealing intellectual property through the use of malware and the future of cyber warfare.

    During this webcast, Technology Director, Don Smith, will present intelligence gleaned from the Dell SecureWorks Counter Threat Unit (CTU). He will discuss the rise of advanced persistent threats, and how the security threat landscape is evolving and what you can do to keep pace.

    What are the motives of the threat actors, and what could make your organisation a target? Don will provide pragmatic advice on what you can do to protect your critical information assets and reduce the risk.

    Key webcast topics include:

    •Evolution and revolution in the cyber landscape

    •War stories and examples from the coalface - An analysis of threat intelligence we have gathered

    •Inferences, conclusions, and the road ahead: what are the qualitative outcomes of our findings and how can these help inform your security strategy

    Dell SecureWorks processes more than 70 billion security events across thousands of networks around the globe on a daily basis, leveraging the Counter Threat Unit (CTU) research team who perform in-depth analysis of emerging threats and vulnerabilities.

    This global visibility and unmatched expertise enables early warnings and actionable security intelligence to customers to protect against threats and vulnerabilities before they impact their organisation.
  • Addressing the weakest link: The importance of user education Recorded: Aug 5 2014 47 mins
    Chris Yule, Senior Security Consultant
    In this webcast we look at one of the most crucial elements of security leadership: building security awareness throughout an organisation. End users will often be the weakest link in the security stack; building an understanding amongst your users of why security is important and what their responsibilities are is a crucial component of protecting your organisation’s information and ensuring you stay out of the headlines.

    Chris Yule, Senior Security Consultant at Dell SecureWorks, will discuss the need to educate employees on proper safeguards in today's climate of social engineering malware scams and targeted attacks.

    Key webcast topics covered:

    •How to approach an awareness campaign, target training at those who need it most and measure effectiveness.

    •The different of domains of training which are appropriate and necessary for different user groups.

    •How to target education at all levels of the organisation, from informing end users about password security and phishing risks, to educating board members on the threats and risks faced by the business and the typical approach taken by your industry peers.
  • How Well Prepared Are You For The Next Security Threat? Recorded: Jun 18 2014 49 mins
    Florian Malecki, Product Marketing & Solution Director for EMEA at Dell Software
    Each and every day you face the risk of your network being hacked by the newest zero-day threat. Not long ago, it was the HeartBleed bug and then the IE vulnerability. And, while you’re still working to defend your infrastructure from these two critical threats, the cybercriminal community is working just as hard trying to exploit the weaknesses of your network. So how well are you prepared for the next attack?

    Florian Malecki, Product Marketing & Solution Director for EMEA at Dell Software discusses the threat landscape and suggests ways that you can take advantage and achieve ongoing protection.
  • The modern CISO: Standing out from the crowd Recorded: Jun 17 2014 54 mins
    Hadi Hosn, Security and Risk Consulting Managing Principal
    The role of the Chief Information Security Officer (CISO) has grown in complexity and magnitude with hacker based activity, cloud computing, and work-from-anywhere initiative only adding to the dilemma. New privacy regulations, social media and BYOD have added further challenges and put additional strains on compliance…

    Information security is becoming more and more vital to organisations in this ever changing landscape, with the role of the CISO now more important than ever. The education and preparation of the cyber security leaders of today must keep pace with this change.

    During the webcast, Hadi Hosn, Senior Solutions Architect at Dell SecureWorks, will provide expertise and practical advice as well as real world examples from those that have lived and breathed the role of the CISO.

    Key topics discussed:

    •Succeed as an effective CISO/Director of Security/Head of Information Security

    •Improve and validate your skills

    •Be recognised as an industry leader and stand out from the crowd
  • The value of a security partnership: Engaging at the right level Recorded: May 8 2014 46 mins
    Chris Yule, Senior Security Consultant
    The remit of information security has grown to encompass all aspects of an organisation. It is no longer just a question of IT security. CISOs now need to understand the risks faced by their organisation, where security fits into every business process, and bridge the gap between technical and business stakeholders.

    As the remit has broadened, the need for insightful assistance has deepened, from help defining organisation-wide security strategy and metrics down to monitoring of individual log events, with policy, compliance, architecture, intelligence, incident response and end user security training in between.

    Chris Yule, Senior Security Consultant at Dell SecureWorks, will discuss how a security partner that can deliver at all levels of the security stack allows for a greater understanding of your organisation, which ultimately delivers better intelligence-led security.

    Key topic outlined:

    •Evolving from a traditional MSS-focused client/vendor approach to a security partnership
    •Examples of successful operating and engagement models
    •Delivering value and results to your organisation
  • POSitive Thinking: Detecting and Preventing Point of Sale (POS) Malware Attacks Recorded: Apr 3 2014 52 mins
    Rafe Pilling, Counter Threat Unit Researcher
    Malware targeting Point of Sale (POS) terminals has been exploited by eCrime operators for a number of years but has recently been catapulted to the forefront of industry attention with a number of high-profile breaches. Properly executed, a malware attack on POS terminals can reap huge volumes of credit card numbers in a short space of time without resorting to low-rate of return strategies involving large phishing campaigns. Due to its low risk/ high reward nature, this type of attack is only likely to become more popular with eCrime operators.

    In the session Rafe Pilling, Counter Threat Unit Special Operations, will look at the nature of the POS malware threat and how it can be defeated through proper application of threat intelligence.

    What will attendees learn:

    * A potted history of POS malware

    * What does the POS malware threat landscape look like?

    * Effective use of threat intelligence to detect and prevent POS malware attacks.
  • Building an Effective Security Operation Centre Recorded: Mar 13 2014 48 mins
    Sandip Wadje, Practice Leader SOC Consulting at Dell SecureWorks
    Security Operation Centres (SOCs) act as the nerve centre of an organisation providing real-time alerts, security intelligence and reports to act against internal and external threats. SOCs often use multiple event monitoring tools, ticketing systems and workflow solutions and as a result, building an effective SOC still remains a challenge for most organisations.

    How do organisations choose a security monitoring solution that gives optimal asset coverage and at the same time address the evolving threat landscape and compliance requirements? How can organisations demonstrate the value of SOC investment to board level stakeholders? How do organisations choose the correct operating model (outsource, in-source, and hybrid) to run and maintain a SOC?

    Sandip Wadje, Practice Leader for SOC Consulting at Dell SecureWorks, will help answer these questions and provide pragmatic next steps to rolling out an effective SOC.

    Key Webcast Topics and Takeaways:

    •The blueprint for an effective SOC
    •SOC tools and integration
    •Metrics and reporting
    •Choosing the right operating model
  • Securing the Extended Enterprise Recorded: Jan 24 2014 44 mins
    Chris Yule, Senior Security Consultant
    Join the latest Dell SecureWorks webcast to learn more on how to effectively secure the extended enterprise.

    The modern enterprise is operating in a hybrid world with data residing inside and outside the organisation; blurring boundaries of responsibility and challenging traditional security strategies. Whilst the complexity of the IT environment is increasing, so is the hostility of the cyber threat landscape.

    How do organisations remain agile and embrace innovation whilst dealing with increasingly sophisticated threats that are looking to exploit any weak points in the extended enterprise?

    This webcast will cover:

    •The latest intelligence from cyber threat researchers in the Counter Threat Unit

    •Security strategy considerations for the move to cloud computing

    •Practical steps for retaining control and reducing risk across the extended enterprise
  • Disrupting Malware Assisted Online Fraud Recorded: Nov 7 2013 47 mins
    Rafe Pilling, Senior Consultant
    E-banking trojans are a core component of a sophisticated and distributed criminal enterprise that routinely and efficiently targets online banking clients. Dell SecureWorks are an industry leader in e-Banking malware research and work with our clients on a daily basis to help them address this threat. In this workshop we will explore:

    •The threats posed by e-Banking malware; both to financial services organisations and their customers

    •The e-Crime “Cloud Services” model

    •Some of the advanced mechanisms employed to perpetuate online fraud

    •Effective mitigation strategies and countermeasures that work in the real world
  • EU Data Protection and Partnering with MSSPs: Debunking the Myths Recorded: Oct 23 2013 49 mins
    Peter Heim, Dell SecureWorks and Antonis Patrikios, Field Fisher Waterhouse
    Managed Security Service Providers (MSSPs) provide enhanced security measures, expertise and awareness and enable organisations to make efficient use of their resources. However, organisations often feel they are stuck between a rock and a hard place when it comes to the EU Data Protection law and partnering with a MSSP.

    This webcast, delivered by experts from Dell SecureWorks and legal firm Field Fisher Waterhouse LLP will help clarify some of the common ‘myths’ regarding the intent of the law and how this affects working with a MSSP.

    Key webcast topics include:

    •Using third parties to process personal data

    •Transferring data outside the EU

    •Using cloud-based services

    •Local law enforcement access to data (e.g. by US authorities under the Patriot Act)
  • PCI 3.0: Go Forth and Comply Recorded: Oct 9 2013 30 mins
    Ron Kiss, Senior Security Consultant, Dell SecureWorks
    The new Payment Card Industry Data Security Standards (PCI DSS) guidelines encourage organisations to focus on security rather than compliance in order to mitigate some of the most frequently seen risks that have precipitated cardholder-data compromise.

    Our latest webcast, delivered by Dell SecureWorks PCI expert, Ron Kiss, focuses on the proposed changes to the standard and how it could affect your organisation when they come into play on 1st January 2014.

    Key webcast topics include:

    •Version 2.0 to 3.0 – what are the changes?

    •A security approach to compliance rather than compliance approach to security

    •Pragmatic advice on what the next steps should be for your organisation
  • Building a Successful PCI Programme in a Complex Cloud Environment Recorded: Aug 29 2013 23 mins
    Ron Kiss, Senior Security Consultant, Dell SecureWorks
    The use of Cloud Computing technology has seen a recent spike in popularity with spend estimated at 25% of all annual IT expenditure growth in 2012 and nearly a third of growth in 2013. With the efficiencies it provides, businesses are clambering to find ways of leveraging its advantage for all types of online business functions, including processing card payments. However, unambiguous information on the Payment Cards Industry (PCI) compliance implications of this new technology are unclear for organisations moving to the cloud.

    This has resulted in much confusion of what compliance means for business and assessors alike. In February this year, the PCI SSC published the Cloud Computing Information Supplement with provides a greater level of clarity for businesses and assessors alike.

    Ron Kiss, Senior Consultant At Dell SecureWorks, will discuss how to incorporate what has been learned from the Information Supplement into a successful PCI program for your organisation’s and its complex cloud environment.

    Key webcast topic include:

    •The rise and rise of cloud and common challenges facing organisations

    •Clarifying the Cloud Computing Information Supplement and how it affects you

    •Building a successful PCI programme tailored for your cloud environment

    Ron Kiss

    Ron Kiss is a Principal Consultant within the Security, Risk and Compliance team at Dell SecureWorks. In his current and past roles, Ron has conducted both PCI-DSS and PA-DSS assessments in Europe and overseas. He brings a wealth of experience in assessing Merchants, Service Providers and Payment Applications from a range of industries such as Retail, Airlines, and Finance. 
  • Complex Security Incident Investigation: Lessons Learned Recorded: Jul 3 2013 45 mins
    Rafe Pilling, Senior Security Researcher
    Join this webcast for insight into recent security breach investigations from the Dell SecureWorks Counter Threat Unit (CTU).

    Dell SecureWorks responds to thousands of incidents on a daily basis with the CTU investigating the most serious of these. Join this session for pragmatic advice based on real-world examples, to help ensure your organisation is better prepared for a security breach.

    This webcast will cover:

    •Critical mistakes Dell SecureWorks has encountered in real-world cases
    •Maximising the value of current controls at no extra cost
    •How to avoid potentially disastrous security lapses

    Rafe Pilling, Counter Threat Unit EMEA

    Rafe Pilling is a security expert working for the EMEA Counter Threat Unit. Rafe has significant experience in incident response and digital forensics from his background as a Senior Consultant within the Dell SecureWorks Consulting firm.

    The Dell SecureWorks Counter Threat Unit research team monitor the cyber underground and watch for emerging threats. Monitoring and analysing over 50 billion events a day, their unparalleled visibility into the global threat landscape helps protect thousands of organisations worldwide.
  • The cloud: Shaking up your security Recorded: Apr 25 2013 44 mins
    Mark Wood, Director of Product Management
    More and more organisations are turning to cloud computing to solve their biggest technology and business challenges. By this stage, most of us are aware of the many benefits cloud has to offer: lower hardware and IT costs, ease of management and increased agility, to name a few. Yet when it comes to security, cloud is not a silver bullet. In fact, according to the Cloud Security Alliance, security is cited as the number one barrier to adoption of cloud services among organisations.

    During this webcast, Mark Wood, Director of Product Management at Dell SecureWorks, will discuss some of the prevalent security risks which exist when moving to the cloud and how this affects the traditional approach to security.

    This webcast will address the following key themes:

    •The security impact of different cloud models and minimising risk in a multi-tenant environment
    •Sharing the security burden and establishing an effective relationship with your cloud provider.
    •Staying one step ahead of the evolving compliance landscape.

    Mark is responsible for managed security for cloud services at Dell SecureWorks. He has more than 25 years of experience in the technology community as a software engineer, a sales engineer, a start-up owner and a product manager.

    Previously, at Cloud Sherpas, a solutions provider focused on migrating organizations to Google Apps, Mark was responsible for product strategy, lifecycle management and optimizing existing products. He has also worked in marketing and product management at a number of leading technology companies, including nCircle, Internet Security Systems (ISS) and AT&T Bell Laboratories.

    Mark holds a Bachelor of Science degree in computer science from Duke University and a Master of Science degree in computer science from Georgia Institute of Technology.
  • Advanced incident response: Are you prepared Recorded: Apr 9 2013 45 mins
    Rafe Pilling, Senior Security Researcher
    How prepared are you for a data breach? With the threat environment growing more complex, and the rise in advanced and targeted attacks, how does your response plan hold up? Threat actors have have changed their tactics; so must you.

    This webcast will examine how to develop a robust incident response plan, which takes into account the changes in the threat landscape. Lee Lawson, Solution Architect at Dell SecureWorks, will discuss new approaches to identify advanced threats earlier, and how to go beyond responding to the most obvious symptoms of an attack, to understanding the full extent of the breach and what has been compromised.

    This webcast will address the following key themes:

    •Security breaches Dell SecureWorks has seen across its global customer base, from advanced and targeted threats
    •Developing an incident response plan which takes into account the complex threat landscape
    •Getting the necessary visibility into your network to enable you to spot advanced threats early and understand the true scale of the attack.
Webcasts from the Dell SecureWorks Team
Dell SecureWorks is relentlessly driven to protect the integrity of the world's digital assets against cyberthreats. We do that with intelligent defences that combine our proprietary technology, global threat visibility and deep expertise. We are 100% focused on information security – it's all we do. That's why we are trusted by thousands of customers. Dell SecureWorks offers a full suite of Managed Security, Threat Intelligence and Security and Risk Consulting services.

Dell SecureWorks is positioned in the Leaders Quadrant of Gartner's Magic Quadrant for MSSPs and has been recognised by SC Magazine’s readers with the “Best Managed Security Service” award for 2006, 2007, 2008, 2009, 2011 (U.S. and Europe) and 2012. Additionally, our experts frequently provide authoritative information security commentary in major media outlets including the New York Times, The Wall Street Journal, The Financial Times, USA Today, The Guardian and many others.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Responding to the Advanced Persistent Threat
  • Live at: May 1 2012 11:00 am
  • Presented by: Lee Lawson
  • From:
Your email has been sent.
or close
You must be logged in to email this