Security Breach Management Solution
Solution overview | Security Breach Management Solution
Cyber breaches come from a variety of sources. Some
are subtle; some are not. A majority go undetected until
a third party notifies the enterprise. Then the impact can
It’s difficult to prevent a security breach. Mobility and cloud threats are increasingly
sophisticated, persistent, and unpredictable. You’re dealing with complex technology
crossing hybrid environments and diverse geographies. And despite your efforts, business
dynamics, technology, and evolving threats are a continuous challenge and can often result
in unforeseen events.
Breaches come from a growing variety
• IT system attacks and intrusions
• Unauthorised system activity
• Malicious software
• Advanced persistent threats
• ther access, manipulation, or deletion
of information and data
Four primary requirements for effective
HP delivers flexible choices:
• Forensic Readiness Services
• Managed Security Information and
Event Management (SIEM)
• Security Incident Response Services
• Digital Forensics Services
• E-Disclosure/e-Discovery Services
• Data Recovery Services
Breaches can also come from a growing variety of sources: IT system attacks and intrusions,
unauthorised system activity, malicious software, advanced persistent threats, and any
other access, manipulation, or deletion of information and data. Many breaches are so
subtle in nature that the overwhelming majority go undetected until a third party notifies the
Their impact can be enormous: They can cripple normal operations and damage
relationships with customers and investors. The organisation may be subject to steep
financial penalties and breach notification laws in specific industries or locations where they
do business. In fact, the average breach event is likely to cost several million dollars in staff
time, productivity, and legal restitution. The damage to the company’s reputation can be
But you can’t lock everything down. Securing enterprise information means something
completely different in a world where you share, collaborate, and openly exchange data
in a complex technical environment. Today’s enterprise security must be flexible enough
to enable high volumes of interaction. It also must mitigate risk and ensure compliance.
Organisations will need to enable secure access to the correct information in the context of
each decision. This means advanced security tools covering exchanges inside and outside of
the enterprise. When technology is evolving fast, this sophisticated and evolving protection
can be a major IT undertaking.
HP can help you establish the processes and procedures for an optimal end-to-end approach
to breach management. Whether you’ve had a breach or want to create an effective response
capability, we rapidly deploy a highly skilled and experienced cyber security team and our
progressive technology to your enterprise. We’ll collaborate with you to establish visibility,
remediate issues, and put tactics into place that guard against future incidents.
We provide full lifecycle solutions that let you confidently implement forward-thinking
ideas and get better results. You’ll also move beyond risk reduction and compliance to
plans that enable your enterprise to achieve more, exceed expectations, and embrace
Define. Detect. Defend. Deter.
There are four primary requirements for effective breach management. These should form
the core of your strategy and are the abilities you must develop as a secure organisation.
Enterprises need to define an overall strategy and security lifecycle to be prepared to
detect and defend against attacks. This should address planning, risk assessment, policy
creation, and controls. Robust business and technical architecture can greatly add to the
level of resilience required to withstand a concerted attack. By building security into this
architecture, organisations can know they are as prepared as can be for breaches.
Solution overview | Security Breach Management Solution
Read i ne s s
• Threat analysis
• Forensic interrogation
c t i ve m ea su
• Situational awareness
• Comprehensive visibility
Early detection limits the damage caused by an attack. After an organisation has a clear
and defined strategy, it is critical to ensure there is an ability to monitor and detect potential
activity. Understanding baseline environment volumes, types, and performance is essential to
knowing types of attacks, points of attacks, and the attack vector used. It takes a combination
of people, process, and technology to develop a method for gaining situational awareness and
actionable security intelligence, which will help you prepare for rapid alerting of attacks.
There are no fail-safe measures available to prevent attacks; however, HP recommends
protecting your critical services and information through defined strategies. Your defensive
strategy should reduce risk through threat removal, closure of the vulnerability, and control
of the impact. A strong approach is a multilayered defence that helps you identify a breach
faster, react quicker, minimise impact better, and reduce ongoing exposure. This results in a
cost reduction, greater control, and declining risk exposure over time.
Collaboration and sharing of security intelligence enable organisations to identify and
overcome many attack methods and sources. With robust mechanisms in place for tracking,
logging, and auditing security breaches, there is support for legal pursuits against attackers.
Review flexible choices
HP can integrate existing technologies and services into an overall security breach
management solution from a tactical, remedial, or strategic perspective. Our portfolio
enables you to leverage our services as an integrated approach or for a specific need.
Relevant services include:
• Forensic Readiness Services—Specialised consulting and assessment are used to create
a proactive plan to identify valid changes within your IT environment. This lets you trace
a forensic trail and produce the best possible digital evidence in the event of a security
incident, diminishing disruption and cost to the business.
• Managed Security Information and Event Management (SIEM) —Services provide a
designed, built, and managed system to collect and correlate masses of information
and transform it into comprehensive dashboard displays and management reports, and
actionable alerts. With SIEM, you can detect fraud, expose internal and external threats,
and spotlight weaknesses in security enforcement. These services also demonstrate
government regulations and policies compliance.
• Security Incident Response and Breach Response Services— Expert monitoring is
always available 24x7x365, providing detection and countermeasures through rapid,
predetermined incident response. In the event of a breach, we dispatch a team of security
experts to your location for immediate breach containment plus assessment, investigation,
and recommendations to reduce future vulnerability. HP can send this team as a onetime activity or as part of a regular service based on retainer/contracted hours. Featuring
HP ArcSight, SIEM technology, and Breach Response Services, and leveraging our teams’
expertise around the clock, we ensure incidents are escalated and processed quickly and
efficiently when they arise.