SecureWorks Launches Red Flags Consulting Service to Assist Financial Organizations in Developing a Comprehensive Identity Theft Prevention Program

Atlanta, GA., October 6, 2008 - SecureWorks®, a leading Security as a Service Provider (SaaS), announced today that it has launched a new Red Flag Consulting Service to assist financial organizations in developing a comprehensive and appropriate Identity Theft Prevention Program in response to the Red Flag Regulations.  The deadline to comply with the regulations is November 1^st, 2008.  The Red Flag Rules dictate that "any person or business who arranges for the extension, renewal or continuation of credit"   will be subject to the Red Flag Rules.  This includes banks, mortgage lenders, credit unions, utility companies, health care organizations, telecommunications companies, debt collectors, car dealers and many other organizations that fall under this definition. The Red Flag Rules were implemented to ensure that these types of entities have developed and implemented a written "Identity Theft Prevention Program" to detect, prevent and mitigate identity theft in connection with the opening of certain new and existing accounts.

"Many of the financial organizations affected by the Red Flag Regulations already have a Corporate Information Security Program. This will help them with a governance framework for responding to the Red Flag Regulations. However, financial organizations will still have considerable work to do in order to develop and implement an appropriate Identity Theft Prevention Program," said Erik Petersen, VP of Professional Services for SecureWorks.  "SecureWorks' new Red Flag Consulting Service will simplify the financial institutions' process of pulling out their current policies and adding what is needed to ensure that they have a solid Identity Theft Prevention Program in place."

SecureWorks has designed the Red Flag Consulting Service to be user friendly and customizable and will include the following deliverables:

1.    Listing of the Organization's Products and Services Subject to the Red Flag Regulations

Creating a list of the financial organization's products and services which are subject to the Red Flag Regulations is one of critical steps in developing an effective Identity Theft Prevention Program.  These products and services are referred to as Covered Accounts.  SecureWorks will assist the organization in creating the appropriate lists of Covered Accounts.

2.      Assistance in Determining Applicable Red Flags

Each client organization will be responsible for developing a list of Red Flag alerts applicable to its organization. These are relevant patterns, practices and specific forms of activity that are "red flags" signaling possible identity theft.  Once that list is determined by the client, SecureWorks will assist the organization in deciding which "red flags" apply to the organization's Covered Accounts.

3.    Provide Risk Analysis Framework and Documentation

SecureWorks will provide the client with a framework and the documentation needed to conduct a risk analysis. 

4.       Procedures for Performing a Human-Based Risk Analysis on Detected Red Flags

SecureWorks will provide clients with guidance on how to develop human-based procedures for determining if a detected "red flag" is legitimate or not. 

5.     Policy and Standards Templates

The Red Flag Regulations state that an Identity Theft Prevention Program should provide for appropriate policies and standards for identity theft, in relation to the degree of risk posed. SecureWorks will provide policy and standard templates and instruct the client on how to customize these to their organization.

6.    Assistance in Developing a Red Flag Vendor Management Program

SecureWorks will help the client develop Red Flag Service Level Agreements for the appropriate vendors.

7.     Documentation of Threat Prevention Program

 SecureWorks will assist the client in developing auditable documentation of their Identity Theft Prevention Program. 

8.     Training

SecureWorks will provide remote training sessions for the organizations' employees to educate them on what identity theft entails and what the Red Flag Rules mean.    This internal training is required by the Red Flag Regulations and is important to ensuring that the Identity Theft Prevention Program works seamlessly.

The pricing for the Red Flag consulting program for financial institutions is between $6,000 and $10,000 depending on the scope of the project.  All of the training is conducted remotely so that there is no disruption to the client's business.

About SecureWorks

With over 2,000 clients, SecureWorks is one of the market's leading Security as a Service providers. Organizations are protected from external and internal cyber-threats through SecureWorks' On-Demand Security Information and Event Management (SIEM) platform, the SecureWorks Counter Threat Unit^SM and three fully synchronous Security Operations Centers (SOCs) staffed with SANS GIAC certified analysts working 24x7 to safeguard client systems. SecureWorks has won SC Magazine's "Best Managed Security Service" award for 2006, 2007 & 2008, Best Intrusion Prevention 2006 and has been named to the Inc 500 and Deloitte lists of fastest-growing companies. www.secureworks.com.

###