Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Risk Masters, Inc. Emerging Trends in Cyber-Security.

Similar presentations


Presentation on theme: "1 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Risk Masters, Inc. Emerging Trends in Cyber-Security."— Presentation transcript:

1 1 © Copyright, Risk Masters, Inc All rights reserved.Draft for Discussion Purposes Only RMI Risk Masters, Inc. Emerging Trends in Cyber-Security & Recovery Presented at Data Connecter, Cambridge, MA March 27, 2014 Presented by… Jim Gursha, Principal, Risk Masters Inc. Allan Cytryn, Principal, Risk Masters Inc.

2 2 © Copyright, Risk Masters, Inc All rights reserved.Draft for Discussion Purposes Only RMI Presenters

3 3 © Copyright, Risk Masters, Inc All rights reserved.Draft for Discussion Purposes Only RMI The Problem: – Cyber Attacks are more sophisticated and more frequent They are now the Advanced Persistent Threat They are sponsored by states and organizations, as well as hackers and hactivists. – BYOD and the consumerization of technology conflict with historical approaches to defense – Existing defenses are being breached daily – Restoring trust in infrastructure is becoming increasingly difficult The Emerging Solutions: – New strategies and technologies for defense are providing better options – But the new strategies and technologies are recent and have not been widely adopted – Reluctance to change is jeopardizing security Emerging Trends in Cyber-Security

4 4 © Copyright, Risk Masters, Inc All rights reserved.Draft for Discussion Purposes Only RMI Strategic ElementsTactical Elements New Security Model All networks elements must be secureSegment networks and data Provide access only as needed and enforce access control Enforce regular expiry of passwords and access control rights/lists Implement broad file retention rules and automated archiving Encrypt data where it is stored and where it may be accessed (e.g. in transmission) Log all trafficAnalyze all traffic and logs in real-time Inspect all traffic Implement Malware Traps and rigorously investigate what they trap New Recovery Model Establish defined states of trustImplement a Cyber-Recovery capability Mitigate opportunities to disrupt critical I/T components including source code, executables and operating systems. Eliminate Disaster Recovery off site storage risks Implement secured Cloud based disaster recovery planning for critical business functions, encrypt all business critical source elements, and data structures. Eliminate Tape and Test! Elements of the Cyber-Security Solution

5 5 © Copyright, Risk Masters, Inc All rights reserved.Draft for Discussion Purposes Only RMI StrategyCurrentEmerging All networks elements must be secure The network perimeter is secured. Within the perimeter, the network is generally open with friendly security Segment networks and data into discrete secured elements. Penetrating one does not compromise another Provide access only as needed and enforce access control Once inside the perimeter, access is restricted as needed Access is provided as needed. Enforce regular expiry of passwords and access control rights/lists Implement broad file retention rules and automated archiving Encrypt data where it is stored and where it may be accessed (e.g. in transmission) Log all trafficConsider intrusion detectionAnalyze all traffic and logs in real-time Inspect all traffic Implement Malware Traps and rigorously investigate what they trap Establish defined states of trust Eradicate virusesImplement a Cyber-Recovery capability New Elements Enhance Legacy Technologies

6 6 © Copyright, Risk Masters, Inc All rights reserved.Draft for Discussion Purposes Only RMI Emerging Trends in Recovery – Cloud DR Multiple benefits of Cloud DR, in addition to mitigating disaster recovery risk: When combined with New Security Model, enables Cyber-Recovery as well as Disaster-Recovery Achieves cost savings and improved reliability and service levels via tape-elimination, timeliness and recovery enterprise-wide services Key Concepts Adopt backup/recovery into the Cloud Replace tapes with electronic transfer Improves timeliness, reliability and application coverage Lowers lost Augment recovery strategy with recovery into the cloud Expand recovery testing into the Cloud for critical applications in order to validate technical recovery capabilities. Revise testing procedures to periodically validate Cloud DR Lower in cost and effort than traditional hot/redundant site testing

7 7 © Copyright, Risk Masters, Inc All rights reserved.Draft for Discussion Purposes Only RMI Tape Elimination has a low total cost of ownership at 1.5¢ to 3¢ per month per gigabyte. Provides instant access to electronic data assets from months to several decades. Exabyte-scale elasticity and flexible pay-as-you-use pricing model. Comprehensive SLA for service availability and data durability, portability and survivorship. Built on OpenStack and accessible via OpenStack Swift and S3 APIs to prevent vendor and data lock-in. Data integrity checking. Cloud DR - Tape Elimination Tape Elimination is based on Long-Term Storage Service, a fully managed IaaS Cloud storage service.

8 8 © Copyright, Risk Masters, Inc All rights reserved.Draft for Discussion Purposes Only RMI For Further Information Allan Cytryn Principal


Download ppt "1 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Risk Masters, Inc. Emerging Trends in Cyber-Security."

Similar presentations


Ads by Google