We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byJosiah Jarratt
Modified over 2 years ago
1 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Risk Masters, Inc. Emerging Trends in Cyber-Security & Recovery Presented at Data Connecter, Cambridge, MA March 27, 2014 Presented by… Jim Gursha, Principal, Risk Masters Inc. Allan Cytryn, Principal, Risk Masters Inc.
2 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Presenters
3 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI The Problem: – Cyber Attacks are more sophisticated and more frequent They are now the Advanced Persistent Threat They are sponsored by states and organizations, as well as hackers and hactivists. – BYOD and the consumerization of technology conflict with historical approaches to defense – Existing defenses are being breached daily – Restoring trust in infrastructure is becoming increasingly difficult The Emerging Solutions: – New strategies and technologies for defense are providing better options – But the new strategies and technologies are recent and have not been widely adopted – Reluctance to change is jeopardizing security Emerging Trends in Cyber-Security
4 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Strategic ElementsTactical Elements New Security Model All networks elements must be secureSegment networks and data Provide access only as needed and enforce access control Enforce regular expiry of passwords and access control rights/lists Implement broad file retention rules and automated archiving Encrypt data where it is stored and where it may be accessed (e.g. in transmission) Log all trafficAnalyze all traffic and logs in real-time Inspect all traffic Implement Malware Traps and rigorously investigate what they trap New Recovery Model Establish defined states of trustImplement a Cyber-Recovery capability Mitigate opportunities to disrupt critical I/T components including source code, executables and operating systems. Eliminate Disaster Recovery off site storage risks Implement secured Cloud based disaster recovery planning for critical business functions, encrypt all business critical source elements, and data structures. Eliminate Tape and Test! Elements of the Cyber-Security Solution
5 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI StrategyCurrentEmerging All networks elements must be secure The network perimeter is secured. Within the perimeter, the network is generally open with friendly security Segment networks and data into discrete secured elements. Penetrating one does not compromise another Provide access only as needed and enforce access control Once inside the perimeter, access is restricted as needed Access is provided as needed. Enforce regular expiry of passwords and access control rights/lists Implement broad file retention rules and automated archiving Encrypt data where it is stored and where it may be accessed (e.g. in transmission) Log all trafficConsider intrusion detectionAnalyze all traffic and logs in real-time Inspect all traffic Implement Malware Traps and rigorously investigate what they trap Establish defined states of trust Eradicate virusesImplement a Cyber-Recovery capability New Elements Enhance Legacy Technologies
6 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Emerging Trends in Recovery – Cloud DR Multiple benefits of Cloud DR, in addition to mitigating disaster recovery risk: When combined with New Security Model, enables Cyber-Recovery as well as Disaster-Recovery Achieves cost savings and improved reliability and service levels via tape-elimination, timeliness and recovery enterprise-wide services Key Concepts Adopt backup/recovery into the Cloud Replace tapes with electronic transfer Improves timeliness, reliability and application coverage Lowers lost Augment recovery strategy with recovery into the cloud Expand recovery testing into the Cloud for critical applications in order to validate technical recovery capabilities. Revise testing procedures to periodically validate Cloud DR Lower in cost and effort than traditional hot/redundant site testing
7 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Tape Elimination has a low total cost of ownership at 1.5¢ to 3¢ per month per gigabyte. Provides instant access to electronic data assets from months to several decades. Exabyte-scale elasticity and flexible pay-as-you-use pricing model. Comprehensive SLA for service availability and data durability, portability and survivorship. Built on OpenStack and accessible via OpenStack Swift and S3 APIs to prevent vendor and data lock-in. Data integrity checking. Cloud DR - Tape Elimination Tape Elimination is based on Long-Term Storage Service, a fully managed IaaS Cloud storage service.
8 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI For Further Information Allan Cytryn Principal
November 2009 Network Disaster Recovery October 2014.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Dell Connected Security Solutions Simplify & unify.
Luminex Virtual Tape Storage System Brian Sullivan Director of Computer Operations Broward County Public Schools 1.
© 2014 VMware Inc. All rights reserved. Cloud Archive for vCloud ® Air™ High-level Overview August, 2015 Date.
RETHINK BACKUP & ARCHIVE. 2 Backup and Archive are Top IT Priorities Which of the following would you consider to be your org’s most important IT priorities.
Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.
1Copyright © 2015 Blue Coat Systems Inc. All Rights Reserved. BLUE COAT SYSTEMS CORPORATE OVERVIEW May 2015.
© 2009 VMware Inc. All rights reserved vCenter Site Recovery Manager 5.1.
Joey Yep Technical Marketing, Seagate CSS Creating a Competitive Advantage with Cloud.
Banking Clouds V International Youth Banking Forum.
MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.
INNOVATE THROUGH MOTIVATION MSP Services Overview KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
1/17/20141 Leveraging Cloudbursting To Drive Down IT Costs Eric Burgener Senior Vice President, Product Marketing March 9, 2010.
Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Security Policy and Key Management Centrally Manage Encryption Keys - Oracle TDE, SQL Server TDE and Vormetric. Tina Stewart, Vice President.
Information Means The World.. Enhanced Data Recovery Agenda EDR defined Backup to Disk (DDT) Tape Emulation (Tape Virtualization) Point-in-time Copy Replication.
Copyright © 2015 Juniper Networks, Inc. 1 Sky Advanced Threat Prevention.
Barracuda Networks. Safe Public Cloud Transitions Why Barracuda? The Challenge When organizations move workloads to the public cloud, data protection.
1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC
Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.
Co-location Sites for Business Continuity and Disaster Recovery Peter Lesser (212) Peter Lesser (212) Kraft.
Solving Today’s Data Protection Challenges with NSB 1.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Cloud Computing for the Enterprise November 18th, This work is licensed under a Creative Commons.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Get Full Protection on Microsoft Azure with Symantec™ Endpoint Protection 12.1 MICROSOFT AZURE ISV PROFILE: SYMANTEC Symantec™ Endpoint Protection is an.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Copyright © 2005 EFT Network, Inc. All Rights Reserved. Automated Recurring Payments Flexible Payment Solution.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.
RDX: REMOVABLE HARD DISK STORAGE SYSTEM December 2010.
1© Copyright 2013 EMC Corporation. All rights reserved. EMC and Microsoft SharePoint Server Data Protection Name Title Date.
What Is Desktop Virtualization? How Does Application Virtualization Help? How does V3 Systems help? Getting Started AGENDA.
The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Module 9 Planning a Disaster Recovery Solution. Module Overview Planning for Disaster Mitigation Planning Exchange Server Backup Planning Exchange Server.
COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.
Introduction to Network Defense
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
CUTTING COMPLEXITY – SIMPLIFYING SECURITY INSERT PRESENTERS NAME HERE XXXX INSERT DATE OF EVENT HERE XXXX.
Government Technology Bay Area Technology Forum November 5, 2009 Presented By: Jon Fullinwider Director, Local Government Citrix Systems, Inc. Presented.
Mobile Security Solution Solution Overview Check Point Mobile Threat Prevention is an innovative approach to mobile security that detects and stops advanced.
Effectively Explaining the Cloud to Your Colleagues.
© 2017 SlidePlayer.com Inc. All rights reserved.