We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byJosiah Jarratt
Modified over 7 years ago
1 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Risk Masters, Inc. Emerging Trends in Cyber-Security & Recovery Presented at Data Connecter, Cambridge, MA March 27, 2014 Presented by… Jim Gursha, Principal, Risk Masters Inc. Allan Cytryn, Principal, Risk Masters Inc.
2 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Presenters
3 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI The Problem: – Cyber Attacks are more sophisticated and more frequent They are now the Advanced Persistent Threat They are sponsored by states and organizations, as well as hackers and hactivists. – BYOD and the consumerization of technology conflict with historical approaches to defense – Existing defenses are being breached daily – Restoring trust in infrastructure is becoming increasingly difficult The Emerging Solutions: – New strategies and technologies for defense are providing better options – But the new strategies and technologies are recent and have not been widely adopted – Reluctance to change is jeopardizing security Emerging Trends in Cyber-Security
4 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Strategic ElementsTactical Elements New Security Model All networks elements must be secureSegment networks and data Provide access only as needed and enforce access control Enforce regular expiry of passwords and access control rights/lists Implement broad file retention rules and automated archiving Encrypt data where it is stored and where it may be accessed (e.g. in transmission) Log all trafficAnalyze all traffic and logs in real-time Inspect all traffic Implement Malware Traps and rigorously investigate what they trap New Recovery Model Establish defined states of trustImplement a Cyber-Recovery capability Mitigate opportunities to disrupt critical I/T components including source code, executables and operating systems. Eliminate Disaster Recovery off site storage risks Implement secured Cloud based disaster recovery planning for critical business functions, encrypt all business critical source elements, and data structures. Eliminate Tape and Test! Elements of the Cyber-Security Solution
5 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI StrategyCurrentEmerging All networks elements must be secure The network perimeter is secured. Within the perimeter, the network is generally open with friendly security Segment networks and data into discrete secured elements. Penetrating one does not compromise another Provide access only as needed and enforce access control Once inside the perimeter, access is restricted as needed Access is provided as needed. Enforce regular expiry of passwords and access control rights/lists Implement broad file retention rules and automated archiving Encrypt data where it is stored and where it may be accessed (e.g. in transmission) Log all trafficConsider intrusion detectionAnalyze all traffic and logs in real-time Inspect all traffic Implement Malware Traps and rigorously investigate what they trap Establish defined states of trust Eradicate virusesImplement a Cyber-Recovery capability New Elements Enhance Legacy Technologies
6 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Emerging Trends in Recovery – Cloud DR Multiple benefits of Cloud DR, in addition to mitigating disaster recovery risk: When combined with New Security Model, enables Cyber-Recovery as well as Disaster-Recovery Achieves cost savings and improved reliability and service levels via tape-elimination, timeliness and recovery enterprise-wide services Key Concepts Adopt backup/recovery into the Cloud Replace tapes with electronic transfer Improves timeliness, reliability and application coverage Lowers lost Augment recovery strategy with recovery into the cloud Expand recovery testing into the Cloud for critical applications in order to validate technical recovery capabilities. Revise testing procedures to periodically validate Cloud DR Lower in cost and effort than traditional hot/redundant site testing
7 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI Tape Elimination has a low total cost of ownership at 1.5¢ to 3¢ per month per gigabyte. Provides instant access to electronic data assets from months to several decades. Exabyte-scale elasticity and flexible pay-as-you-use pricing model. Comprehensive SLA for service availability and data durability, portability and survivorship. Built on OpenStack and accessible via OpenStack Swift and S3 APIs to prevent vendor and data lock-in. Data integrity checking. Cloud DR - Tape Elimination Tape Elimination is based on Long-Term Storage Service, a fully managed IaaS Cloud storage service.
8 © Copyright, Risk Masters, Inc. 2014. All rights reserved.Draft for Discussion Purposes Only RMI For Further Information Allan Cytryn Principal
1/17/20141 Leveraging Cloudbursting To Drive Down IT Costs Eric Burgener Senior Vice President, Product Marketing March 9, 2010.
© 2009 VMware Inc. All rights reserved vCenter Site Recovery Manager 5.1.
Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
Joey Yep Technical Marketing, Seagate CSS Creating a Competitive Advantage with Cloud.
Copyright © 2005 EFT Network, Inc. All Rights Reserved. Automated Recurring Payments Flexible Payment Solution.
RETHINK BACKUP & ARCHIVE. 2 Backup and Archive are Top IT Priorities Which of the following would you consider to be your org’s most important IT priorities.
COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Government Technology Bay Area Technology Forum November 5, 2009 Presented By: Jon Fullinwider Director, Local Government Citrix Systems, Inc. Presented.
Unified Logs and Reporting for Hybrid Centralized Management
Information Means The World.. Enhanced Data Recovery Agenda EDR defined Backup to Disk (DDT) Tape Emulation (Tape Virtualization) Point-in-time Copy Replication.
July 8-9, 2014 | Ronald Reagan Building | Washington, DC Federal Cloud Computing Summit Dr. Barry C. West Cloud Tools and Integration.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Banking Clouds V International Youth Banking Forum.
November 2009 Network Disaster Recovery October 2014.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
© 2021 SlidePlayer.com Inc. All rights reserved.