RESPOND & RECOVER OPERATIONAL RESILIENCE - Equipping our clients with leading cyber solutions and a proven methodology to build operational ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
4: Respond & Recover
RESPOND
& RECOVER
Equipping our clients with leading cyber solutions and
a proven methodology to build operational resilience
in the event of an attack.
Business Outcomes
OPERATIONAL RESILIENCE
Cybersecurity | 2019 | 46
4: Respond & Recover
Respond & Recover
Implementing precautionary measures to take
a proactive approach to security is the best way
to keep ahead of threats.
However, as the threat landscape is constantly changing and attacks
continue to grow more sophisticated, Dell Technologies recommends
our clients always have a response and recover strategy in place, so that
in the event an attack does occur, the business can function as normal.
Taking this approach will equip the business with worst case scenario
remediation plans to ensure the business can continue to operate as
normal. The following solutions outline Dell Technologies Response
& Recovery cybersecurity solutions.
Cybersecurity | 2019 | 47
4: Respond & Recover
Respond | OPERATIONAL RESILIENCE
Fraud Prevention Incident Response
PRODUCT SOLUTIONS MANAGED SERVICE SOLUTIONS
The RSA NetWitness Platform, RSA NetWitness® Platform Secureworks accredited
a leader in Gartner’s 2018 Magic enables the experts in our cyber incident response
Quadrant for Security Information team backed with proprietary
cyber defence centre to
and Event Management, applies Secureworks Threat Intelligence
the most advanced technology to understand the true nature, and purpose-built response
enable security teams to work more scope and impact of an technologies helps you resolve
efficiently and effectively. incident and empowers complex cyber incidents at scale.
It uses behavioral analysis, data science techniques them to take immediate, Our services help you reduce response time
and threat intelligence to help analysts detect and targeted action.” and incident impact by leveraging Secureworks
resolve both known and unknown attacks before seasoned incident responders.
they disrupt your business. K Lakshmi Narayanan
Using purpose-built response technologies enriched
The platform uses machine learning to automate
AVP and Head of Cybersecurity with years of cyberattack and threat group data to
and orchestrate the entire incident response Technology and Operations, help you respond to and mitigate cyber incidents
lifecycle. This allows security teams to collapse Infosys efficiently and effectively.
disparate security tools and the data they generate
into a single, powerful, and fast user interface. For more information: bit.ly/2BAMrjr
Cybersecurity | 2019 | 48
4: Respond & Recover
Recover – Dell EMC Cyber Recovery Solution | OPERATIONAL RESILIENCE
PRODUCT SOLUTIONS
Operational Resilience in the Event of an Attack
Datacentres are a fundamental part of BUSINESS CHALLENGE One of the most poignant
business infrastructure. An attack on this Whilst proactive solutions can help to protect businesses things I’ve heard a client say
from cyberattacks, insider threats still pose a huge risk to the
infrastructure can not only devastate a business and are much harder to detect and defend against. about this solution is that:
business commercially but can have a Whether it is a rogue employee or an intruder has taken over
much wider impact on society as a whole access of your systems, businesses must protect their ability “This solution is the
as it disrupts core services to customers.
to recover in order to minimise disruption to the running of the difference between business
business and impact on customers.
continuance and business
This threat to society has meant that there THE SOLUTION
existence. In the absence
is an increased focus on protecting backup Dell EMC’s Cyber Recovery solution protects your business’
of this capability we might
systems and enhancing disaster recovery most critical data by leveraging an air gapped cyber cease to exist after a
capabilities so that in the event of an recovery vault and limiting access to authorised personnel successful cyberattack.””
only. This sophisticated, secure backup solution ensures
attack, businesses can continue to critical data is physically and virtually separate from production Todd Lieb
function as normal. systems. The vault is only accessible to the network when it is Cyber Recovery Lead,
transferring data – it then disconnects leaving the vault Dell EMC
in true isolation.
Cybersecurity | 2019 | 49
4: Respond & Recover
Recover | OPERATIONAL RESILIENCE
Dell EMC Cyber Recovery Solution
PRODUCT SOLUTIONS
2. Isolation
Move critical data
1. Planning into isolated vault 3. Analysis
This solution works best in Identify critical data Continually analyse vault
addition to disaster recovery to host in vault for unusual behaviour
and backup systems.
C O RPO RAT E NET WO RK CYBE R R E COVE R Y VAULT
Dell EMC recommends to PRODUCTION
only backup 10-15% of your APPS
PROTECTION STORAGE
most critical data in the Backup
vault, updating once per day 10-15% of
AI R most critical
and storing data for up to GAP data for up
30 days. for up to
Network connected 30 days
In the event of an attack, once a day
COMPUTE FOR:
this solution enables you • Management orchestration
• Backup application
to recover data in its DISASTER
• Analytics tools
• Recovery
last known true state to RECOVERY
/ BACK UP
be moved back into the
corporate network to enable MANAGEMENT PATH NO MANAGEMENT PATH
Perimeter Defense - Authorised Users CSO Cleared Personnel Only
your business to operate 4. Recovery
In the event of an attack,
as normal. data is recovered from
its last known true state
from the vault to the
corporate network
Cybersecurity | 2019 | 50
4: Respond & Recover
Recover | OPERATIONAL RESILIENCE
Dell EMC Cyber Recovery Solution
PRODUCT SOLUTIONS
This robust business resilience solution is made up of four components:
1. Planning 2. Isolation 3. Analysis 4. Recovery
Assess business critical systems to The centrepiece of the solution is the Cyber Recovery’s automated workflow Automate recovery workflows to
protect and create dependency maps cyber recovery vault, an isolated and includes the ability to create sandbox perform recovery and remediation after
for associated applications and services, protected part of the datacentre. copies that organisations can use for an incident and bring business resiliency
as well as the infrastructure needed to The vault hosts critical data on Dell security analytics. Analytics can to a higher level.
recover them. EMC technology used for recovery automatically be performed on a
and security analytics. scheduled basis. Cyber Recovery allows customers to
The service generates recovery leverage dynamic restore / recovery
requirements and design alternatives, The goal of the vault is to move data away CyberSense applies over 40 heuristics to procedures using existing disaster
identifies the technologies to analyse, host from the attack surface, so that in the event determine indicators of compromise and recovery procedures that bring business
and protect data, along with providing a of a malicious cyberattack, organisations alert the user. critical systems back online.
business case and implementation timeline. can quickly resort to a good, clean copy of
data to recover critical business systems. Cyber Recovery stays ahead of the Dell EMC and its ecosystem partners
Using vault protections around the isolated bad actor by enabling tools such as provide a comprehensive methodology
data also protects it from insider attacks. CyberSense which incorporate Artificial for protecting data, as well as performing
Intelligence and Machine Learning damage assessments and forensics to
Dell EMC Cyber Recovery automates the analytics methods to the vault. either recover your systems or remediate
synchronisation of data between production and remove the offending malware.
systems and the vault, and creates
immutable data copies.
Cybersecurity | 2019 | 51
4: Respond & Recover
Our Clients say... Industry Analysts say...
Financial institutions are among the most The most effective plans for cyber threat
targeted organisations for cyberattacks resilience must include provisions to
and our responsibility is to ensure the highest protect and isolate the data protection
levels of security for our members and the infrastructure.
financial assets they entrust us with.
By design, data protection systems are
All it takes is for one successful intrusion or architected on the same networks as
ransomware attack to seriously disrupt any production systems and are therefore
business and if the bad guys are smart enough part of the potential attack surface.
to know where your backups are, you’re left
Dell EMC offers a smart solution that
with no protection.
employs an air-gapped Cyber Recovery
Dell EMC Cyber Recovery helps my team Vault, along with automated software
isolate all of our critical data off-network, that helps isolate, analyse and recover an
giving us confidence in our business organisation’s critical data so business can
resilience in the event of a worst-case resume in the event of a cyber intrusion or
cyberattack scenario.” ransomware attack.”
Bob Bender Christophe Bertrand
Chief Technology Officer, Senior Analyst,
Founders Federal Credit Union ESG
For more information: bit.ly/2eYyAcn For more information: bit.ly/2IZEtnn
Cybersecurity | 2019 | 5267
Contact Details
www.DellTechnologies.com
@DellTech
Dayne Turbitt Margarete McGrath Chris Miller Simon Godfrey
Senior Vice President UKI Chief Digital Officer UKI RSA Regional Director, UKI Secureworks Regional Director, UKI
Dayne.Turbitt@Dell.com Margarete.Mcgrath@Dell.com Chris.Miller2@RSA.com SGodfrey@Secureworks.com
bit.ly/2xGgo0p bit.ly/2NGJdUq bit.ly/2V9Tl82 bit.ly/2V5J3pD
Cybersecurity | 2019 | 67You can also read
