Copyright 2016 EMC Corporation. All rights reserved.

Similar documents
Rapid Recovery from Logical Corruption

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Cyber Resilience. Think18. Felicity March IBM Corporation

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

locuz.com SOC Services

Data Protection Everywhere

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Dell EMC Isolated Recovery

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

CYBER SECURITY AIR TRANSPORT IT SUMMIT

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Securing Your Digital Transformation

Cyber Risk A Corporate Directors' Briefing Webcast Q&A Summary

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

Cyber Security Incident Response Fighting Fire with Fire

Disaster Recovery Is A Business Strategy

Accelerate Your Enterprise Private Cloud Initiative

NEXT GENERATION SECURITY OPERATIONS CENTER

INTELLIGENCE DRIVEN GRC FOR SECURITY

Reinvent Your 2013 Security Management Strategy

align security instill confidence

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

THE POWER OF TECH-SAVVY BOARDS:

FOR FINANCIAL SERVICES ORGANIZATIONS

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe

Why you should adopt the NIST Cybersecurity Framework

Business continuity management and cyber resiliency

21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

CYBER SECURITY TAILORED FOR BUSINESS SUCCESS

Continuous protection to reduce risk and maintain production availability

Securing Digital Transformation

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Cybersecurity, safety and resilience - Airline perspective

Sage Data Security Services Directory

Cyber Risks in the Boardroom Conference

TSC Business Continuity & Disaster Recovery Session

Green Governance Growth

Cybersecurity The Evolving Landscape

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Data Protection Everywhere. For the modern data center

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

MITIGATE CYBER ATTACK RISK

Cyber Security Technologies

Readiness, Response & Resilence:

How to implement NIST Cybersecurity Framework using ISO WHITE PAPER. Copyright 2017 Advisera Expert Solutions Ltd. All rights reserved.

Practical Guide to Cloud Computing Version 2. Read whitepaper at

A Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist

Cybersecurity. Securely enabling transformation and change

Canada Life Cyber Security Statement 2018

State of Cloud Survey GERMANY FINDINGS

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

Best Practices in Securing a Multicloud World

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

CAPABILITY STATEMENT

ServiceNow knowledge 2016

Are we breached? Deloitte's Cyber Threat Hunting

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Vulnerability Assessments and Penetration Testing

COST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Turning Risk into Advantage

McAfee Endpoint Threat Defense and Response Family

Cybersecurity and the Board of Directors

Incident Response Services

What It Takes to be a CISO in 2017

RSA ADVANCED SOC SERVICES

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Brussels. Cyber Resiliency Minimizing the impact of breaches on business continuity. Jean-Michel Lamby Associate Partner - IBM Security

Cloud Security Myths Paul Mazzucco, Chief Security Officer

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

The NIST Cybersecurity Framework

Comment protéger le Data Center du futur?

RSA INCIDENT RESPONSE SERVICES

Choosing the Right Cloud. ebook

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Nebraska CERT Conference

ForeScout ControlFabric TM Architecture

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Background FAST FACTS

Background FAST FACTS

Cyber Resiliency. Felicity March. May 2018

Your Trusted Partner in Europe European Business Reliance Centre

DATACENTER SERVICES DATACENTER

Cybersecurity Session IIA Conference 2018

Adaptive & Unified Approach to Risk Management and Compliance via CCF

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

T-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE

Run the business. Not the risks.

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Transcription:

1

BUILDING BUSINESS RESILIENCY Isolated Recovery Services NAZIR VELLANI (ERNST & YOUNG) & DAVID EDBORG (EMC GLOBAL SERVICES) 2

PRESENTERS Nazir Vellani (EY) Senior Manager Tel: +1 214 596 8985 Email: nazir.vellani@ey.com Nazir Vellani is a Senior Manager in Ernst & Young s Advisory Services practice and has over 22 years of technology and business consulting experience with a proven ability in business process re-engineering, Risk and Resiliency, Business Continuity, Disaster Recovery Strategy and Planning, IT Strategies and Transformation, Cost Optimization and Cloud Computing focusing on leveraging current and emerging technologies for the financial and hi-tech service industries. Nazir frequently interfaces with both USA and European regulators to understand and translate how to operationalize changes in compliance needs to the business environment David Edborg (EMC) Portfolio Manager for EMC s Business Resiliency Services Tel: +1 (708) 205-1808 Email: david.edborg@emc.com David originally joined EMC in 2005 after spending the previous eight years with DR Providers, EMC Resellers & Lessors. Over his career at EMC, David has served as a Global Practice Manager for EMC s Availability Technologies, as an Availability Services Solutions Principal, and as the Chief Architect for EMC s Continuous Availability Services Line. Earlier in his career, David worked in the packaged software industry and was Director of Development and Support for a computer security product. Out of college David worked as an IBM Assembler coder and wrote operating system mods for IBM s incarnation of mainframe VM software. 3

RIPPED FROM THE HEADLINES Healthcare Information Under Siege 4

CYBER CRIME GETS SOPHISTICATED ARE YOU STAYING AHEAD OF THE EVOLUTION? Traditional Threats Emerging Threats Cyber Theft Cyber Attack Cyber Extortion Cyber Destruction 5

CYBER THREAT LIFECYCLE We must understand the threat life cycle to build resiliency and response capabilities to navigate through events that range from traditional cyber breaches through extreme data loss, destruction, and hostage conditions Cyber Kill Chain Need to rework image to remove small text. Stick with Recon, Weaponize, etc Time Before During After Countermeasures Protection Detection and Reaction Survival Cyber Kill Chain - Model developed by Lockheed Martin for increasing visibility into a cyber attack 6

REGULATORY COMMUNITY EXPECTATIONS Insurance Breach Management Data Replication Multi-Tiered Environment Executive Management Establishes Appropriate Cyber And Data Breach Insurance Levels Life-cycle Approach: Advanced Response Capabilities Data Loss And Destruction Protection Technical Systems To Contain Breaches And Limit Business Impact Implement Multiple Technologies And Methods To Reduce The Probability Of Data Contamination Data Copies Are Stored To Enable Restore And Recovery Of Business And Environment Data 7

BOARD OF DIRECTORS CONCERNS Do we have a documented STRATEGY and PROVEN PLAN to keep our business operational due to ANY disruption event? What is our RISK of a HACKTIVIST ATTACK? Can our cyber security protections GUARANTEE our business is SAFE? What would be the impact to our CUSTOMERS, SHAREHOLDERS, EMPLOYEES if our information was lost? If our data was compromised and DESTROYED, could we RECOVER business operations, and HOW LONG would it take? 8

A NEW DEFENSE AGAINST CYBER ATTACKS BECAUSE YOU NEED TO THINK LIKE A HACKER A Protected Copy of Data Isolated Off-Net No Connections Cannot be directly accessed How Does It Work? Periodic Copies of Critical Data Systems are isolated Data is Periodically Validated ISOLATED RECOVERY YOUR LAST LINE OF DEFENSE AGAINST CYBER-ATTACKS Protecting Against Cyber Destruction Data Hostage 9

HOW ISOLATED RECOVERY WORKS CRITICAL DATA RESIDES OFF THE NETWORK AND IS ISOLATED Production Apps Risk-Based Replication Process Isolated Recovery Business Data Tech Config Data Dedicated Connection Corporate Network DR / BU Tertiary Data Copy Vaulting For Insurance Purposes In Extreme Data Loss Or Destruction Cases Includes Business & Technology Configuration Data XLRT Needs Determine Storage And/Or Backup Appliance Capabilities 10

INTEGRATED OPERATING MODEL Can we break this and make it build? A proprietary model incorporating industry leading references and designed to meet FFIEC/OCC and SIFMA regulatory expectations 11

OUR APPROACH TO ISOLATED RECOVERY 1 Planning and Design: Business Critical Applications Technology environment Configuration information Local or Remote Copy 2 Isolation - Replication: Network Isolation/Air Gap Dedicated Network Link Enable-replicate-disable link Automated and Scripted 3 Validation of Data: Trusted Copies and Versioning Validate Copy After Replication Customer Tools Used to Validate 4 Restore and Recovery: Standard Restore Processes Scripted and Automated 12

ISOLATED RECOVERY IS MORE THAN DR Systems are Isolated Data Center Is Disconnected From The Network And Restricted From Users Other Than Those With Proper Clearance Periodic Copies Over Air Gap Isolated Recovery Copies Are Periodic With A Larger Interval Between Copies DR Copies Are Constant And Continuous Integrity Checking & Alerting Workflows Stage Copied Data, Perform Periodic Integrity Checks, And Have Alert Mechanisms In The Event Of A Breach This last statement is very confusing Recovery & Remediation Separate Restore And Testing Policies & Procedures To Build And Prove Restore Capability Of The Essential Technology Configuration And Business Data Environments 13

WHERE TO BEGIN? Review your current environment Map your current technology standards and capabilities Map your current security and data protection posture Identify what data is valuable and would be valuable to protect against extreme destruction Develop a strategy, technical, and deployment roadmap Identify governance and process requirements Scope project costs and business case Validate your approach against industry peers and best practices 14

BENEFITS OF ISOLATED RECOVERY Ensures that critical business data are vaulted outside the enterprise environment Protects against hacktivism and data destruction/hostage conditions Responds and meets the regulatory concerns on responding to sophisticated cyber crime events Supports valuation of data to determine potential insurance coverage and liabilities against loss 15

EMC AND EY WORKING TOGETHER Deep Understanding Of Customers Business And Technology Environment Successful Track Record Of Delivering Value Across Consulting And Technology Proven Methodologies, Solutions And Tools-based Approach To Decrease Risk And Accelerate Time To Value Comprehensive Capabilities In Delivering Future State Of IT 16

17

EMC AND EY WORKING TOGETHER Value Proposition Deep understanding of Customers business and technology environment Successful track record of delivering value across consulting and technology Proven methodologies, solutions and tools-based approach to decrease risk and accelerate time to value Comprehensive capabilities in delivering future state of IT Technology and market leadership Long-standing relationship with intimate knowledge of Customers technology environment Thorough understanding of the technical, financial and business impact of moving towards new technology models Cross domain implementation expertise CIO level relationships Experience translating regulatory mandates and requirements to actionable solutions Strong understanding and experience with FMU s. Strong practical understanding of Customer requirements and proven track record Broad resiliency capabilities: Cybersecurity, IT Ops, technology infrastructure, Risk and Resiliency Board and CEO level relationships Benefits Accelerate timeline by bringing available solution offerings and reference architectures customized to Customers needs Sustainable solution for Customer incorporating industry leading tools and best practices Build for future by leveraging EMC and EY s shared vision for future state of IT Connecting the dots with other in-flight and upcoming initiatives to deliver an integrated solution Confidence that implementation will be done right the first time 19

Complicat e EMC & EY ISOLATED RECOVERY JOINT ADVISORY OFFERING EY Advisory Services Joint EMC/EY GTM EMC Advisory Services Business Priorities Threat Intelligence Prioritized Risks Security Monitoring Data & Context Vulnerability Identification Incident Remediation Response Reactive & Pr oactive Actions Countermeasure Planning Complicate & Detect Risk Appetite Common Data Protection & Risk Management Shared Story Best Of Portfolio (Assess, Advise, Implement) Services aligned to Managing Risk Governance Model Regulatory Compliance Operating Model Standards Data Replication Technologies Application, data, & Technical Landscape map Technical Architecture, Solutioning Costs, Operating Cost Gap Analysis Peer Analysis Roadmap & Migration Implementation Plan Map Current environment assessment Current technology standards and solutions mapping [app & infra dependency mapping] Current security & data protection posture scorecard Governance policies & procedures Isolated Recovery Metrics Valuable data to protect against extreme destruction Technology Hardening Audit & Remediation Target operating model Strategy, technical solution, & deployment roadmap Projected costs and business case Gap Analysis Peer Review Deploy & Validate Technology Solution Operational Procedures and & Compliance Proof Reporting Map Services aligned to enabling Data Protection Isolated Recovery Metrics Applications & Services to Protect Application and Infrastructure Dependencies Mapping Compliance Policies & Requirements Mapping Hardening Audit and Remediation Architecture, Design, Costs, Business Case Program Managed Implementation IR Recovery Run Books Validation Test Design Proctored Test & Compliance Ready Test Reports Technology Knowledge Transfer EMC Technology Solutions 20

ISOLATED RECOVERY ADDRESSES CONCERNS Critical environment data that resides off the network and isolated from Cyber Attack Promotes enterprise resiliency and should be considered vaulting for insurance purposes in extreme data loss or destruction cases Includes both business and technology configuration data to enable rapid provisioning of the environment if required extreme loss recovery time line (XLRT) needs determine Storage and/or Backup Appliance capabilities Air Gapped from the network to prevent server access Updated through replication process based on acceptable risk exposure limits of uptime connectivity and data loss parameters Remediated against threats while off line and capable of retaining iterative copies to current n versions (based on environment needs) 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback