Enviar búsqueda
Cargar
Preparing to recover from a cyber attack
•
2 recomendaciones
•
1,213 vistas
A
Allan Cytryn
Seguir
Economía y finanzas
Empresariales
Denunciar
Compartir
Denunciar
Compartir
1 de 28
Descargar ahora
Descargar para leer sin conexión
Recomendados
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Enterprise Management Associates
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
Fidelis Cybersecurity
Threat Modeling Using STRIDE
Threat Modeling Using STRIDE
Girindro Pringgo Digdo
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
Chris Sistrunk
Security Information and Event Management
Security Information and Event Management
UTD Computer Security Group
Qradar - Reports.pdf
Qradar - Reports.pdf
PencilData
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
Dhruv Majumdar
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
Recomendados
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Enterprise Management Associates
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
Fidelis Cybersecurity
Threat Modeling Using STRIDE
Threat Modeling Using STRIDE
Girindro Pringgo Digdo
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
Chris Sistrunk
Security Information and Event Management
Security Information and Event Management
UTD Computer Security Group
Qradar - Reports.pdf
Qradar - Reports.pdf
PencilData
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
Dhruv Majumdar
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
Security Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
Présentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo Wazuh
Aurélie Henriot
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
Security Analyst Workshop - 20190314
Security Analyst Workshop - 20190314
Florian Roth
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
Prime Infoserv
Outpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface management
Outpost24
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
Cyber Security Seminar.pptx
Cyber Security Seminar.pptx
DESTROYER39
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
Sirius
Next-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
Vulnerability and Patch Management
Vulnerability and Patch Management
n|u - The Open Security Community
Mobile Application Penetration Testing
Mobile Application Penetration Testing
BGA Cyber Security
Malware- Types, Detection and Future
Malware- Types, Detection and Future
karanwayne
Red team Engagement
Red team Engagement
Indranil Banerjee
Malware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence Morocco
Touhami Kasbaoui
Threat modeling web application: a case study
Threat modeling web application: a case study
Antonio Fontes
AWS re:Inforce 2019 - Threat Hunting in CloudTrail & GuardDuty
AWS re:Inforce 2019 - Threat Hunting in CloudTrail & GuardDuty
Chris Farris
Implementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptx
damilolasunmola
CompTIA Security+ Guide
CompTIA Security+ Guide
Smithjulia33
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
SecPod Technologies
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
IBM Security
Más contenido relacionado
La actualidad más candente
Security Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
Présentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo Wazuh
Aurélie Henriot
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
Security Analyst Workshop - 20190314
Security Analyst Workshop - 20190314
Florian Roth
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
Prime Infoserv
Outpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface management
Outpost24
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
Cyber Security Seminar.pptx
Cyber Security Seminar.pptx
DESTROYER39
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
Sirius
Next-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
Vulnerability and Patch Management
Vulnerability and Patch Management
n|u - The Open Security Community
Mobile Application Penetration Testing
Mobile Application Penetration Testing
BGA Cyber Security
Malware- Types, Detection and Future
Malware- Types, Detection and Future
karanwayne
Red team Engagement
Red team Engagement
Indranil Banerjee
Malware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence Morocco
Touhami Kasbaoui
Threat modeling web application: a case study
Threat modeling web application: a case study
Antonio Fontes
AWS re:Inforce 2019 - Threat Hunting in CloudTrail & GuardDuty
AWS re:Inforce 2019 - Threat Hunting in CloudTrail & GuardDuty
Chris Farris
Implementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptx
damilolasunmola
CompTIA Security+ Guide
CompTIA Security+ Guide
Smithjulia33
La actualidad más candente
(20)
Security Operation Center Fundamental
Security Operation Center Fundamental
Présentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo Wazuh
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
Security Analyst Workshop - 20190314
Security Analyst Workshop - 20190314
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
Outpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface management
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
Cyber Security Seminar.pptx
Cyber Security Seminar.pptx
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
Next-Gen security operation center
Next-Gen security operation center
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
Vulnerability and Patch Management
Vulnerability and Patch Management
Mobile Application Penetration Testing
Mobile Application Penetration Testing
Malware- Types, Detection and Future
Malware- Types, Detection and Future
Red team Engagement
Red team Engagement
Malware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence Morocco
Threat modeling web application: a case study
Threat modeling web application: a case study
AWS re:Inforce 2019 - Threat Hunting in CloudTrail & GuardDuty
AWS re:Inforce 2019 - Threat Hunting in CloudTrail & GuardDuty
Implementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptx
CompTIA Security+ Guide
CompTIA Security+ Guide
Similar a Preparing to recover from a cyber attack
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
SecPod Technologies
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
IBM Security
Secure Your Business 2009
Secure Your Business 2009
RCioffi
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
iMIS
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
iMIS
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec
Webinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptx
ControlCase
MT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response Planning
Dell EMC World
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
Denim Group
093049ov16.pptx
093049ov16.pptx
NguyenNM
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
IBM Security
SCADA Security Webinar
SCADA Security Webinar
AVEVA
Security Management in the Cloud
Security Management in the Cloud
GaryArdito
Group reading assignments on managing cloud risk
Group reading assignments on managing cloud risk
Ibrahim Adeboye Apena
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain Assurance
Leonardo
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
Techugo
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
Techugo
The Cloud Challenge
The Cloud Challenge
VMware Tanzu
Cloud Security Issues and Challenge.pptx
Cloud Security Issues and Challenge.pptx
infosec train
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
IBM
Similar a Preparing to recover from a cyber attack
(20)
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
Secure Your Business 2009
Secure Your Business 2009
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Webinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptx
MT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response Planning
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
093049ov16.pptx
093049ov16.pptx
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
SCADA Security Webinar
SCADA Security Webinar
Security Management in the Cloud
Security Management in the Cloud
Group reading assignments on managing cloud risk
Group reading assignments on managing cloud risk
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain Assurance
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
The Cloud Challenge
The Cloud Challenge
Cloud Security Issues and Challenge.pptx
Cloud Security Issues and Challenge.pptx
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
Último
Strategic Resources May 2024 Corporate Presentation
Strategic Resources May 2024 Corporate Presentation
Adnet Communications
✂️ 👅 Independent Bhubaneswar Escorts Odisha Call Girls With Room Bhubaneswar ...
✂️ 👅 Independent Bhubaneswar Escorts Odisha Call Girls With Room Bhubaneswar ...
Call Girls Mumbai
Pension dashboards forum 1 May 2024 (1).pdf
Pension dashboards forum 1 May 2024 (1).pdf
Henry Tapper
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
Henry Tapper
Famous Kala Jadu, Black magic expert in Faisalabad and Kala ilam specialist i...
Famous Kala Jadu, Black magic expert in Faisalabad and Kala ilam specialist i...
batoole333
Premium Call Girls Bangalore Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...
Premium Call Girls Bangalore Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...
vershagrag
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Deepika Singh
Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024
Adnet Communications
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...
kajal
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budget
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budget
Sareena Khatun
Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...
jeffreytingson
7 tips trading Deriv Accumulator Options
7 tips trading Deriv Accumulator Options
Vince Stanzione
Turbhe Fantastic Escorts📞📞9833754194 Kopar Khairane Marathi Call Girls-Kopar ...
Turbhe Fantastic Escorts📞📞9833754194 Kopar Khairane Marathi Call Girls-Kopar ...
priyasharma62062
Test bank for advanced assessment interpreting findings and formulating diffe...
Test bank for advanced assessment interpreting findings and formulating diffe...
robinsonayot
Female Escorts Service in Hyderabad Starting with 5000/- for Savita Escorts S...
Female Escorts Service in Hyderabad Starting with 5000/- for Savita Escorts S...
kajalverma014
logistics industry development power point ppt.pdf
logistics industry development power point ppt.pdf
Salimullah13
Seeman_Fiintouch_LLP_Newsletter_May-2024.pdf
Seeman_Fiintouch_LLP_Newsletter_May-2024.pdf
Ashis Kumar Dey
Escorts Indore Call Girls-9155612368-Vijay Nagar Decent Fantastic Call Girls ...
Escorts Indore Call Girls-9155612368-Vijay Nagar Decent Fantastic Call Girls ...
sanakhan51485
2999,Vashi Fantastic Ellete Call Girls📞📞9833754194 CBD Belapur Genuine Call G...
2999,Vashi Fantastic Ellete Call Girls📞📞9833754194 CBD Belapur Genuine Call G...
priyasharma62062
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
kojalpk89
Último
(20)
Strategic Resources May 2024 Corporate Presentation
Strategic Resources May 2024 Corporate Presentation
✂️ 👅 Independent Bhubaneswar Escorts Odisha Call Girls With Room Bhubaneswar ...
✂️ 👅 Independent Bhubaneswar Escorts Odisha Call Girls With Room Bhubaneswar ...
Pension dashboards forum 1 May 2024 (1).pdf
Pension dashboards forum 1 May 2024 (1).pdf
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
Famous Kala Jadu, Black magic expert in Faisalabad and Kala ilam specialist i...
Famous Kala Jadu, Black magic expert in Faisalabad and Kala ilam specialist i...
Premium Call Girls Bangalore Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...
Premium Call Girls Bangalore Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budget
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budget
Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...
7 tips trading Deriv Accumulator Options
7 tips trading Deriv Accumulator Options
Turbhe Fantastic Escorts📞📞9833754194 Kopar Khairane Marathi Call Girls-Kopar ...
Turbhe Fantastic Escorts📞📞9833754194 Kopar Khairane Marathi Call Girls-Kopar ...
Test bank for advanced assessment interpreting findings and formulating diffe...
Test bank for advanced assessment interpreting findings and formulating diffe...
Female Escorts Service in Hyderabad Starting with 5000/- for Savita Escorts S...
Female Escorts Service in Hyderabad Starting with 5000/- for Savita Escorts S...
logistics industry development power point ppt.pdf
logistics industry development power point ppt.pdf
Seeman_Fiintouch_LLP_Newsletter_May-2024.pdf
Seeman_Fiintouch_LLP_Newsletter_May-2024.pdf
Escorts Indore Call Girls-9155612368-Vijay Nagar Decent Fantastic Call Girls ...
Escorts Indore Call Girls-9155612368-Vijay Nagar Decent Fantastic Call Girls ...
2999,Vashi Fantastic Ellete Call Girls📞📞9833754194 CBD Belapur Genuine Call G...
2999,Vashi Fantastic Ellete Call Girls📞📞9833754194 CBD Belapur Genuine Call G...
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
Preparing to recover from a cyber attack
1.
Recovering from a Cyber-Attack ©
Copyright, Risk Masters, Inc. 2013. All rights reserved. Why you need to prepare What you need to do 1 1
2.
Cyber-Recovery: Executive Summary RMI The
Problem Cyber-Attacks are a continuous threat – some might succeed How will you operate and recover following a successful attack? The Risks Meeting obligations to your clients, suppliers and staff Financial and property losses Reputational losses Regulatory compliance The Strategy Increase the Cyber-Resilience of your Infrastructure Have a Cyber-Recovery Plan in addition to BCP/DR plans Being Prepared Organize Plan Transform Validate © Copyright, Risk Masters, Inc. 2013. All rights reserved. 2
3.
RMI Risk Masters,
Inc. The Problem © Copyright, Risk Masters, Inc. 2013. All rights reserved. 3
4.
The Cyber-Recovery Problem RMI Cyberattacks
are a continuous threat, and some may succeed • How will you operate securely and recover quickly following a successful attack? • How will you mitigate the legal, regulatory, financial and operational risks of a successful attack? © Copyright, Risk Masters, Inc. 2013. All rights reserved. 4
5.
Every Day You
Are Under Attack © Copyright, Risk Masters, Inc. 2013. All rights reserved. RMI 5
6.
Your Defenses are Ready… ©
Copyright, Risk Masters, Inc. 2013. All rights reserved. But How Secure Are You? RMI 6
7.
Some Attacks Succeed… ©
Copyright, Risk Masters, Inc. 2013. All rights reserved. RMI 7
8.
A Breach Leads
to Many Risks RMI • Can you meet obligations to your clients, suppliers and staff? • What would the financial and property losses be? • And what about reputational losses? © Copyright, Risk Masters, Inc. 2013. All rights reserved. 8
9.
RMI Risk Masters,
Inc. The Risks © Copyright, Risk Masters, Inc. 2013. All rights reserved. 9
10.
RMI Are you prepared to operate
and recover? Does your BCP/DR plan address CyberRecovery? Will your insurance cover you? © Copyright, Risk Masters, Inc. 2013. All rights reserved. When an Attack Breaches Your Defenses… Can you protect the privacy of your staff and clients? Can you meet your obligations to your clients? 10
11.
A Breach Puts
Privacy at Risk Can you protect the privacy of your staff and your clients? RMI • You have legal and contractual requirements to protect the privacy and confidential information of your staff and clients. – Your business reputation may be compromised by the exposure of such information • When you cannot trust your computer systems, how can you assure privacy and confidentiality? © Copyright, Risk Masters, Inc. 2013. All rights reserved. 11
12.
A Breach Puts
Delivery at Risk Can you meet your obligations to your staff and clients? © Copyright, Risk Masters, Inc. 2013. All rights reserved. RMI • You have products and services to deliver every day – and your staff and clients depend on these. • When you cannot trust your computer systems, how can you be sure that you can meet your commitments? – What will be your liability for failing to do so? 12
13.
A Breach Creates
Financial Risk Costs may be high Will your insurance cover you? Insurance may not Cover Insurance is Complex RMI Sony is still awaiting the final tally for losses related to its data breaches earlier this year. At last count, it had 100 million compromised customer accounts, and Sony anticipated the debacle would cost $200 million. With 58 class-action suits in the works, that may be wishful thinking. But what about Sony’s insurance coverage? Sony’s insurer said the company did not have a cyber insurance policy. It said Sony’s policy only covered tangible losses like property damage, not cyber incidents. Cyber Insurance—Mitigating Loss from Cyber Attacks Perspectives on Insurance Recovery Newsletter - 2012 The market is rapidly growing for insurance that is specifically meant to cover losses arising out of cyber attacks and other privacy and data security breaches. These policies are marketed under names like "cyber-liability insurance," "privacy breach insurance" and "network security insurance." © Copyright, Risk Masters, Inc. 2013. All rights reserved. 13
14.
A Breach Needs
to be Reversed Does your BCP/DR plan address CyberRecovery? © Copyright, Risk Masters, Inc. 2013. All rights reserved. RMI • A Cyber-Attack compromises your trust in your computer systems – But BCP/DR recovers from loss of use of facilities, infrastructure, technology and physical resources – Can you trust that your BCP/DR resources will be unexposed or survive a cyber attack? 14
15.
RMI Risk Masters,
Inc. The Strategy © Copyright, Risk Masters, Inc. 2013. All rights reserved. 15
16.
A Strategy for
Cyber-Recovery RMI • How can you increase the CyberResilience of your infrastructure? • Do you have a Cyber-Recovery Plan in addition to or as part of your BCP/DR plans? © Copyright, Risk Masters, Inc. 2013. All rights reserved. 16
17.
Are You Prepared
to Respond? RMI • Is your infrastructure Cyber-Resilient? – Is the affect of an attack contained by architectural features and operational procedures that limit damage, or does the attack run freely? • Is your BCP/DR plan Cyber-Resilient? – Will critical systems and communications that you are relying on fail due to an attack? – Do support agreements (e.g: hosting, insurance) cover cyber-recovery? • Does your BCP/DR address cyber-attacks? – Are your policies and procedures aligned with assurances of safety, or are you backing up the attacker to restore it during your recovery? © Copyright, Risk Masters, Inc. 2013. All rights reserved. 17
18.
Cyber-Resilience: Mitigating a
Breach RMI • Traditional cyber-defense is built as a “fortress perimeter” – Networks were not designed to be cyber-resilient – Cyber-defenses (e.g.: barriers, detection) were added to existing networks • Fortress defenses are limited – They do not readily keep up with attackers – They encumber users (access controls, BYOD limits) • Networks can be designed with cyber-resilience © Copyright, Risk Masters, Inc. 2013. All rights reserved. 18
19.
Components of Cyber-Resilience RMI •
Segmentation: Distinct and critical services that need to be secured are isolated in multiple secure zones with air-gaps and sterile zones • Hardening: Applications and infrastructure are Internet-hardened • Dispersal: Public facing services and non-proprietary content may be hosted in public clouds, while sensitive content may be secured in distinct protected zones and content accessed only through secure transactions. • Synchronization: Operational activities (e.g.: releases, imaging, builds, backup, versioning, retention) are synchronized with integrity validation processes (quarantine, virus scanning/cleansing, etc…) © Copyright, Risk Masters, Inc. 2013. All rights reserved. 19
20.
Segmentation - Example RMI Implementing
a network as separate and distinct networks that are secured from each other provides organic resilience © Copyright, Risk Masters, Inc. 2013. All rights reserved. 20
21.
RMI Risk Masters,
Inc. Being Prepared © Copyright, Risk Masters, Inc. 2013. All rights reserved. 21
22.
Being Prepared for
Cyber-Recovery RMI Your checklist for Cyber-Recovery Organize Plan Transform Validate © Copyright, Risk Masters, Inc. 2013. All rights reserved. 22
23.
RMI Organize Validate Planning for CyberRecovery Plan Transform © Copyright,
Risk Masters, Inc. 2013. All rights reserved. 23
24.
Planning for Cyber-Recovery RMI Develop
an organizational structure to lead recovery activities before and after an attack Organize © Copyright, Risk Masters, Inc. 2013. All rights reserved. 24
25.
Planning for Cyber-Recovery Plan ©
Copyright, Risk Masters, Inc. 2013. All rights reserved. RMI • Assess current state of readiness – Review prevention and recovery plans – Evaluate operational integrity – Test readiness and effectiveness • Design cyber-resilience into your infrastructure and operating model – Bulkheads, compartments, isolation – Align operating cycles (e.g.: backup) with processing that establishes trust in your infrastructure • Develop a recovery plan 25
26.
Planning for Cyber-Recovery Transform RMI •
Implement the changes necessary to achieve – Cyber-resilience – Cyber-recoverability © Copyright, Risk Masters, Inc. 2013. All rights reserved. 26
27.
Planning for Cyber-Recovery RMI •
Test your plan Randomly test components throughout the year Periodically test large-scale integrated components, and the whole system Validate • During your tests... Recognize that systems are under attack Contain the damage, prevent its spread, remove the agents Restore trusted software and data from a trusted image. Manage the consequences, minimize its impact, communicate effectively © Copyright, Risk Masters, Inc. 2013. All rights reserved. 27
28.
A Recovery -
Example Corporate IT Data Center (HQ) RMI Response Activities to Hacker Attack To Plant IT Network 1 6 1 3 4 Virus/Trojan Signature from Vendor Symantec Bare Metal Restore Server Corporate IT “Gold Network” 6 Recovery Time from Trojan Attack NOTE: This Illustration assumes a Trojan attack whose presence remains latent for seven (7) days. 2 Day “0” Trusted Backup Once a signature is delivered, Client must run a job to scan image backups chronologically backward in order to identify a “trusted image” from which infected servers can be restored. Corporate IT will restore infected server(s) from trusted image backups and resume IT services. 4 5 6 Client must wait on vendor distribution of a virus signature that will permit inspection of backups for possible infection. Firewall Firewall EMC VNX (image storage) When corruption has been identified, operators will take action to isolate the problem. 5 2 2 Virus or Trojan Horse sits in a latent state after being planted by the intruder. This corruption may not manifest itself for days, weeks or even months after infection. 3 Storage Corporate IT has establish an isolated network in HQ that will resist external intrusion and perform daily chronological images backups for critical system and application servers. 2 System/Application Servers 3 Undetected Latent Threat 4 5 6 1 2 3 4 © Copyright, Risk Masters, Inc. 2013. All rights reserved. 5 6 7 8 9 10 11 12 13 14 Expected Recovery Time (in calendar days) 28
Descargar ahora