RESPOND & RECOVER OPERATIONAL RESILIENCE - Equipping our clients with leading cyber solutions and a proven methodology to build operational ...

Page created by Derek Russell
 
CONTINUE READING
RESPOND & RECOVER OPERATIONAL RESILIENCE - Equipping our clients with leading cyber solutions and a proven methodology to build operational ...
4: Respond & Recover

RESPOND
& RECOVER
Equipping our clients with leading cyber solutions and
a proven methodology to build operational resilience
in the event of an attack.

Business Outcomes

          OPERATIONAL RESILIENCE

                                                         Cybersecurity | 2019 | 46
RESPOND & RECOVER OPERATIONAL RESILIENCE - Equipping our clients with leading cyber solutions and a proven methodology to build operational ...
4: Respond & Recover

Respond & Recover

Implementing precautionary measures to take
a proactive approach to security is the best way
to keep ahead of threats.
However, as the threat landscape is constantly changing and attacks
continue to grow more sophisticated, Dell Technologies recommends
our clients always have a response and recover strategy in place, so that
in the event an attack does occur, the business can function as normal.

Taking this approach will equip the business with worst case scenario
remediation plans to ensure the business can continue to operate as
normal. The following solutions outline Dell Technologies Response
& Recovery cybersecurity solutions.

                                                                            Cybersecurity | 2019 | 47
RESPOND & RECOVER OPERATIONAL RESILIENCE - Equipping our clients with leading cyber solutions and a proven methodology to build operational ...
4: Respond & Recover

Respond |                    OPERATIONAL RESILIENCE

Fraud Prevention                                                                              Incident Response
     PRODUCT SOLUTIONS                                                                             MANAGED SERVICE SOLUTIONS

The RSA NetWitness Platform,                           RSA NetWitness® Platform               Secureworks accredited
a leader in Gartner’s 2018 Magic                       enables the experts in our             cyber incident response
Quadrant for Security Information                                                             team backed with proprietary
                                                       cyber defence centre to
and Event Management, applies                                                                 Secureworks Threat Intelligence
the most advanced technology to                        understand the true nature,            and purpose-built response
enable security teams to work more                     scope and impact of an                 technologies helps you resolve
efficiently and effectively.                           incident and empowers                  complex cyber incidents at scale.
It uses behavioral analysis, data science techniques   them to take immediate,                Our services help you reduce response time
and threat intelligence to help analysts detect and    targeted action.”                      and incident impact by leveraging Secureworks
resolve both known and unknown attacks before                                                 seasoned incident responders.
they disrupt your business.                            K Lakshmi Narayanan
                                                                                              Using purpose-built response technologies enriched
The platform uses machine learning to automate
                                                       AVP and Head of Cybersecurity          with years of cyberattack and threat group data to
and orchestrate the entire incident response           Technology and Operations,             help you respond to and mitigate cyber incidents
lifecycle. This allows security teams to collapse      Infosys                                efficiently and effectively.
disparate security tools and the data they generate
into a single, powerful, and fast user interface.      For more information: bit.ly/2BAMrjr

                                                                                                                         Cybersecurity | 2019 | 48
RESPOND & RECOVER OPERATIONAL RESILIENCE - Equipping our clients with leading cyber solutions and a proven methodology to build operational ...
4: Respond & Recover

Recover – Dell EMC Cyber Recovery Solution |                                               OPERATIONAL RESILIENCE

   PRODUCT SOLUTIONS

Operational Resilience in the Event of an Attack

Datacentres are a fundamental part of         BUSINESS CHALLENGE                                                    One of the most poignant
business infrastructure. An attack on this    Whilst proactive solutions can help to protect businesses             things I’ve heard a client say
                                              from cyberattacks, insider threats still pose a huge risk to the
infrastructure can not only devastate a       business and are much harder to detect and defend against.            about this solution is that:
business commercially but can have a          Whether it is a rogue employee or an intruder has taken over
much wider impact on society as a whole       access of your systems, businesses must protect their ability         “This solution is the
as it disrupts core services to customers.
                                              to recover in order to minimise disruption to the running of the       difference between business
                                              business and impact on customers.
                                                                                                                     continuance and business
This threat to society has meant that there   THE SOLUTION
                                                                                                                     existence. In the absence
is an increased focus on protecting backup    Dell EMC’s Cyber Recovery solution protects your business’
                                                                                                                     of this capability we might
systems and enhancing disaster recovery       most critical data by leveraging an air gapped cyber                   cease to exist after a
capabilities so that in the event of an       recovery vault and limiting access to authorised personnel             successful cyberattack.””
                                              only. This sophisticated, secure backup solution ensures
attack, businesses can continue to            critical data is physically and virtually separate from production    Todd Lieb
function as normal.                           systems. The vault is only accessible to the network when it is       Cyber Recovery Lead,
                                              transferring data – it then disconnects leaving the vault             Dell EMC
                                              in true isolation.

                                                                                                                                 Cybersecurity | 2019 | 49
RESPOND & RECOVER OPERATIONAL RESILIENCE - Equipping our clients with leading cyber solutions and a proven methodology to build operational ...
4: Respond & Recover

Recover |              OPERATIONAL RESILIENCE

Dell EMC Cyber Recovery Solution
   PRODUCT SOLUTIONS
                                                                                             2. Isolation
                                                                                             Move critical data
                                                             1. Planning                     into isolated vault                      3. Analysis
This solution works best in                                  Identify critical data                                                   Continually analyse vault
addition to disaster recovery                                to host in vault                                                         for unusual behaviour

and backup systems.
                                                C O RPO RAT E NET WO RK                                                  CYBE R R E COVE R Y VAULT
Dell EMC recommends to                                      PRODUCTION
only backup 10-15% of your                                     APPS
                                                                                                                         PROTECTION STORAGE
most critical data in the                                                                                                                                   Backup
vault, updating once per day                                                                                                                              10-15% of
                                                                                                AI R                                                     most critical
and storing data for up to                                                                      GAP                                                       data for up
30 days.                                                                                                                                                   for up to
                                                                                         Network connected                                                 30 days
In the event of an attack,                                                                   once a day
                                                                                                                                                      COMPUTE FOR:
this solution enables you                                                                                                                             • Management orchestration
                                                                                                                                                      • Backup application
to recover data in its                                       DISASTER
                                                                                                                                                      • Analytics tools
                                                                                                                                                      • Recovery
last known true state to                                     RECOVERY
                                                             / BACK UP

be moved back into the
corporate network to enable                             MANAGEMENT PATH                                                         NO MANAGEMENT PATH
                                                  Perimeter Defense - Authorised Users                                          CSO Cleared Personnel Only
your business to operate                                                                    4. Recovery
                                                                                            In the event of an attack,
as normal.                                                                                  data is recovered from
                                                                                            its last known true state
                                                                                            from the vault to the
                                                                                            corporate network
                                                                                                                                                Cybersecurity | 2019 | 50
RESPOND & RECOVER OPERATIONAL RESILIENCE - Equipping our clients with leading cyber solutions and a proven methodology to build operational ...
4: Respond & Recover

Recover |                   OPERATIONAL RESILIENCE

Dell EMC Cyber Recovery Solution
     PRODUCT SOLUTIONS

This robust business resilience solution is made up of four components:

1. Planning                                    2. Isolation                                    3. Analysis                                4. Recovery

Assess business critical systems to            The centrepiece of the solution is the          Cyber Recovery’s automated workflow        Automate recovery workflows to
protect and create dependency maps             cyber recovery vault, an isolated and           includes the ability to create sandbox     perform recovery and remediation after
for associated applications and services,      protected part of the datacentre.               copies that organisations can use for      an incident and bring business resiliency
as well as the infrastructure needed to        The vault hosts critical data on Dell           security analytics. Analytics can          to a higher level.
recover them.                                  EMC technology used for recovery                automatically be performed on a
                                               and security analytics.                         scheduled basis.                           Cyber Recovery allows customers to
The service generates recovery                                                                                                            leverage dynamic restore / recovery
requirements and design alternatives,          The goal of the vault is to move data away      CyberSense applies over 40 heuristics to   procedures using existing disaster
identifies the technologies to analyse, host   from the attack surface, so that in the event   determine indicators of compromise and     recovery procedures that bring business
and protect data, along with providing a       of a malicious cyberattack, organisations       alert the user.                            critical systems back online.
business case and implementation timeline.     can quickly resort to a good, clean copy of
                                               data to recover critical business systems.      Cyber Recovery stays ahead of the          Dell EMC and its ecosystem partners
                                               Using vault protections around the isolated     bad actor by enabling tools such as        provide a comprehensive methodology
                                               data also protects it from insider attacks.     CyberSense which incorporate Artificial    for protecting data, as well as performing
                                                                                               Intelligence and Machine Learning          damage assessments and forensics to
                                               Dell EMC Cyber Recovery automates the           analytics methods to the vault.            either recover your systems or remediate
                                               synchronisation of data between production                                                 and remove the offending malware.
                                               systems and the vault, and creates
                                               immutable data copies.
                                                                                                                                                             Cybersecurity | 2019 | 51
RESPOND & RECOVER OPERATIONAL RESILIENCE - Equipping our clients with leading cyber solutions and a proven methodology to build operational ...
4: Respond & Recover

Our Clients say...                                    Industry Analysts say...

    Financial institutions are among the most             The most effective plans for cyber threat
    targeted organisations for cyberattacks               resilience must include provisions to
    and our responsibility is to ensure the highest       protect and isolate the data protection
    levels of security for our members and the            infrastructure.
    financial assets they entrust us with.
                                                          By design, data protection systems are
    All it takes is for one successful intrusion or       architected on the same networks as
    ransomware attack to seriously disrupt any            production systems and are therefore
    business and if the bad guys are smart enough         part of the potential attack surface.
    to know where your backups are, you’re left
                                                          Dell EMC offers a smart solution that
    with no protection.
                                                          employs an air-gapped Cyber Recovery
    Dell EMC Cyber Recovery helps my team                 Vault, along with automated software
    isolate all of our critical data off-network,         that helps isolate, analyse and recover an
    giving us confidence in our business                  organisation’s critical data so business can
    resilience in the event of a worst-case               resume in the event of a cyber intrusion or
    cyberattack scenario.”                                ransomware attack.”
    Bob Bender                                            Christophe Bertrand
    Chief Technology Officer,                             Senior Analyst,
    Founders Federal Credit Union                         ESG
     For more information: bit.ly/2eYyAcn                 For more information: bit.ly/2IZEtnn
                                                                                                 Cybersecurity | 2019 | 52
67

Contact Details
    www.DellTechnologies.com

    @DellTech

Dayne Turbitt                  Margarete McGrath                 Chris Miller                 Simon Godfrey
Senior Vice President UKI      Chief Digital Officer UKI         RSA Regional Director, UKI   Secureworks Regional Director, UKI

     Dayne.Turbitt@Dell.com         Margarete.Mcgrath@Dell.com        Chris.Miller2@RSA.com        SGodfrey@Secureworks.com

     bit.ly/2xGgo0p                 bit.ly/2NGJdUq                    bit.ly/2V9Tl82               bit.ly/2V5J3pD

                                                                                                                                   Cybersecurity | 2019 | 67
You can also read