A Resilient Cyber Strategy Includes Defense and Recovery
Shook stressed the need for cyber resilience as a part of any organization’s IT strategy.
“When we talk about cyber resilience, we’re really talking about a high level, holistic strategy that incorporates cybersecurity standards and guidelines and best practices across the organization.”
Gerr added, “Cyber resilience is really about being confident in your organization’s ability to recover from a disruptive event, cyberattack or other ransomware or malware attack.”
“What’s important to understand about cyber recovery is that it’s a component of a larger cyber resilience strategy, one that’s really focused on isolating business-critical data away from the attack surface, the operational air gap, and making sure that that critical data is stored immutably in a hardened vault, which will enable recovery post-attack,” Shook said.
Cyber Recovery Should Include These Key Components
According to Shook, any good cyber recovery solution should include three main components. “The first is isolation,” he said. “Now, this means both physical, via maybe a locked room on- premises in a data center, or off-premises in a cloud-based vault. It also means logical isolation, isolating the data and the management paths, isolating the command and control access separating the cyber recovery vault from the attack surface, from production and from backup environments,” he said.
The second component he listed was immutability, saying, “Dell defines immutability as both hardware and/or software working together with additional controls that ensure the original integrity and availability of the data in the vault is preserved.”
The final component he emphasized was intelligence. A good cyber recovery solution should apply “innovative and comprehensive tools like machine learning and AI within the security of the cyber recovery vault to identify potential cyberthreats and help identify whether data in the vault is recoverable,” he said.
Shook explained that these three components should work together to provide security for all of an organization’s data and to offer the best possible chance of recovering that data in the event of an attack.
Follow along with highlights from Dell Technologies World on our event page.