CyberResilience

Cybersecurity. It is a complex and unrelenting challenge every company wrestles with as they embark on or continue their digital transformation. It is the “thing that keeps you up at night” and is the #1 subject on the minds of every public and private Board of Directors.

I think it's fair to say that we've seen more attacks,with increasing sophistication and more high-profile breaches

More so than in previous years?

The BIG quesiton is how do I recover when I have been attakced. We can help with this using our Cyber Recovery Vault.

The cyber security landscape is constantly evolving, which makes it difficult to keep up with

OS vulnerabilities were continually exploited, taking advantage of poor patching hygiene

For me , it was the ever expansion of data growth and how companies needed to secure it. This included PHI/PII , their IP etc.

The year of transformation! Enabling a remote workforce, for many overnight, but how do we do that securely?

(edited)

How has the new "normal", working from home, impacted the need for businesses to tighten their #cybersecurity?

NIST framework is a useful guide - remember the 5th pillar - RECOVER needs to be considered as an equal part to Protect, defend and respond

for many industries the nature of workplace has been redefined leading to distributed technology consumption at home. Considering Ransomware continues to be the most observed threat in 2020, protecting data at the edge and at endpoints is a huge challenge!

The pandemic obvious caused a huge shift in worker behaviour from designated locations t home working

Many companies had to move quickly to enable a remote workforce like you said. Itt seems like cyber threats also are moving quickly and constantly adapting. It's important to stay ahead.

and this drove much in the way of increased phising attacks

Exploitations of home networks with an increased remote workforce! That along with increased phishing campaigns, which is up 667% over 2019.

We have passed in 2020 a major milestone in the world's digital transformation. In a few weeks thousands of people turn to work from home and our organizations have succeeded to support this. This is impressive!! However, this brought up a new dramatic set of threats!!!

another issue continues to be "dwell time". Existing security controls are deployed around specific threats and not in a context-centric and unified fashion. Bad actors continue to take advantage of this as average detection times continues to be too long.

Yes, I think a lot of organizations have had to very quickly adjust their IT environments which has really opened up their systems to attack.

Tell us more @yanivharel1 ! What new #cyberthreats have we had to deal with?

it's a huge challenge to move from managing 10's of endpoints to 10,000's as every home office becomes one and needs protecting

Research by VMware has show that almost all CISOs in the survey company's experienced an attack of some type this year

You only have to ask the people you know how many now have the ability to work from home that didn't a year ago.

Can you share the #VMware research @smckinno ? Very interesting and disturbing.

Cyber Criminals are increasingly become more sophisticated. Demonstrating this year we are all vulnerable!

We are also seeing misplaced beliefs around cloud being more secure than on-premises deployments or vice versa. Fundamentally, we need to move towards intrinsically secure blueprints for consumption of digital assets so that apps can be safely consumed wherever they are deployed.

Organizations have started to work in a new architecture that we haven't prepared and to let many devices to connect, devices that the organizations are not familiar with, the people private computers.. a tough challenge to the security teams...

@agree Arash.

Custom malware was the most common attach type

Research from Forrester and Gartner confirmed that data breaches are on the rise and it’s clear that business-as-usual-security can’t keep pace https://www.crowdchat.net/s/565lx

It's becoming increasingly interesting, now our Security and IT teams are remote. How the silos between these teams aren't just operational but now social silos. How do we break these down to create operational success?

Medical devices and their protection is a key concern in healthcare; typically these network endpoint types cannot be patched due to long service lifetimes, regulations relating to certified use and embedded OSs.

VMware Carbon Blacks own Threat Analytics Unit shows a 148% increase in ransomware attacks and that 52% of all cyber-attacks in March 2020 were finance related.

Complexity continues to be the enemy of security hygiene!

Correct, we should look at it as an arm-race, while the defenders proceed, the attackers do their progress as well..

The press release, FYI, is here: https://corporate.delltechnologies.com/en-us/newsr...

To help the audience , can the team explain the difference between Zero Trust and Cyber Resilience?

The announcement really showed the strength that Dell Technologies broad portfolio brings to security. It's not just from my side on the PowerEdge servers but across the whole portfolio as Dell Technologies knows security is more than a single solution.

Thrive with the Confidence of Cyber-resilience https://www.crowdchat.net/s/565mf

Dell Technologies announced a portfolio of new intrinsic security solutions and capabilities across the entire company.

@Curran_Richard Zero Trust is fundamentally about deploying your security controls and policies as close to and focused on what you want to protect as you possibly can. In a way, it's the opposite side of perimeter-centric approach to security.

Zero-Trust is a mindset around workflow, system design and operations to improve security posture; creating the best defences possible. Cyber resilience is about capacity to recover in the event of a breach; an operational focus

Hey Natalie, great to see you on ;-)

Our story is quite simple for this announcement – battling cybersecurity is about starting strong, staying strong, and outmaneuvering threats. It sounds simple on paper, but it is not simple in execution. https://www.crowdchat.net/s/765mo

Zero trust is a fundamental guiding principal all organisations need to consider as the traditional perimeter is fast disappearing.

Dell Technologies Secured Component Verification for PowerEdge is just one of the server solution we are bringing with this announcement. Our servers have a range of security features embedded to secure different aspects of the servers but this is now taking security up a level.

We tend to think about security as "security products" or "security Services" however part of the security is built of the security of the products and not just security products! The security level that your products is super important to the entire security of the organization.

Staying strong is about being constantly vigilant, looking over the horizon for emerging threats, and providing solutions before there is a (big) problem. This involves systems going into production as well as live systems with critical customer data. (1/2)

Here we’re offering Dell EMC PowerEdge UEFI Secure Boot Customization to address industry-wide firmware certificate authenticity issues (2/2)

Expression of architecture in software creates great opportunities for the implementation of a zero trust approach to security in the enterprise.

So built-in security into the products is important, right @yanivharel1 ? That is exactly what was announced for #PowerEdge.

This brings the ability to securely check the configuration that the server left the factory with is the same that is delivered to you to make sure nothing has been changed on route.

@smckinno When in theory we can utilise a strong Zero Trust framework with to improve cyber resiliancy.

The announcement covered some foundational capabilities that add to good security hygiene; supply-chain, protection of assets in transit and validation on arrival

https://www.delltechnologies.com/en-us/solutions/o...

These really helps in building trust in the various security layers that follow. VMware picks up on this theme by supporting a Secure Boot process that leverages UEFI as well as hardware-based attestation to give higher degrees of confidence over the software stack

Intrinsic security allows us to weaponise our systems, infrastructure and platforms against bad actors.

https://www.delltechnologies.com/en-gb/solutions/o...

@really good inputs. As a guiding principle with this framework , one needs to ensure a level of attestation so that workloads can run on a product that has not been compromised.

The way your product is being developed, methodologies like SDL, the components that are being used, supply chain issues, and the way the vendor takes care of vulnerabilities are all important to security not less than the security systems that we will put on top later..

84% of respondents to a Forrester Research survey considered hardware/supply chain security to be critically or very important to their business.
(Source: Forrester Research, Inc., The Next Frontier for Endpoint Protection)

https://www.delltechnologies.com/en-za/collaterals...

The Dell announcement focused on the hardware aspects of Intrinsic Security, VMware picks up that same theme from a software perspective. Intrinsic Security means enabling security controls within the software layer, with analytics, to leverage the infrastructure capabilities.

iDRAC9 now also enhances the System Lockdown function. This allows you to secure a servers configuration and stop unplanned configuration changes. This also does NOT require a server reboot to lock and unlock which is a critical feature for a server.

For example turning devices, identity, endpoints, workloads, networks and clouds into control points, creates the basis for Intrinsic Security.

Even those with full admin privileges are limited to read-only access unless the lock is first disabled. This prevents server ‘drift’ and unwanted firmware changes.

That's a great point James. Zero-trust requires operational processes to ensure that the controls deployed are effective. Being able to detect and respond to material events are part of the recovery process, but if there has been a compromise, say ransomware ...

then having a resiliency solution as part of the ZT approach can support customers in recovering quickly