Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
1EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
Building Last Line Of
Defense
Anshuman Rai
Director ...
2EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
ARE YOU STAYING AHEAD OF THE CRIMINAL EVOLUTION?
CYB...
3EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
NATURE OF THE CHALLENGE
2016 DATA BREACH INVESTIGATI...
4EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
THREAT EVENTS: A DIFFERENT CHALLENGE
“It erased ever...
5EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
THREAT EVENTS: UNPRECEDENTED RESPONSE
FBI releases f...
6EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
Banks should immediately put in place a cyber-securi...
7EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
LAYERED CYBER SECURITY
Advanced Protection Services
...
8EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
ISOLATED RECOVERY SOLUTION – OVERVIEW
1
Planning and...
9EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
ISOLATED RECOVERY SOLUTION – OVERVIEW
1
Planning and...
10EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
ISOLATED RECOVERY SOLUTION – OVERVIEW
1
Planning an...
11EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
ISOLATED RECOVERY SOLUTION – OVERVIEW
1
Planning an...
12EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
ISOLATED RECOVERY SOLUTION – OVERVIEW
1
Planning an...
13EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
EMC’S IR SERVICES & NIST FRAMEWORK
• Asset Manageme...
14EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY
ADVISORY & IMPLEMENTATION SERVICES – OVERVIEW
HOW C...
15EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY© Copyright 2016 EMC Corporation. All rights reserve...
Elets BFSI CTO Summit - Technology Presentation - Anshuman Rai, Director - BFSI, EMC India
Nächste SlideShare
Wird geladen in …5
×

Elets BFSI CTO Summit - Technology Presentation - Anshuman Rai, Director - BFSI, EMC India

160 Aufrufe

Veröffentlicht am

Elets BFSI CTO Summit - Technology Presentation on "Last Line of Defense Against Cyber Attacks" by Anshuman Rai, Director - BFSI, EMC India

Key Themes:

◆ Bankers’ role in technology ecosystem
◆ Latest technology analysis
◆ Building a digital platform for banks
◆ Ways to keep advance cyber threats at bay
◆ Defending against the unknown
◆ Blockchain revolution
◆ Payment Innovations
◆ Social Banking
◆ Optimising banking technologies : New Vistas
◆ Emerging technologies & impact on banking - benefits and challenges

Website - http://goo.gl/aXJUQe
Queries - http://goo.gl/sgKlPi
Agenda - http://goo.gl/K4yBtU
Glimpses - http://goo.gl/te6JSh
Videos - http://goo.gl/z4T03h

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

Elets BFSI CTO Summit - Technology Presentation - Anshuman Rai, Director - BFSI, EMC India

  1. 1. 1EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY Building Last Line Of Defense Anshuman Rai Director BFSI EMC CONFIDENTIAL—INTERNAL USE ONLY
  2. 2. 2EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY ARE YOU STAYING AHEAD OF THE CRIMINAL EVOLUTION? CYBER CRIME GETS SOPHISTICATED Cyber Theft Denial of Service Attacks Cyber Extortion Cyber Destruction Traditional Threats Emerging Threats Isolated Recovery Solutions Protect Against these Classes of Attacks
  3. 3. 3EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY NATURE OF THE CHALLENGE 2016 DATA BREACH INVESTIGATIONS REPORT • Breach Count Growing Exponentially Led By Hacking And Malware • Attackers are able to compromise an organization within 6 minutes in 60% of cases. • Likelihood To Discover The Breach Within Days Still Under 25% • 58% of all data leaked in 2011 was owing to the actions of “ideologically motivated hacktivists.”
  4. 4. 4EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY THREAT EVENTS: A DIFFERENT CHALLENGE “It erased everything stored on 3,262 of the company’s 6,797 personal computers and 837 of its 1,555 servers. The studio was reduced to using fax machines, communicating through posted messages, and paying its 7,000 employees with paper checks.” - Fortune, July 2015 “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.” - Letter from CEO, Feb 17, 2016
  5. 5. 5EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY THREAT EVENTS: UNPRECEDENTED RESPONSE FBI releases flash memo titled “#A-000044-mw” within 6 days of the Sony event. The report provided advice on how to respond to the malware and asked businesses to contact the FBI if they identified similar malware. From the report: "The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods.” - FBI Flash Report Dec 2nd 2014 “Data replication, however, may also be susceptible to simultaneous cyber attacks, and using this replication strategy may inadvertently result in backup or replicated data being destroyed or corrupted along with the production data. The financial institution should take steps to ensure that replicated backup data cannot be destroyed or corrupted in an attack on production data. …air-gapped data backup architecture limits exposure to a cyber attack and allows for restoration of data to a point in time before the attack began.” - FFIEC, Appendix J February 6, 2015
  6. 6. 6EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY Banks should immediately put in place a cyber-security policy elucidating the strategy containing an appropriate approach to combat cyber threats given the level of complexity of business and acceptable levels of risk, duly approved by their Board. Banks should proactively initiate the process of setting up of and operationalizing a Security Operations Centre (SOC) to monitor and manage cyber risks in real time. CCMP should address the following four aspects: Detection, Response, Recovery, Containment Considering the fact that cyber-risk is different from many other risks, the traditional BCP/DR arrangements may not be adequate and hence needs to be revisited keeping in view the nuances of the cyber-risk. CYBER SECURITY FRAMEWORK - RBI RBI/2015-16/418 DBS.CO/CSITE/BC.11/33.01.001/2015-16
  7. 7. 7EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY LAYERED CYBER SECURITY Advanced Protection Services - Isolated Recovery Solution - EMC Service Offerings - (Assess, Plan, Implement, & Validate) - Use of Evolving Security Analytics - RSA Security Analytics Additional Hardening & Protection Features - DPS Product Specific Hardening Guides - Encryption in Flight and/or at Rest - Retention Lock w/Separate Security officer credentials Traditional Data Protection Best Practices - Deploy a layered data protection approach (“the continuum”) for more business critical systems but always include a point in time off array independent backup with DR Replication (N+1) RISK Best
  8. 8. 8EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY ISOLATED RECOVERY SOLUTION – OVERVIEW 1 Planning and Design: • Business Critical Applications • Recovery Requirements • Dependencies Product Security / Hardening Procedures: support.emc.com Corporate Network PRODUCTION APPS DR/BU
  9. 9. 9EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY ISOLATED RECOVERY SOLUTION – OVERVIEW 1 Planning and Design: • Business Critical Applications • Recovery Requirements • Dependencies 2 Isolation - Replication: • Network Isolation/Air Gap • Dedicated Network Link • Enable-replicate-disable link • Automated and Scripted Product Security / Hardening Procedures: support.emc.com Air Gap Corporate Network Data Only Connection ISOLATED TARGET PRODUCTION APPS DR/BU
  10. 10. 10EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY ISOLATED RECOVERY SOLUTION – OVERVIEW 1 Planning and Design: • Business Critical Applications • Recovery Requirements • Dependencies 2 Isolation - Replication: • Network Isolation/Air Gap • Dedicated Network Link • Enable-replicate-disable link • Automated and Scripted Product Security / Hardening Procedures: support.emc.com Air Gap Corporate Network Data Only Connection ISOLATED TARGET PRODUCTION APPS DR/BU
  11. 11. 11EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY ISOLATED RECOVERY SOLUTION – OVERVIEW 1 Planning and Design: • Business Critical Applications • Recovery Requirements • Dependencies 2 Isolation - Replication: • Network Isolation/Air Gap • Dedicated Network Link • Enable-replicate-disable link • Automated and Scripted 3 Validation of Data: • Trusted Copies and Versioning • Validate Copy After Replication • Tools and methods application dependent Product Security / Hardening Procedures: support.emc.com Air Gap Corporate Network Data Only Connection ISOLATED TARGET PRODUCTION APPS DR/BU
  12. 12. 12EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY ISOLATED RECOVERY SOLUTION – OVERVIEW 1 Planning and Design: • Business Critical Applications • Recovery Requirements • Dependencies 2 Isolation - Replication: • Network Isolation/Air Gap • Dedicated Network Link • Enable-replicate-disable link • Automated and Scripted 3 Validation of Data: • Trusted Copies and Versioning • Validate Copy After Replication • Tools and methods application dependent 4 Restore and Recovery: • Standard Restore Processes • Additional validation recommended • Ability to restore to dedicated restore host Product Security / Hardening Procedures: support.emc.com Air Gap Corporate Network Data Only Connection ISOLATED TARGET PRODUCTION APPS DR/BU
  13. 13. 13EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY EMC’S IR SERVICES & NIST FRAMEWORK • Asset Management • Business Environment • Governance • Risk Assessment • Risk Management Strategy Protect • Access Control • Awareness and Training • Data Security • Information Protection Processes and Procedures • Maintenance • Protective Technology • Anomalies and Events • Security Continuous Monitoring • Detection Processes • Response Planning • Communications • Analysis • Mitigation • Improvements • Recovery Planning • Improvements • Communications • Validation Identify Detect Respond Recover NIST CYBERSECURITY FRAMEWORK EMC IR Services for Risk Management, Governance Model, & Operating Model Isolated Recovery Solution Protective Technology, Processes & Procedures Isolated Recovery Solution Validation Servers. RSA Security Behavior Analytics EMC IR Services for Response Framework for Cyber Incident Management Isolated Recovery Solution with Recovery Servers EMC ISOLATED RECOVERY SERVICES & SOLUTION FRAMEWORK Full Advisory Service Scope
  14. 14. 14EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY ADVISORY & IMPLEMENTATION SERVICES – OVERVIEW HOW CAN EMC HELP: TWO APPROACHES Assess ValidatePlan Implement • Business Application Protection Requirements • Compliance Policies Requirements • Application Readiness & Requirements • Application Dependencies • IRS Architecture & High-Level Design • Technology Recommendations • Implementation Plan & Timeline • IRS Validation Test Design • Program Managed Implementation • Technology Deployment & Hardening • IRS Processes & Procedures • IRS Run Books • Compliance Ready Test Reports • Facilitated IRS Table Top Exercises • IRS Process Training • Proctored IRS Test Advisory Service Implementation Service Educate & Assess Design & Build Workshop Format Various Delivery Models
  15. 15. 15EMC CONFIDENTIAL—INTERNAL USE ONLYEMC CONFIDENTIAL—INTERNAL USE ONLY© Copyright 2016 EMC Corporation. All rights reserved. GLOBAL SPONSORS Exclusively for CIOs, CTOs & IT Leaders 13 Oct | Grand Hyatt | Mumbai For IT Practitioners: 14 Oct – Mumbai | 18 Oct – Delhi | 20 Oct - Bangalore

×