• Cyber resilience

    • The shift from threat prevention to cyber resilience

    • As the universe of sophisticated cyber threats, such as ransomware, continues to grow in volume and effectiveness, organizations in every industry are moving from a threat prevention strategy to a cyber resilience model for holistic cyber security. Organizations acknowledge that while blocking threats is still a critical priority, prevention will not always be 100% successful. Cyber resilience requires organizations to also focus on the ability to respond to an attack, mitigating damage while protecting critical data and enabling recovery with assured data integrity to restore business continuity.

      Cyber recovery solutions and services are an essential component of an overall cyber resilience strategy –Cyber recovery solutions and services reduce the risk of and damage caused to critical data, and the organization itself, by cyber attacks. By providing isolation, immutability and intelligent analytics to protect critical data within a dedicated vault, cyber recovery solutions and services can significantly improve an organization’s resilience to an attack.

      PowerProtect Cyber Recovery provides the intelligent strategies, solutions and services  to protect critical data and recover quickly and with confidence after a ransomware or cyber attack to resume normal business operations. By isolating critical data, identifying suspicious activity and accelerating data recovery, PowerProtect Cyber Recovery enables enterprises to more easily to achieve cyber resilience.

    • PowerProtect Cyber Recovery

      Experience how Machine learning-powered PowerProtect Cyber Recovery protects and isolates mission-critical data from advanced cyber threats like ransomware.

    • The keys to recovery and cyber resilience

    • In addition to defenses that prevent cyber attacks, organizations seeking to improve cyber resilience need an effective data recovery framework. The most effective approach today involves three key components.

      • Data Isolation is critical. The vault is ideally operated in a physically restricted area, such as a cage or locked room, that helps to guard against an insider threat. When the air gap is in a "locked" state – no data can flow – there is no access to any part of the solution. When unlocked, which is done to update or "sync" data, the operation is controlled from the secure, vaulted side, not from production. And during this phase the vault maintains a very secure profile. Only network traffic representing replication data is allowed and there is never access to other vault components or to the management plane of the storage or solution. So bad actors can't wait for the vault to unlock and then just drive in. 
      • Data Immutability is next. Using PowerProtect DD’s Compliance Mode Retention Lock capability, data is prevented from deletion or change for a set time period, usually two weeks to a month (customer configurable). The lock cannot be overridden, even by an administrator with full privileges. Unique to PowerProtect DD are enhancements that further secure the lock from an attack on the clock (or NTP server), which might otherwise allow a bad actor to create an early expiration of the lock. Those who do not want or require such a strong control, or want operational flexibility, can configure governance retention lock (which is also the available mode on our PowerProtect DD Virtual Edition (DDVE)). 

      PowerProtect Cyber Recovery’s Data Intelligence is based on the analytics engine – CyberSense – described in more detail in a later slide. But at a high level, CyberSense evaluates the full content of files and not just metadata or operating system information. This gives it more insight into whether the data has been improperly corrupted or modified. Machine learning ensures that the analytics stay ahead of changes in tactics

    • Achieving cyber resilience with Dell

    • PowerProtect Cyber Recovery enables cyber resilience by protecting and isolating critical data from ransomware and other cyber threats. This Dell solution uses machine learning to identify suspicious activity and enable recovery of known good data and to resume normal business operations quickly and with confidence.

      PowerProtect Cyber Recovery protects data and provides recovery across on-premises and multiple cloud environments including Dell Technologies Cloud and other leading service providers such as AWS, Microsoft Azure and Google Cloud Platform.

      PowerProtect Cyber Recovery provides a secure digital vault that is logically and physically isolated from the production and backup networks with an operational air gap. To provide the best chance for recovery if production and primary backups have been compromised or infected, data in the vault is protected in an immutable format with retention locks. This Dell solution promotes cyber resilience by ensuring that a clean copy of data free from corruption can be recovered after a cyber or ransomware attack.

    • How PowerProtect Cyber Recovery works

    • PowerProtect Cyber Recovery is built to be the last line of data protection defense against cyber attacks.

      • The vault operates in 4 basic steps:
      • Data representing critical applications is synced through the air gap, which is unlocked by the management server into the vault and replicated into the vault target storage. The air gap is then re-locked
      • A copy of that data is made. Vault retention is configurable, but most keep about a month's worth of copies
      • The data is retention locked to provide ransomware protection and against other risks such as accidental or intentional deletion or encryption for example.
      • The data is optionally analyzed by our analytics engine, CyberSense (more on that later). 
      • Recovering data from the vault in the event of a ransomware or cyber attack or simply for recovery testing procedures is critical and there are a number of ways recovery can be performed.
      • Monitoring and reporting is also provided from within the vault and can be shared outside of the vault environment in a variety of secure methods which we will discuss in more detail.
      • ransomware protectionRecovery workflows are fully automated to enable fast resumption of business operations.

    • Integration with CyberSense

    • PowerProtect Cyber Recovery is the first solution to fully integrate CyberSense, an optional capability that fully indexes and analyzes vaulted data within the security of the vault to help detect indicators of compromise and attack. CyberSense proactively identifies attacks in motion with accuracy that’s been shown to be greater than 99%. CyberSense constantly monitors data integrity to detect mass deletions, encryption and more than 100 types of changes in files and database that are often associated with an attack. CyberSense automatically generates alerts when signs of corruption are found and identifies the last good copy of data for recovery. With Cyber Sense, organizations can more easily identify threats, diagnose attack vectors and protect business-critical content to enhance cyber resilience.

    • FAQs: What is cyber resilience?

    • What is cyber resilience?

      Cyber resilience is an organization’s ability to prevent, respond to and recover from cyber attacks. Cyber resilience requires security teams to move beyond strict threat prevention and to incorporate technologies that can mitigate the damage from sophisticated cyber threats like ransomware and insider attacks and recover data quickly after an attack.

      How do companies achieve cyber resilience?

      Cyber resilience requires a multilayered approach to cyber security. In addition to advanced threat protection and security training for employees, a strong cyber recovery strategy can promote cyber resilience by protecting backup systems from corruption and enabling fast recovery of business-critical systems, applications and operations after an attack.

    • APEX Cloud Services

      APEX Cloud Services offer compute and storage resources that enable secure and consistent infrastructure and operations for your workloads across private and public.

    • APEX Data Storage Services

      APEX Data Storage Services is an on-premises, as-a-service portfolio of scalable and elastic storage resources designed for OpEx treatment.*

      *OpEx treatment is subject to customer internal accounting review and policies.

    • VMware Cloud on Dell

      A VMware managed on-premesis infrastructure, delivered as-a-service designed to run your most critical business workloads.