Subscribe: - Pandemic
Preview: - Pandemic

CSO Online Disaster Recovery

Published: Thu, 22 Feb 2018 15:29:02 -0800

Last Build Date: Thu, 22 Feb 2018 15:29:02 -0800


IDG Contributor Network: What happens if... disaster recovery for the smart city and beyond

Tue, 20 Feb 2018 07:15:00 -0800

Crisis planning is integral to many cities across the planet and we see it in use when natural disasters strike. When the magnitude 9 earthquake hit Japan in 2011, previous disaster planning kicked in. But the response has been criticized because of the predictive limitations that informed the disaster recovery attempts. Other criticisms highlighted too much emphasis on using ‘hazard maps’ which were inaccurate. If our starting points are off point, then our disaster recovery will also be lacking.

In our smart cities, which are intrinsically dependent on data, disaster recovery has to include data as a critical infrastructure in its own right or as my previous article outlined—the data superstructure.

To read this article in full, please click here

Media Files:

IDG Contributor Network: Lessons from Hawaii – how prepared should we be?

Tue, 16 Jan 2018 08:05:00 -0800

If you’ve paid attention the news recently you heard about the accidental missile warning that went out in Hawaii. I can’t imagine the terror that must have resulted from that mistake. There are certain things that just are never funny, this is one of them. I don’t see us ever looking back with fond memories on that event.

But there are some lessons for us. I really started to think about what would I do if I was in this sort of situation? How could I prepare for such an event? I realized that I have no idea what I would have done. This is the sort of thing you just can’t be ready for.

My mind eventually wandered to cybersecurity and how we could learn a lesson from this event and I kept thinking about how could you possibly prepare for this. Emergency preparation requires a certain level of understanding, and the reactions must be simple, but they can have enormous results in such a situation. I realized I lack the proper level of understanding for that type of emergency.

To read this article in full, please click here

Media Files:

IDG Contributor Network: Board cybersecurity field trips

Fri, 12 Jan 2018 08:53:00 -0800

The annual Consumer Electronics Show shifted from geek heaven to a decidedly more serious tone this year as entire Boards of Directors from companies around the country descend on the Strip to learn about cybersecurity, hacking and more.  Hopefully, in breaking from Sin City’s popular tag line, what happens in Vegas will protect a myriad of companies back home.

What happens in Vegas?

The Wall Street Journal reported this week that corporate Board members were taking field trips to the Consumer Electronics Show (CES) in Las Vegas to learn more about cybersecurity.  Coordinated by the National Association of Corporate Directors, members are being treated to specialized programs on technology ranging from a couple of hours to a couple of days.  Though not the kind of party Sin City normally sees, it nonetheless suggests this is a perfect time for CISO’s and other security professionals to get more familiar with their Boards.

To read this article in full, please click here

Media Files:

IDG Contributor Network: Why we continue to fail: lessons learned from the Atlanta Airport fiasco

Tue, 02 Jan 2018 07:40:00 -0800

The recent Atlanta airport FIASCO paints a clear picture of how to screw up EVERYTHING! As an information security professional (with more than 15 years’ experience on the battlefield, literally), I was dumbfounded by the lack of adherence to the most basic best business practices related to business continuity and disaster recovery operations.

Five basic failures happened that make the Atlanta airport a softer target for future attack.

1. Lack of a coherent, acceptable, and tested business continuity/disaster recovery plan

It would appear that airport and city officials only planned for a best-case scenario. They co-located or used same channel connections to both primary and alternate power sources. While air traffic control was able to issue a ground stop and divert flights, those already on the ground were stuck for hours on the tarmac or at the gate. It took at least five hours before passengers stranded on the tarmac deplaned. 

To read this article in full, please click here

Media Files:

IDG Contributor Network: Why staging a fake attack is only real thing to keep you secure

Thu, 21 Dec 2017 07:23:00 -0800

Being a Northern Californian, you can imagine that the Napa County wildfires in October and November impacted me. Granted that, while I did not suffer the monetary or psychological loss those directly affected by this disaster endured, being just 50 miles of the southern tip of the wildfire for weeks does teach you a thing or two.

For instance, gathering our most “important” stuff, keeping it in an accessible location for a quick exit, sleeping lightly at night, getting N95 masks, keeping our dog inside all day…these were some of precautionary measures I took. And I guarantee you, no mock drill or random alert would have caused me to act the way I did once our family was under direct threat from a powerful and unpredictable predator.

To read this article in full, please click here

Media Files:

Why incident response is the best cybersecurity ROI

Mon, 18 Dec 2017 07:36:00 -0800

Most organizations will suffer one or more major security incidents in which an attacker has administrative control over the IT systems that enable business processes and storing critical data, according to the Microsoft Incident Response Reference Guide.

Business leaders and IT executives aren’t expected to entirely prevent cyber attacks, but they’re expected to react immediately and manage the fallout. Poor incident response — including, but not limited to, delayed response — has caused incalculable damages and reputational harm to Yahoo, Equifax, and most recently Uber, to name a few.

To read this article in full, please click here

Media Files:

IDG Contributor Network: 5 trends from 2017 that will still matter in 2018

Fri, 15 Dec 2017 06:54:00 -0800

A whirlwind. A train wreck. A dumpster fire. However you decide to label 2017, one thing is clear – a lot of stuff went down this year that will forever change the way we approach cybersecurity. You can no longer turn a blind eye towards things like planning and communications. There aren’t excuses anymore for keeping cybersecurity locked in the IT department, away from other measures of business risk.

2017 taught us a lot of lessons, but rather than focusing on the flashy headlines, here are five specific trends that rose above the noise and will still be relevant in 2018.

Cyber communications cannot be ignored

If there is a single takeaway that defined 2017, it’s that anyone who doesn’t include cyber communications as a core element of cybersecurity program is setting themselves up for failure. When one of the biggest costs of a data breach is the damage to your company’s reputation, the way you talk to everyone matters – before, during and after.

To read this article in full, please click here

Media Files:

IDG Contributor Network: Reliability vs. redundancy: aren’t they the same thing?

Fri, 08 Dec 2017 04:15:00 -0800

Nearly all businesses are moving data and applications (apps) from their own data centers and systems to cloud based software-as-a-service (SaaS) for a variety of reasons. For many, assumptions made during the move will expose them to increased risks. While SaaS solutions provide reliability, most do not provide the same protection as a business received using a separate off-site backup with a long retention period.

Every business has critical information it is storing on behalf of a client or a regulatory agency, where a loss could prove catastrophic. Imagine your Certified Public Accountant (CPA) calling you on April 14th saying your tax return and all the supporting documentation you provided were gone. Data entrusted to a business by its customers cannot be lost without significant direct short term and indirect long-term impacts.

To read this article in full, please click here

Media Files:

IDG Contributor Network: Rethinking response: the benefits of seeking external support

Thu, 16 Nov 2017 04:04:00 -0800

Despite our best efforts, we can’t prevent each and every security event, incident, or breach. And when these situations do occur, many of us rely solely on our organization’s internal teams and resources. Indeed, most response tactics remain not just largely internal but also largely unchanged in recent years. Given the complex cyber and physical risks we are now facing, however, more organizations are seeking external support from not just forensics firms but also from leading industry experts. Here’s why your organization should, too:

Access greater insights and resources

Regardless of whether traditional forensics efforts are conducted externally, they aim to help us answer the question “what happened?” And although determining the “what” following any event, incident, or breach is critically necessary – all too often, we stop there. In some cases, the resulting damages could be far more widespread or complex than initial forensics efforts might reveal. Figuring out where to look for damages and when to stop looking can further complicate any response strategy. But by supplementing forensics with support from industry experts, we can gain additional visibility into the not just the “what” and the “where” but also the “why?” the “who?” the “when?” the “how?” and, most importantly, the “how can we help prevent this from happening again?”   

To read this article in full, please click here

Media Files:

IDG Contributor Network: 5 rules for smarter cyber communications

Thu, 12 Oct 2017 07:02:00 -0700

With the Equifax data breach continuing to make headlines, we're seeing yet further proof that the way you communicate in the aftermath of an incident plays a significant role in determining its ultimate impact. Executives responsible for cybersecurity need to understand how a good cyber communications function works, and they need to make it a regular part of any conversation related to information security or risk management.

While it may seem like this is the last thing a CSO should be thinking about, recent incidents prove that the stakes are way too high for communications planning and response to be delegated entirely to someone outside the security team. To put it another way—when things really go wrong, whose job is on the line, and who gets the bonus trip to DC? Hint: There aren’t many CMOs taking early retirement or being called to testify before Congress.

To read this article in full, please click here

Media Files:

IDG Contributor Network: Equifax: A teaching opportunity

Tue, 03 Oct 2017 07:17:00 -0700

The dust hasn’t settled and the lawsuits are just getting filed, but already there is a wealth of learning opportunity from the Equifax debacle.

To start with, every security professional knows that you will be breached eventually, so you really, really need a good response plan.  Hopefully you have exercised your plan and everyone knows exactly what to do when the breach happens.  We all learned that from the Target and Home Depot breaches, right?

If you want to know what constitutes a good response plan, just look at what Equifax did and do the exact opposite.

I don’t know how Equifax could have screwed this up any more than they did.  It is truly a feat to behold. 

To read this article in full, please click here

Media Files:

IDG Contributor Network: How cyber threats are changing the makeup of IT departments

Mon, 02 Oct 2017 06:27:00 -0700

When I look back over the past decades and consider how the roles in IT have shifted to accommodate new and emerging technologies, I’m amazed at how far we’ve come. Do you remember the old punch cards, dumb terminals and greenbar paper? What about how the cloud impacted IT just ten years ago?

Fast forward to today and it’s no surprise that major changes are still occurring. But this time we are also seeing a faster-paced shift in the cyber threat landscape, as new forms of malware, ransomware, phishing, DDoS, SQL injections, cross-site scripting, etc. are becoming more damaging and commonplace. 

Historically, IT roles for disaster recovery (DR) and cybersecurity have covered their respective specialties and seldom have intermingled. But the evolving cyber threat landscape is bringing them increasingly together. Nowadays, given that security professionals have long been known for their quick incident responsiveness and DR professionals are committed to avoiding data loss, companies are recognizing the value both realms have in common in preserving overall business continuity. More companies are formally considering security incidents disasters—and rightly so, given the similar impacts on data loss, downtime, reputation, etc.

To read this article in full, please click here

Media Files:

IDG Contributor Network: Why you should — and shouldn't — harness Azure for disaster recovery

Tue, 26 Sep 2017 07:56:00 -0700

Using Azure for your disaster recovery can offer your business real benefits - eradicating costly DR sites, only paying for compute resource when you spin up virtual machines in Azure (usually during recovery or for testing), unlimited scalability of your DR in line with your production system, and the reliability and security that comes with Microsoft. Azure's single most powerful feature is that it can help companies to reduce the cost of their DR, whilst maintaining maximum performance (think fast recovery times, near-zero data loss). A large proportion of the cost that comes with DR is data storage cost and the cost associated with having compute resource on standby that is rarely used - just in case the time comes that you have a business-critical IT failure. You need to have systems available on standby for when the inevitable happens, but the cost of the hardware, software and maintaining a DR system in line with your production system means that dedicated DR sites are rarely viable for companies. But imagine if you can pay for the compute resource only when you need it, stripping away the cost of hardware and software as a capex and turning it into a pay-as-you-use opex model. This then enables you to balance the risk with the cost – which is ideal for most companies exploring disaster recovery – you only want to pay for it when you need it right?

To read this article in full, please click here

Media Files:

Surviving ransomware by keeping things simple

Sat, 23 Sep 2017 14:00:00 -0700

DERBYCON - Ransomware is a topic everyone knows about, but unless you've experienced a ransomware attack, it's hard to really describe and understand the stress associated with these events.

This year has seen ransomware take the top spot when it comes to attention in the security world. A soon to be released study from Holger Schulze, founder of the 370,000-member Information Security Community on LinkedIn, shows that Ransomware has become a serious focal point.

According to Schulze’s data, 75-percent of organizations affected by ransomware experienced up to five attacks in the last 12 months alone, 25-percent experienced 6 or more attacks. Moreover, 51-percent of those who took part in the study say they could recover from a successful ransomware attack within a day, while 39-percent estimate it will take more than one day to a few weeks to recover.

To read this article in full, please click here

Media Files:

IDG Contributor Network: There is no such thing as a DR test failure

Fri, 01 Sep 2017 06:24:00 -0700

Testing your IT Disaster Recovery (DR) plan can be laborious, tedious and fraught with potential landmines. Case in point, that was my first exposure to DR way back in the ancient times of the early 1990’s.

We were a mainframe shop, Big Blue, Amdahl, you know the beasts. Our infrastructure team had been performing annual DR tests for several years. These were the kind of tests where you rented space and equipment in some far-away datacenter for a finite amount of time, something like 36 hours. Within that window, you had fire up the mainframes, tape drives and disks, restore OS, middleware and all the utilities.

This year was going to be different, however. This year, they actually wanted to recover an application. At the time, I was the lead contractor assigned to the order management applications. The applications consisted of dozens of systems, hundreds of programs and literally thousands of data files backed up on countless tapes. We had certainly used the tape backups to restore files often enough, but we had never attempted a full recovery on all the applications in the order management umbrella.

To read this article in full, please click here

Media Files:

IDG Contributor Network: The reality of ransomware

Wed, 30 Aug 2017 05:56:00 -0700

If you haven’t updated your business continuity and disaster recovery plan in a while, you may want to make sure that the registering and funding of a bitcoin wallet is included in that plan. On average, it takes about a week, from the time you initiate the transaction to when it’s available to spend, to fund a bitcoin wallet. A week is a long time to be without your systems when the next ransomware attack hits.

If you’re one of those people or companies that say you don’t need a bitcoin wallet because you won’t be paying the ransom, you might want to re-evaluate that position. If the cost to your reputation or your business exceeds that of the ransom, you’re going to have to consider paying it or at least sitting down with the hackers to negotiate. It’s a smart business decision at that point in time, especially if you can pay it discretely.

To read this article in full, please click here

Media Files:

Disaster recovery vs. security recovery plans: Why you need separate strategies

Thu, 24 Aug 2017 03:00:00 -0700

Many enterprises blend their disaster recovery and security recovery plans into a single, neat, easy-to-sip package. But does this approach make sense?

Not really, say a variety of disaster and security recovery experts, including Marko Bourne, who leads Booz Allen’s emergency management, disaster assistance and mission assurance practice. "Security and disaster plans are related, but not always the same thing," he observes.

Media Files:

IDG Contributor Network: How to make your disaster recovery GDPR compliant

Tue, 01 Aug 2017 06:51:00 -0700

With GDPR coming into effect on 25 May 2018, it's costing businesses significant time and money to ensure compliance with the new regulations. Rather this than risk a fine of 4% of turnover or €20million. But when it comes to your IT have you really covered all bases? Have you thought about your disaster recovery and properly assessed whether this is compliant also? It's crucial that you do so as one small slip-up by any one of your data processors could leave you paying the penalties. In 2016 the ICO imposed penalties of £2,155,500 on 21 companies, and fines are increasing year on year.

Media Files:

Red team versus blue team: How to run an effective simulation

Wed, 26 Jul 2017 04:03:00 -0700

The military does it. The Government Accountability Office does it. So does the National Security Agency. The concept has made its way into the corporate world, too: war-gaming the security infrastructure.

Red team-blue team exercises take their name from their military antecedents. The idea is simple: One group of security pros — a red team — attacks something, and an opposing group — the blue team — defends it. Originally, the exercises were used by the military to test force-readiness. They have also been used to test physical security of sensitive sites like nuclear facilities and the Department of Energy's National Laboratories and Technology Centers. In the '90s, experts began using red team-blue team exercises to test information security systems.

To read this article in full, please click here

Media Files:

7 things your IT disaster recovery plan should cover

Fri, 21 Jul 2017 04:40:00 -0700

Hurricanes. Tornadoes. Earthquakes. Fires. Floods. Terrorist attacks. Cyberattacks. You know any of these could happen to your business at any time. And you’ve probably got a disaster recovery (DR) plan in place to protect your enterprise’s data, employees and business.

But how thorough is your DR plan? When was it last updated and tested? Have you taken into account new technologies and services that can make it easier to recover from disaster? The following are 7 things your IT disaster recovery plan should include.

Media Files: