Delivering Operational Resilience In An Age Of Ransomware
CDO Magazine and ComSpark hosted the Cybersecurity Midwest Summit 2022, featuring more than 100 distinguished security experts sharing best practices for organizational development.
In this informative keynote session on “Delivering Operational Resilience In An Age Of Ransomware,” Michael Oglesby, Rubrik’s Area Vice President, Specialty Sales Engineering, discusses dismantling IT and security silos to cultivate operational resilience for data security.
Oglesby begins by stating it is crucial to comprehend the adversary mindset when constructing high walls to guard the “data castle.”
“The big problem with this mentality is that the adversaries always have the first mover advantage,” he notes.
According to Oglesby, organizations must develop resilience because enemies have cutting-edge tools. He talks about the “Trojan Horse mentality” from the user perspective, asserting that the organizations and the users must be accurate to end the pandemonium.
"Sixty percent of organizations that were attacked believed that the attackers got in through some mechanism, like a provider or a software they were permitting within their four walls," Oglesby quotes from Cybereason's data.
Recalling the Target data breach incident, Oglesby emphasizes how the retail giant was able to withstand criticism and maintain its client base. Today, however, the changing risk matrix due to ransomware and wiper attacks impacts an organization’s ability to operate its mission to generate revenue and provide for its customers. Businesses should step back and consider pre-ransomware, he advises.
Per Oglesby's analysis of the anatomy of attacks, the enemies have also evolved. He explains that attackers profit from each stage of an attack rather than just from selling data on the dark web.
Oglesby asserts that the state of the market presents difficulties in the shape of headcount problems and budget restrictions. “It is hard for us to fill the positions of cybersecurity professionals because we are looking for skill sets that often do not exist yet.”
Oglesby emphasizes the growing attack surface and stresses the importance of security, with data spreading across the cloud and other platforms. He highlights organizational dysfunction, stating, “When we get into prevention and detection, it completely shifts to cybersecurity responsibility. The CIO and IT just fall off the picture.”
Today’s ransomware attacks cannot be planned for, Oglesby continues. Security professionals alone are unequipped to recover all the data. To be resilient against these attacks, he advises organizations "to get these two units working closely together and have the IT data feeds go into security, and the security feeds go into IT."
Furthermore, Oglesby argues that maintaining business functionality is essential. He advises businesses to adopt zero trust principles from the bottom up and top down. Therefore, with all the security precautions, developing cyber resilience in data is inherent.
The speaker also recommends that businesses combine data security with the tools required to be ready for prevention, detection, and investigation.
Oglesby stresses the importance of the following best practices:
Meeting SLAs.
Maintaining MFAs.
Ensuring user access safeguards are in place.
Following zero trust principles end-to-end to ensure all data is encrypted.
“The benefit of encryption is it demonetizes the data for the adversaries. Data is only valuable to the adversaries if they can sell it, and they can only sell it if they can read it,” he explains.
Organizations must concentrate on fostering resilience until data is demonetized, with API access security being the fundamental component, says Oglesby. He reveals that Rubrik has adopted a bottom-up strategy to concentrate on data rather than a top-down approach to focus on perimeters.
Concluding, Oglesby also encourages using technologies like CMDBs to become robust to allow operational resilience to enter the picture.