IISF February Chapter Meeting
IISF Event Report - February Chapter Meeting
Location: Dublin, Ireland
A packed room welcomed experienced high-level speakers from Dell Technologies and Coro addressing topics of major interest to members.
PRESENTATION#1
Donal Twomey Dell Technologies: Cyber Recovery / Regulatory Deliverables
Our first presentation was delivered by Donal Twomey of Dell Technologies, in partnership with Triangle, focused on cyber recovery strategies and regulatory compliance, particularly concerning DORA and NIS2.
Main Topic:
Cyber recovery best practices and their alignment with evolving regulations like DORA (Digital Operational Resilience Act) and NIS2 (Network and Information Systems Directive 2).
Key Points:
Regulatory Landscape: The presentation highlighted the key pillars of DORA (risk management, incident reporting, testing, third-party risk management, and information sharing) and NIS2, emphasizes their relevance to various organizations, especially within the financial sector and critical national infrastructure.
Three-Pronged Approach to Cyber Resilience: Mr. Twomey advocates a three-part strategy: reducing the attack surface (basic security hygiene), detect and respond (using analysis tools and incident response plans), and recovery (secure backups and robust recovery processes).
Importance of Immutable Backups: The speaker stresses the criticality of immutable backups, stored in physically and logically segregated environments (ideally air-gapped), to protect against ransomware attacks that target backup systems. He emphasizes that simply having backups isn't enough; they must be protected and accessible.
Cyber Recovery vs. Disaster Recovery: A key distinction is drawn between cyber recovery (focused on ransomware and targeted attacks) and disaster recovery (focused on natural disasters or site failures). Cyber recovery often involves a more complex, iterative process of identifying the last clean data copy and rebuilding systems, unlike the faster failover capabilities of disaster recovery.
Segregation of Duties: The importance of separating the teams managing primary data and cyber recovery is highlighted to mitigate insider threats.
Cyber Recovery Vault: Twomey describes a conceptual cyber recovery vault—an isolated, air-gapped copy of critical data—used for testing and recovery. This vault uses a pull-based replication method to enhance security.
Runbooks: The presentation emphasizes the crucial role of detailed runbooks that document the step-by-step recovery process, including contact information, procedures, and restoration steps.
While the presentation was largely general in scope and reach, it did mentions Dell's Cyber Sense tool for analyzing backups and identifying clean recovery points, significantly reducing recovery time.
Highlights:
Real-world examples of ransomware attacks and their impact on recovery efforts were shared, illustrating the challenges and complexities involved. The discussion of RPO (Recovery Point Objective) emphasized the realistic expectations of recovery time, acknowledging that a 24-hour RPO is ambitious but achievable with proper planning and tools.
The Q&A session addressed practical concerns about securing runbooks and managing the cyber recovery vault, providing further insights into implementation details.
PRESENTATION # 2
Justine Weinblatt Weir: Cyber Security Regulations & Compliance Tooling
Our second speaker, Justine Weinblatt Weir, Senior Channel Manager at Coro, discussed cybersecurity regulations, challenges, and best practices, particularly for small and medium-sized enterprises (SMEs).
KEY POINTS
Rising Cyber Threats: Cyber threats are increasing, impacting businesses of all sizes through various methods like phishing and ransomware attacks. The speaker highlights the significant financial and reputational damage these attacks can cause.
Regulatory Compliance: Numerous regulations (GDPR, PCI DSS, NIS2, etc.) mandate cybersecurity compliance, with hefty fines for non-compliance. New regulations are emerging to address AI-related risks.
SMEs and Cybersecurity: SMEs, despite representing a large portion of the economy, often lack the resources and expertise to implement robust cybersecurity measures. Existing solutions are often too complex and costly for them.
AI and Cybersecurity: AI is rapidly being adopted by both legitimate businesses and malicious actors. AI can enhance attacks (brute force, denial of service, impersonation) and requires proactive, AI-powered defenses.
Best Practices: The speaker recommends proactive security measures, managed services for 24/7 monitoring, robust cloud security, strong identity and access management (IAM), careful API management, data security (at rest and in motion), mobile device security, and seeking help from third-party organizations for strategy and compliance.
Coro's Solution: The presentation touched on Coro's modular cybersecurity platform as a solution tailored to the needs and resource constraints of SMEs.
HIGHLIGHTS
- The emphasis on the vulnerability of SMEs and the need for tailored solutions.
- The discussion of AI's dual role in both enhancing and combating cyberattacks.
- The stark warning about the significant financial penalties for non-compliance with cybersecurity regulations.
- The practical advice on best practices and the importance of proactive security measures.
All presentations including the Q&A session are now available to view via the IISF member's area (Meeting Downloads tab) login to view
Your organisation not an IISF Member?
If you would like to attend a Chapter Meeting as an invited guest, send contact details to secretary@iisf.ie
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:
By email:
secretary@iisf.ie
By post:
David Cahill
GTS Security,
Exo Building,
North Wall Quay,
Dublin 1,
D01 W5Y2
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland
Forum SPONSORS
Invitations for Annual Sponsorship of IISF has now reopened.
(your logo & profile link here)
Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more
