SlideShare a Scribd company logo

06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf

FinTech Belgium
FinTech Belgium

06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf

Economy & Finance
1 of 11
Download to read offline
DORA : it's not a problem but an opportunity ! Joeri Van Speybroek – Solution Architect
Copyright © Dell Inc. All Rights Reserved. 2 Internal Use - Confidential Copyright © Dell Inc. All Rights Reserved. 2 DO ANYTHING FROM ANYWHERE
Copyright © Dell Inc. All Rights Reserved. 3 Internal Use - Confidential
Copyright © Dell Inc. All Rights Reserved. 4 Internal Use - Confidential Achieve business recovery after a cyber event Start by identifying business processes and relationships with applications and infrastructure Recovery needs to understand impacts, criticality and relationships Business Process Business Activities 1 2 3 Applications 4 Supporting infrastructure A 1 2 3 C B IT Mapping Business Mapping Build the recovery plan Execute the recovery plan Business Services
Copyright © Dell Inc. All Rights Reserved. 5 Internal Use - Confidential
Copyright © Dell Inc. All Rights Reserved. 6 Dell Customer Communication - Confidential
Key Headlines DORA Key Headlines • Management body bears full responsibility ICT risks • Apply appropriate budget • Review 3rd Party Risk management • Define a Digital Resilience Strategy include operational and cyber resiliency • Segregation of ICT management , Control, and internal audit functions • Review at least once per year, ICT risks • Test cyber-attack scenarios with switch over between Primary and redundant capacity, backups and redundant facilities • Cross-Border Coordination • Regulatory Reporting Fines • 2% of the average daily worldwide turnover for up to six months. • In the case of an individual, a maximum fine of EUR 1,000,000 • Individuals held accountable and possible custodial sentences
Key Articles from 5-25 from DORA Articles (below) align to Dell’s Resiliency & Security Services (right) CHAPTER II, ICT risk management o Article 5, Governance and organisation, Digital Operational Resilience Act (DORA) o Article 6, ICT risk management framework, Digital Operational Resilience Act (DORA) o Article 7, ICT systems, protocols and tools, Digital Operational Resilience Act (DORA) o Article 8, Identification, Digital Operational Resilience Act (DORA) o Article 9, Protection and prevention, Digital Operational Resilience Act (DORA) o Article 10, Detection, Digital Operational Resilience Act (DORA) o Article 11, Response and recovery, Digital Operational Resilience Act (DORA) o Article 12, Backup policies and procedures, restoration and recovery procedures and methods, Digital Operational Resilience Act (DORA) o Article 13, Learning and evolving, Digital Operational Resilience Act (DORA) o Article 14, Communication, Digital Operational Resilience Act (DORA) o Article 15, Further harmonisation of ICT risk management tools, methods, processes and policies, Digital Operational Resilience Act (DORA) CHAPTER III, ICT-related incident management, classification and reporting • Article 17, ICT-related incident management process, Digital Operational Resilience Act (DORA) • Article 18, Classification of ICT-related incidents and cyber threats, Digital Operational Resilience Act (DORA) CHAPTER IV, Digital operational resilience testing • Article 24, General requirements for the performance of digital operational resilience testing, Digital Operational Resilience Act (DORA) • Article 25, Testing of ICT tools and systems, Digital Operational Resilience Act (DORA) Dell Cybersecurity and Resiliency Align with DORA Internal Use - Confidential 8 Copyright © Dell Inc. All Rights Reserved.
Copyright © Dell Inc. All Rights Reserved. 9 Internal Use - Confidential Building a runbook tailored for business recovery What Cyber Recovery Solution Runbook Table of Contents: <Customer Name> CR Vault Recovery Runbook CONFIDENTIAL Cyber Recovery Vault Runbook overview ………………………………....4 Section 1: Plan Activation and Criteria ……………………………………..8 Section 2: Perform Forensics ……………………………………………....12 Section 3: Invoke Cyber Recovery Plan …………………………………..14 Section 4: Prepare for Recovery/ Restore Operations …………………..16 Section 5: Recovery Procedures……………………………………………17 Section 6: Backup Recovery………………………………………………...20 Section 7: Event Recording Log…………………………………………….24 How Restore Restore data from known Point in Time Repair Restore data and apply known fixes Rebuild Assume nothing, rebuild new environment, restore transactional configs and data Critical Rebuild Materials OS Images Applications Business Processes Gather recovery requirements Create tailored documentation
© Copyright 2019 Dell Inc. 10 DORA Ransomware Recovery Vault Maturity Organizational Alignment Maturity/Completeness of Vision Physical Air- Gap Integration Business Continuity Metrics Virtual Segregation Maturing Vault Capabilities Education Runbooks/ Testing Yearly Testing Clean Room DLZ Analytics/ Detection Recovery Automation App Dep Mapping Managed Services Integration Incident Response Critical assets backup App Recovery runbooks Backup Optimization Isolated Backup Foundation Security Build Recovery procedures New App Onboard Process Integrate SDLC, ITSM/ITIL Maturing the Vault Perimeter Phase 1 Phase 2 Phase 3
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf

Recommended

A guide to modern it disaster recovery
A guide to modern it disaster recoveryA guide to modern it disaster recovery
A guide to modern it disaster recovery
John Brouillard
 
Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptx
ssusercc05cf
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud world
Zscaler
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at Edge
Dell EMC World
 
Security Management in the Cloud
Security Management in the CloudSecurity Management in the Cloud
Security Management in the Cloud
GaryArdito
 
Chameleon Secure Solutions Overview Presentation
Chameleon Secure Solutions Overview PresentationChameleon Secure Solutions Overview Presentation
Chameleon Secure Solutions Overview Presentation
christoboshoff
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
VMUG IT
 

Recommended

A guide to modern it disaster recovery
A guide to modern it disaster recoveryA guide to modern it disaster recovery
A guide to modern it disaster recovery
John Brouillard
 
Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptx
ssusercc05cf
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud world
Zscaler
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at Edge
Dell EMC World
 
Security Management in the Cloud
Security Management in the CloudSecurity Management in the Cloud
Security Management in the Cloud
GaryArdito
 
Chameleon Secure Solutions Overview Presentation
Chameleon Secure Solutions Overview PresentationChameleon Secure Solutions Overview Presentation
Chameleon Secure Solutions Overview Presentation
christoboshoff
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
VMUG IT
 
What exactly is digital risk protection and why do you need it .pptx
What exactly is digital risk protection and why do you need it .pptxWhat exactly is digital risk protection and why do you need it .pptx
What exactly is digital risk protection and why do you need it .pptx
Hasna Zameer
 
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
InnoTech
 
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to knowISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
PECB
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
David Spinks
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
Eryk Budi Pratama
 
ICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference PublicationICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference Publication
Tejaswi Agarwal
 
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
SLA-Ready Network
 
Cyber+Incident+Response+-+Generic+Denial+of+Service+Playbook+v2.3.docx
Cyber+Incident+Response+-+Generic+Denial+of+Service+Playbook+v2.3.docxCyber+Incident+Response+-+Generic+Denial+of+Service+Playbook+v2.3.docx
Cyber+Incident+Response+-+Generic+Denial+of+Service+Playbook+v2.3.docx
GamalAbdelshafy
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomware
Cloudera, Inc.
 
Private sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodesPrivate sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodes
Ollie Whitehouse
 
CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"
OCTF Industry Engagement
 
Efficiency, effectiveness, productivity: Dell Connected Security in action
Efficiency, effectiveness, productivity: Dell Connected Security in actionEfficiency, effectiveness, productivity: Dell Connected Security in action
Efficiency, effectiveness, productivity: Dell Connected Security in action
Kenneth de Brucq
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Cloudflare
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
Jody Keyser
 
Network Strategy and Design Final assignment disaster rec
Network Strategy and Design Final assignment disaster recNetwork Strategy and Design Final assignment disaster rec
Network Strategy and Design Final assignment disaster rec
rosu555
 
Cisco on Cisco. Defining the NG Cloud & Data Center Services
Cisco on Cisco. Defining the NG Cloud & Data Center ServicesCisco on Cisco. Defining the NG Cloud & Data Center Services
Cisco on Cisco. Defining the NG Cloud & Data Center Services
Cisco Russia
 
Guide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in ChinaGuide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in China
Alibaba Cloud
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Emulex Corporation
 
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptNetwork Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.ppt
AkfeteAssefa
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
GhofraneFerchichi2
 
Webinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech BelgiumWebinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech Belgium
FinTech Belgium
 
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
FinTech Belgium
 

More Related Content

Similar to 06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf

ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to knowISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
PECB
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
David Spinks
 
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
SLA-Ready Network
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomware
Cloudera, Inc.
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Cloudflare
 
Guide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in ChinaGuide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in China
Alibaba Cloud
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Emulex Corporation
 

Similar to 06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf (20)

What exactly is digital risk protection and why do you need it .pptx
What exactly is digital risk protection and why do you need it .pptxWhat exactly is digital risk protection and why do you need it .pptx
What exactly is digital risk protection and why do you need it .pptx
 
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
 
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to knowISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 
ICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference PublicationICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference Publication
 
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
 
Cyber+Incident+Response+-+Generic+Denial+of+Service+Playbook+v2.3.docx
Cyber+Incident+Response+-+Generic+Denial+of+Service+Playbook+v2.3.docxCyber+Incident+Response+-+Generic+Denial+of+Service+Playbook+v2.3.docx
Cyber+Incident+Response+-+Generic+Denial+of+Service+Playbook+v2.3.docx
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomware
 
Private sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodesPrivate sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodes
 
CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"
 
Efficiency, effectiveness, productivity: Dell Connected Security in action
Efficiency, effectiveness, productivity: Dell Connected Security in actionEfficiency, effectiveness, productivity: Dell Connected Security in action
Efficiency, effectiveness, productivity: Dell Connected Security in action
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
 
Network Strategy and Design Final assignment disaster rec
Network Strategy and Design Final assignment disaster recNetwork Strategy and Design Final assignment disaster rec
Network Strategy and Design Final assignment disaster rec
 
Cisco on Cisco. Defining the NG Cloud & Data Center Services
Cisco on Cisco. Defining the NG Cloud & Data Center ServicesCisco on Cisco. Defining the NG Cloud & Data Center Services
Cisco on Cisco. Defining the NG Cloud & Data Center Services
 
Guide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in ChinaGuide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in China
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
 
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptNetwork Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.ppt
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
 

More from FinTech Belgium

S5 _ 3 _ 2 _ Romania (Nic Balaceanu).pdf
S5 _ 3 _ 2 _ Romania (Nic Balaceanu).pdfS5 _ 3 _ 2 _ Romania (Nic Balaceanu).pdf
S5 _ 3 _ 2 _ Romania (Nic Balaceanu).pdf
FinTech Belgium
 
S5_3_3_Norway NEW VERSION OK to publish.pptx
S5_3_3_Norway NEW VERSION OK to publish.pptxS5_3_3_Norway NEW VERSION OK to publish.pptx
S5_3_3_Norway NEW VERSION OK to publish.pptx
FinTech Belgium
 

More from FinTech Belgium (20)

Webinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech BelgiumWebinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech Belgium
 
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
 
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
 
00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx
 
Pitch Ogloba Feb 2nd 2024 .pptx
Pitch Ogloba Feb 2nd 2024 .pptxPitch Ogloba Feb 2nd 2024 .pptx
Pitch Ogloba Feb 2nd 2024 .pptx
 
20240315 _E-Invoicing Digiteal. .pptx
20240315 _E-Invoicing Digiteal. .pptx20240315 _E-Invoicing Digiteal. .pptx
20240315 _E-Invoicing Digiteal. .pptx
 
04_Gambit_Laurent Bodson. .pptx
04_Gambit_Laurent Bodson. .pptx04_Gambit_Laurent Bodson. .pptx
04_Gambit_Laurent Bodson. .pptx
 
03_Discai_Dagmar Schouterden. .pdf
03_Discai_Dagmar Schouterden. .pdf03_Discai_Dagmar Schouterden. .pdf
03_Discai_Dagmar Schouterden. .pdf
 
01_DLA Piper_Nicolas Kalokyris. .pptx
01_DLA Piper_Nicolas Kalokyris. .pptx01_DLA Piper_Nicolas Kalokyris. .pptx
01_DLA Piper_Nicolas Kalokyris. .pptx
 
00_Main ppt_AI Act & EU AI Regulation.pptx
00_Main ppt_AI Act & EU AI Regulation.pptx00_Main ppt_AI Act & EU AI Regulation.pptx
00_Main ppt_AI Act & EU AI Regulation.pptx
 
00_MAIN_ppt Antwerp Acceleration Day.pptx.pdf
00_MAIN_ppt Antwerp Acceleration Day.pptx.pdf00_MAIN_ppt Antwerp Acceleration Day.pptx.pdf
00_MAIN_ppt Antwerp Acceleration Day.pptx.pdf
 
Fintech Belgium_Keynote_30012024[52].pdf
Fintech Belgium_Keynote_30012024[52].pdfFintech Belgium_Keynote_30012024[52].pdf
Fintech Belgium_Keynote_30012024[52].pdf
 
01_Voorstelling Argenta (Antwerp Acceleration Day).pptx
01_Voorstelling Argenta (Antwerp Acceleration Day).pptx01_Voorstelling Argenta (Antwerp Acceleration Day).pptx
01_Voorstelling Argenta (Antwerp Acceleration Day).pptx
 
AMS_04 Toon Daenen. .pptx
AMS_04 Toon Daenen. .pptxAMS_04 Toon Daenen. .pptx
AMS_04 Toon Daenen. .pptx
 
AMS_03 François De Witte_. .pptx
AMS_03 François De Witte_. .pptxAMS_03 François De Witte_. .pptx
AMS_03 François De Witte_. .pptx
 
AMS_01_Rie_.De Sordo Cock pptx
AMS_01_Rie_.De Sordo Cock pptxAMS_01_Rie_.De Sordo Cock pptx
AMS_01_Rie_.De Sordo Cock pptx
 
AMS_00 FTBE_0126_2024. .pptx
AMS_00 FTBE_0126_2024. .pptxAMS_00 FTBE_0126_2024. .pptx
AMS_00 FTBE_0126_2024. .pptx
 
S5 _ 3 _ 2 _ Romania (Nic Balaceanu).pdf
S5 _ 3 _ 2 _ Romania (Nic Balaceanu).pdfS5 _ 3 _ 2 _ Romania (Nic Balaceanu).pdf
S5 _ 3 _ 2 _ Romania (Nic Balaceanu).pdf
 
S5_3_3_Norway NEW VERSION OK to publish.pptx
S5_3_3_Norway NEW VERSION OK to publish.pptxS5_3_3_Norway NEW VERSION OK to publish.pptx
S5_3_3_Norway NEW VERSION OK to publish.pptx
 

Recently uploaded

✂️ 👅 Independent Lucknow Escorts U.P Call Girls With Room Lucknow Call Girls ...
✂️ 👅 Independent Lucknow Escorts U.P Call Girls With Room Lucknow Call Girls ...✂️ 👅 Independent Lucknow Escorts U.P Call Girls With Room Lucknow Call Girls ...
✂️ 👅 Independent Lucknow Escorts U.P Call Girls With Room Lucknow Call Girls ...
jabtakhaidam7
 
Kurla Capable Call Girls ,07506202331, Sion Affordable Call Girls
Kurla Capable Call Girls ,07506202331, Sion Affordable Call GirlsKurla Capable Call Girls ,07506202331, Sion Affordable Call Girls
Kurla Capable Call Girls ,07506202331, Sion Affordable Call Girls
Priya Reddy
 
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai MultipleDubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
kojalpk89
 
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
priyasharma62062
 
Vip Call Girls Bhubaneswar😉 Bhubaneswar 9777949614 Housewife Call Girls Serv...
Vip Call Girls Bhubaneswar😉 Bhubaneswar 9777949614 Housewife Call Girls Serv...Vip Call Girls Bhubaneswar😉 Bhubaneswar 9777949614 Housewife Call Girls Serv...
Vip Call Girls Bhubaneswar😉 Bhubaneswar 9777949614 Housewife Call Girls Serv...
Call Girls Mumbai
 
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
priyasharma62062
 
Bhayandar Capable Call Girls ,07506202331,Mira Road Beautiful Call Girl
Bhayandar Capable Call Girls ,07506202331,Mira Road Beautiful Call GirlBhayandar Capable Call Girls ,07506202331,Mira Road Beautiful Call Girl
Bhayandar Capable Call Girls ,07506202331,Mira Road Beautiful Call Girl
Priya Reddy
 
Bhubaneswar🌹Kalpana Mesuem ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswa...
Bhubaneswar🌹Kalpana Mesuem ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswa...Bhubaneswar🌹Kalpana Mesuem ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswa...
Bhubaneswar🌹Kalpana Mesuem ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswa...
Call Girls Mumbai
 
Bhubaneswar🌹Ravi Tailkes ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswar ...
Bhubaneswar🌹Ravi Tailkes ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswar ...Bhubaneswar🌹Ravi Tailkes ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswar ...
Bhubaneswar🌹Ravi Tailkes ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswar ...
Call Girls Mumbai
 
Call Girls in Tilak Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in Tilak Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7Call Girls in Tilak Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in Tilak Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
falcon-invoice-discounting-unlocking-prime-investment-opportunities
falcon-invoice-discounting-unlocking-prime-investment-opportunitiesfalcon-invoice-discounting-unlocking-prime-investment-opportunities
falcon-invoice-discounting-unlocking-prime-investment-opportunities
Falcon Invoice Discounting
 
TriStar Gold- 05-13-2024 corporate presentation
TriStar Gold- 05-13-2024 corporate presentationTriStar Gold- 05-13-2024 corporate presentation
TriStar Gold- 05-13-2024 corporate presentation
Adnet Communications
 

Recently uploaded (20)

✂️ 👅 Independent Lucknow Escorts U.P Call Girls With Room Lucknow Call Girls ...
✂️ 👅 Independent Lucknow Escorts U.P Call Girls With Room Lucknow Call Girls ...✂️ 👅 Independent Lucknow Escorts U.P Call Girls With Room Lucknow Call Girls ...
✂️ 👅 Independent Lucknow Escorts U.P Call Girls With Room Lucknow Call Girls ...
 
Collecting banker, Capacity of collecting Banker, conditions under section 13...
Collecting banker, Capacity of collecting Banker, conditions under section 13...Collecting banker, Capacity of collecting Banker, conditions under section 13...
Collecting banker, Capacity of collecting Banker, conditions under section 13...
 
Q1 2024 Conference Call Presentation vF.pdf
Q1 2024 Conference Call Presentation vF.pdfQ1 2024 Conference Call Presentation vF.pdf
Q1 2024 Conference Call Presentation vF.pdf
 
Strategic Resources May 2024 Corporate Presentation
Strategic Resources May 2024 Corporate PresentationStrategic Resources May 2024 Corporate Presentation
Strategic Resources May 2024 Corporate Presentation
 
Solution Manual For Financial Statement Analysis, 13th Edition By Charles H. ...
Solution Manual For Financial Statement Analysis, 13th Edition By Charles H. ...Solution Manual For Financial Statement Analysis, 13th Edition By Charles H. ...
Solution Manual For Financial Statement Analysis, 13th Edition By Charles H. ...
 
Kurla Capable Call Girls ,07506202331, Sion Affordable Call Girls
Kurla Capable Call Girls ,07506202331, Sion Affordable Call GirlsKurla Capable Call Girls ,07506202331, Sion Affordable Call Girls
Kurla Capable Call Girls ,07506202331, Sion Affordable Call Girls
 
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot GirlsMahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
 
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai MultipleDubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
Dubai Call Girls Deira O525547819 Dubai Call Girls Bur Dubai Multiple
 
2999,Vashi Fantastic Ellete Call Girls📞📞9833754194 CBD Belapur Genuine Call G...
2999,Vashi Fantastic Ellete Call Girls📞📞9833754194 CBD Belapur Genuine Call G...2999,Vashi Fantastic Ellete Call Girls📞📞9833754194 CBD Belapur Genuine Call G...
2999,Vashi Fantastic Ellete Call Girls📞📞9833754194 CBD Belapur Genuine Call G...
 
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
 
Vip Call Girls Bhubaneswar😉 Bhubaneswar 9777949614 Housewife Call Girls Serv...
Vip Call Girls Bhubaneswar😉 Bhubaneswar 9777949614 Housewife Call Girls Serv...Vip Call Girls Bhubaneswar😉 Bhubaneswar 9777949614 Housewife Call Girls Serv...
Vip Call Girls Bhubaneswar😉 Bhubaneswar 9777949614 Housewife Call Girls Serv...
 
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
 
Bhayandar Capable Call Girls ,07506202331,Mira Road Beautiful Call Girl
Bhayandar Capable Call Girls ,07506202331,Mira Road Beautiful Call GirlBhayandar Capable Call Girls ,07506202331,Mira Road Beautiful Call Girl
Bhayandar Capable Call Girls ,07506202331,Mira Road Beautiful Call Girl
 
Bhubaneswar🌹Kalpana Mesuem ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswa...
Bhubaneswar🌹Kalpana Mesuem ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswa...Bhubaneswar🌹Kalpana Mesuem ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswa...
Bhubaneswar🌹Kalpana Mesuem ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswa...
 
Bhubaneswar🌹Ravi Tailkes ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswar ...
Bhubaneswar🌹Ravi Tailkes ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswar ...Bhubaneswar🌹Ravi Tailkes ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswar ...
Bhubaneswar🌹Ravi Tailkes ❤CALL GIRLS 9777949614 💟 CALL GIRLS IN bhubaneswar ...
 
W.D. Gann Theory Complete Information.pdf
W.D. Gann Theory Complete Information.pdfW.D. Gann Theory Complete Information.pdf
W.D. Gann Theory Complete Information.pdf
 
Call Girls in Tilak Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in Tilak Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7Call Girls in Tilak Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in Tilak Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
Seeman_Fiintouch_LLP_Newsletter_May-2024.pdf
Seeman_Fiintouch_LLP_Newsletter_May-2024.pdfSeeman_Fiintouch_LLP_Newsletter_May-2024.pdf
Seeman_Fiintouch_LLP_Newsletter_May-2024.pdf
 
falcon-invoice-discounting-unlocking-prime-investment-opportunities
falcon-invoice-discounting-unlocking-prime-investment-opportunitiesfalcon-invoice-discounting-unlocking-prime-investment-opportunities
falcon-invoice-discounting-unlocking-prime-investment-opportunities
 
TriStar Gold- 05-13-2024 corporate presentation
TriStar Gold- 05-13-2024 corporate presentationTriStar Gold- 05-13-2024 corporate presentation
TriStar Gold- 05-13-2024 corporate presentation
 

06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf

  • 1. DORA : it's not a problem but an opportunity ! Joeri Van Speybroek – Solution Architect
  • 2. Copyright © Dell Inc. All Rights Reserved. 2 Internal Use - Confidential Copyright © Dell Inc. All Rights Reserved. 2 DO ANYTHING FROM ANYWHERE
  • 3. Copyright © Dell Inc. All Rights Reserved. 3 Internal Use - Confidential
  • 4. Copyright © Dell Inc. All Rights Reserved. 4 Internal Use - Confidential Achieve business recovery after a cyber event Start by identifying business processes and relationships with applications and infrastructure Recovery needs to understand impacts, criticality and relationships Business Process Business Activities 1 2 3 Applications 4 Supporting infrastructure A 1 2 3 C B IT Mapping Business Mapping Build the recovery plan Execute the recovery plan Business Services
  • 5. Copyright © Dell Inc. All Rights Reserved. 5 Internal Use - Confidential
  • 6. Copyright © Dell Inc. All Rights Reserved. 6 Dell Customer Communication - Confidential
  • 7. Key Headlines DORA Key Headlines • Management body bears full responsibility ICT risks • Apply appropriate budget • Review 3rd Party Risk management • Define a Digital Resilience Strategy include operational and cyber resiliency • Segregation of ICT management , Control, and internal audit functions • Review at least once per year, ICT risks • Test cyber-attack scenarios with switch over between Primary and redundant capacity, backups and redundant facilities • Cross-Border Coordination • Regulatory Reporting Fines • 2% of the average daily worldwide turnover for up to six months. • In the case of an individual, a maximum fine of EUR 1,000,000 • Individuals held accountable and possible custodial sentences
  • 8. Key Articles from 5-25 from DORA Articles (below) align to Dell’s Resiliency & Security Services (right) CHAPTER II, ICT risk management o Article 5, Governance and organisation, Digital Operational Resilience Act (DORA) o Article 6, ICT risk management framework, Digital Operational Resilience Act (DORA) o Article 7, ICT systems, protocols and tools, Digital Operational Resilience Act (DORA) o Article 8, Identification, Digital Operational Resilience Act (DORA) o Article 9, Protection and prevention, Digital Operational Resilience Act (DORA) o Article 10, Detection, Digital Operational Resilience Act (DORA) o Article 11, Response and recovery, Digital Operational Resilience Act (DORA) o Article 12, Backup policies and procedures, restoration and recovery procedures and methods, Digital Operational Resilience Act (DORA) o Article 13, Learning and evolving, Digital Operational Resilience Act (DORA) o Article 14, Communication, Digital Operational Resilience Act (DORA) o Article 15, Further harmonisation of ICT risk management tools, methods, processes and policies, Digital Operational Resilience Act (DORA) CHAPTER III, ICT-related incident management, classification and reporting • Article 17, ICT-related incident management process, Digital Operational Resilience Act (DORA) • Article 18, Classification of ICT-related incidents and cyber threats, Digital Operational Resilience Act (DORA) CHAPTER IV, Digital operational resilience testing • Article 24, General requirements for the performance of digital operational resilience testing, Digital Operational Resilience Act (DORA) • Article 25, Testing of ICT tools and systems, Digital Operational Resilience Act (DORA) Dell Cybersecurity and Resiliency Align with DORA Internal Use - Confidential 8 Copyright © Dell Inc. All Rights Reserved.
  • 9. Copyright © Dell Inc. All Rights Reserved. 9 Internal Use - Confidential Building a runbook tailored for business recovery What Cyber Recovery Solution Runbook Table of Contents: <Customer Name> CR Vault Recovery Runbook CONFIDENTIAL Cyber Recovery Vault Runbook overview ………………………………....4 Section 1: Plan Activation and Criteria ……………………………………..8 Section 2: Perform Forensics ……………………………………………....12 Section 3: Invoke Cyber Recovery Plan …………………………………..14 Section 4: Prepare for Recovery/ Restore Operations …………………..16 Section 5: Recovery Procedures……………………………………………17 Section 6: Backup Recovery………………………………………………...20 Section 7: Event Recording Log…………………………………………….24 How Restore Restore data from known Point in Time Repair Restore data and apply known fixes Rebuild Assume nothing, rebuild new environment, restore transactional configs and data Critical Rebuild Materials OS Images Applications Business Processes Gather recovery requirements Create tailored documentation
  • 10. © Copyright 2019 Dell Inc. 10 DORA Ransomware Recovery Vault Maturity Organizational Alignment Maturity/Completeness of Vision Physical Air- Gap Integration Business Continuity Metrics Virtual Segregation Maturing Vault Capabilities Education Runbooks/ Testing Yearly Testing Clean Room DLZ Analytics/ Detection Recovery Automation App Dep Mapping Managed Services Integration Incident Response Critical assets backup App Recovery runbooks Backup Optimization Isolated Backup Foundation Security Build Recovery procedures New App Onboard Process Integrate SDLC, ITSM/ITIL Maturing the Vault Perimeter Phase 1 Phase 2 Phase 3