More Related Content Similar to 06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf (20) More from FinTech Belgium (20) 06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf1. DORA : it's not a problem
but an opportunity !
Joeri Van Speybroek – Solution Architect
2. Copyright © Dell Inc. All Rights Reserved.
2
Internal Use - Confidential Copyright © Dell Inc. All Rights Reserved.
2
DO
ANYTHING
FROM
ANYWHERE
4. Copyright © Dell Inc. All Rights Reserved.
4
Internal Use - Confidential
Achieve business recovery after a cyber event
Start by identifying business processes and relationships with applications and infrastructure
Recovery needs to understand impacts, criticality and relationships
Business Process Business Activities
1
2
3
Applications
4
Supporting infrastructure
A 1
2
3
C
B
IT Mapping
Business Mapping
Build the recovery plan
Execute the recovery plan
Business
Services
6. Copyright © Dell Inc. All Rights Reserved.
6
Dell Customer Communication - Confidential
7. Key Headlines
DORA
Key Headlines
• Management body bears full responsibility ICT risks
• Apply appropriate budget
• Review 3rd Party Risk management
• Define a Digital Resilience Strategy include operational and cyber resiliency
• Segregation of ICT management , Control, and internal audit functions
• Review at least once per year, ICT risks
• Test cyber-attack scenarios with switch over between Primary and redundant
capacity, backups and redundant facilities
• Cross-Border Coordination
• Regulatory Reporting
Fines
• 2% of the average daily worldwide turnover for up to six months.
• In the case of an individual, a maximum fine of EUR 1,000,000
• Individuals held accountable and possible custodial sentences
8. Key Articles from 5-25 from DORA Articles (below) align to Dell’s Resiliency &
Security Services (right)
CHAPTER II, ICT risk management
o Article 5, Governance and organisation, Digital Operational Resilience Act (DORA)
o Article 6, ICT risk management framework, Digital Operational Resilience Act (DORA)
o Article 7, ICT systems, protocols and tools, Digital Operational Resilience Act (DORA)
o Article 8, Identification, Digital Operational Resilience Act (DORA)
o Article 9, Protection and prevention, Digital Operational Resilience Act (DORA)
o Article 10, Detection, Digital Operational Resilience Act (DORA)
o Article 11, Response and recovery, Digital Operational Resilience Act (DORA)
o Article 12, Backup policies and procedures, restoration and recovery procedures and methods, Digital
Operational Resilience Act (DORA)
o Article 13, Learning and evolving, Digital Operational Resilience Act (DORA)
o Article 14, Communication, Digital Operational Resilience Act (DORA)
o Article 15, Further harmonisation of ICT risk management tools, methods, processes and policies,
Digital Operational Resilience Act (DORA)
CHAPTER III, ICT-related incident management, classification and reporting
• Article 17, ICT-related incident management process, Digital Operational Resilience Act (DORA)
• Article 18, Classification of ICT-related incidents and cyber threats, Digital Operational Resilience Act
(DORA)
CHAPTER IV, Digital operational resilience testing
• Article 24, General requirements for the performance of digital operational resilience testing, Digital
Operational Resilience Act (DORA)
• Article 25, Testing of ICT tools and systems, Digital Operational Resilience Act (DORA)
Dell Cybersecurity and Resiliency Align with DORA
Internal Use - Confidential 8 Copyright © Dell Inc. All Rights Reserved.
9. Copyright © Dell Inc. All Rights Reserved.
9
Internal Use - Confidential
Building a runbook tailored for business recovery
What Cyber Recovery Solution Runbook
Table of Contents:
<Customer Name>
CR Vault Recovery Runbook
CONFIDENTIAL
Cyber Recovery Vault Runbook overview ………………………………....4
Section 1: Plan Activation and Criteria ……………………………………..8
Section 2: Perform Forensics ……………………………………………....12
Section 3: Invoke Cyber Recovery Plan …………………………………..14
Section 4: Prepare for Recovery/ Restore Operations …………………..16
Section 5: Recovery Procedures……………………………………………17
Section 6: Backup Recovery………………………………………………...20
Section 7: Event Recording Log…………………………………………….24
How
Restore
Restore data from known Point in Time
Repair
Restore data and apply known fixes
Rebuild
Assume nothing, rebuild new environment,
restore transactional configs and data
Critical Rebuild
Materials
OS Images Applications
Business
Processes
Gather recovery requirements Create tailored documentation
10. © Copyright 2019 Dell Inc.
10
DORA Ransomware Recovery Vault Maturity
Organizational
Alignment
Maturity/Completeness of Vision
Physical Air-
Gap
Integration
Business
Continuity
Metrics
Virtual
Segregation
Maturing Vault Capabilities
Education
Runbooks/
Testing
Yearly
Testing Clean Room
DLZ
Analytics/
Detection
Recovery
Automation
App Dep
Mapping
Managed
Services
Integration
Incident
Response
Critical assets
backup
App
Recovery
runbooks
Backup
Optimization
Isolated Backup Foundation
Security
Build
Recovery
procedures
New App
Onboard
Process
Integrate
SDLC,
ITSM/ITIL
Maturing the Vault Perimeter
Phase 1
Phase 2
Phase 3