?

WWT Cyber Resiliency

Recover from catastrophic cyber events

Cyber Resiliency


Disaster recovery (DR) solutions can get organizations back on track when a cyber attack hits production systems. But what happens when DR systems are compromised? 


It's a worst-case scenario but an increasingly common one. More cyber attacks are being designed to silently corrupt backup data. Once these attacks are activated, organizations have no way to restore good backup data in time to meet SLAs.


Cyber resiliency goes beyond DR and business continuity (BC) solutions. By programmatically testing the integrity of backup data and isolating its flow, organizations can recover when DR and BC systems are compromised.

WWT's cybersecurity practice applies a methodology that gives organizations the business acumen, customized architectures and operational discipline they need to recover from catastrophic cyber events. 

 

Identify and align to business requirements

Because cyber resilience defends against corporate-wide attacks, it's critical to understand where the business holds the most risk. CISOs need to understand board-level objectives and concerns. CEOs, COOs and CFOs need to understand the business value of cyber resilience. 

We help CISO organizations:

  • Document the resilience drivers for their organization.
  • Identify gaps in their resilience program by assessing their current resilience posture.
  • Establish a board-approved, organizational resilience program delivery model that includes program management, management discipline scope, risk identification and management, and a governance and accountability framework.
  • Map financial and reputation damage to distinct lines of business and critical systems.

Develop a governance model

While DR and BC solutions reside within IT, cyber resilience starts at the CISO organization. This means incorporating a governance model that encompasses business, architecture and operations.

We help CISO organizations:

  • Compile and summarize information about the overall maturity level of an information security program using a comprehensive scoring matrix.
  • Understand how integrating governance, risk and compliance processes can reduce costs and mitigate or reduce risk.
  • Define a roadmap that recommends specific programs, architectures and technologies to achieve best practices and/or prescriptive regulatory compliance guidance.
  • Evaluate enterprise security posture and compliance against internationally accepted information security frameworks or regulations.

Apply automation

Meeting mandated recovery point and recovery time objectives during a catastrophic cyber event requires automating multiple systems across the enterprise. We find that relying on a single vendor's solution is cost prohibitive as too many existing investments must be ripped and replaced due to their interdependence. 

We help CISO organizations:

  • Build a zone-based, cyber resilient architecture around existing technology investments.
  • Automate across different technology domain based on the fastest path to recovery.
  • Validate proposed architectures by rapidly conducting proofs of concept.
  • Implement technology.

Establish a testing framework

Continuously validating backup recovery is key to cyber resiliency. Organizations must establish an automated CI/CD pipeline for testing, but they also must train personnel for when a catastrophic cyber event occurs. 

We help CISO organizations:

  • Validate the integrity of backup data.
  • Conduct tabletop exercises to account for the human response to a catastrophic cyber event.
  • Build playbooks for different types of attacks that can cause corporate-wide outages.
  • Access a complete portfolio of Cyber Lab Services to reduce the cost, time and risk that comes with security technology evaluation and testing. 

Related Reading

Page Thumbnail
Article

3 Ways to Operate Public Cloud Segmentation

Common approaches to setting up secure and segmented public cloud application environments.
Page Thumbnail
Article

Ready Or Not, Cyber Resilience Is Here to Stay

There are a few basics when it comes to cyber resiliency, and it's important that you're not forgetting them.
Page Thumbnail
Article

Optimize Your Organization's Cybersecurity Program With Automation

Automation can be a powerful tool for cybersecurity analysts, from helping them improve the time it takes to mitigate threats to focusing on the threats that really matter.
Page Thumbnail
Case Study

Enterprise Segmentation Strategy Helps Global Financial Institution Address GDPR and MIFID II Requirements

Application discovery, stakeholder consulting, architecture design and solution feasibility define path forward for implementation of segmentation zones and controls.
Page Thumbnail
Assessment

Cybersecurity Program Assessment

WWT is a global leader for the majority of F100 and government organizations, providing audit, compliance and risk management readiness assessments. Specific business units or an entire organization may be evaluated within an assessment to identify findings, gaps and a risk management roadmap. WWT provides a level of detailed analysis to create roadmaps to increase security program maturity and maximize the use of people, processes and technology to reduce risk while increasing efficiencies. <br/><br/> Organizations have different requirements, to both meet compliance and desired areas of risk management focus. For example, US DoD contractors and supporting organizations are required to be CMMC compliant, thus requiring readiness assessments using the CMMC framework published by the US DoD. Other organizations may desire to use a framework like ISO, to focus more upon business controls and operations. WWT supports a wide range of assessment including but not limited to NIST (a wide variety), ISO, CIS, and CMMC.