Global NUG Webinar: Top 3 Ways To Build Cyber Resilience | Recording & Resources | Nutanix Community
Technology grows increasingly sophisticated by the day, but this brings about a complexity that malicious individuals will seek to exploit via ransomware and other forms of cyber attacks.
In a webinar hosted for the Nutanix User Group community, network security experts spoke about the top ways organizations can build cyber resilience. By implementing a few of these recommended best practices, companies of any size can harden their security presence against the ever-proliferating number of ransomware offenders in the IT space.
Video Embed: Top 3 Ways to Build Cyber Resilience | Global Nutanix User Group Webinar
Key Takeaways:
- The basis of resilience in network security is a zero-trust framework.
- IT decision-makers can follow a methodology that limits the access, reach, and targets (ART) of ransomware attacks to further build resilience.
- A platform with comprehensive monitoring, automation, and governance capabilities can accommodate any security framework an IT team chooses.
What Is Cyber Resilience?
Cyber resilience is the ability of an organization to anticipate, withstand, recover from, and adapt to cyberattacks, natural disasters, or economic slumps. In an age when cyber attacks like ransomware are not only a frequent possibility but rather an inevitability, IT leaders must come to terms with the possibility that an event will occur and think of resiliency as a way of mitigating an event even as the event is happening.
On the topic of ransomware, the experts say, “...it’s kind of like the common cold. The reason why we keep getting sick with ransomware is because our ability to detect ransomware is obscured.” The prevalence and obscurity of modern ransomware necessitate greater cyber resilience.
There are nearly as many variants of ransomware as there are parties attempting to conduct ransomware attacks. Even so, there are historical examples of notorious ransomware variants that caused significant financial or societal damage. These include:
- Petya
- Wannacry
- Furlocker
- rEvil
- Darkside
Certain elements that are inherent to the advancement of IT and business unfortunately create protection challenges that inhibit an organization’s ability to deflect ransomware. These include increased complexity, tighter budgets, and obscured infrastructure visibility. The concept of cyber resilience exists to compensate for these challenges and allow solutions to flourish even in difficult times.
Operate in a Zero Trust Framework
“Predominantly, the means by which we protect systems is by the adoption of some type of framework,” the experts explain. Where many organizations stumble, though, is in seeing a framework as a “ceiling” that represents an end goal rather than a “floor” from which to build a constantly-improving security strategy.
Security using a Zero Trust Architecture (ZTA) is a cyber resilience model which provides a collection of concepts and ideas that minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services. “The great thing about zero trust,” says the experts, “is that it acknowledges the fact that technology advances through time.”
ZTA is not a stringent set of iterative commands to be executed in a command-line interface but rather a road map and directive to achieve an ethos of continuous security improvements with acceptance of evolving technology innovations.
This is all in contrast to the traditional “candy bar” framework, which entails a hard outer shell and a “soft chewy center,” meaning that network security comprises a defensive perimeter and a “trust zone” within the datacenter. “We need to move away from that now that we work in more microservices-based architectures,” say the experts.
Follow the ART of Cyber Resilience
“We’re not focusing our efforts on the practicable aspects of securing our environment, and I think that is really where our focus should be,” the experts go on to say. To that end, he suggests a cyber resilience method that focuses on access, reach, and the target, or ART for short.
Access
Following the principles of zero trust security, an organization must restrict user access on the basis of its ability to authenticate. Once the user authenticates by proving they are who they say they are, it is necessary to outline their authorization to access certain data via a role-based system. As an additional layer of security, there should be accounting in place to capture, annotate, log, and measure access traffic.
Reach
In the event that ransomware does access the network, it is essential to limit its reach. By being aware of what systems are accessible from any other system, it is then possible to reduce the lateral reach of ransomware by limiting those various points of access according to least privilege, monitoring for unexpected behavior, and applying system patches and updates regularly.
Target
The target of any cyberattack is data, and this is, therefore, the object that IT teams must protect. A data-centric approach to security implies ensuring that data is discoverable, manageable, protectable via data classification, and subject to monitoring for suspicious or malicious activity.
Build on Nutanix Cloud Platform
Another way to build cyber resilience is through the adoption of Nutanix Cloud Platform, which enables the implementation of other resiliency frameworks intrinsically and as capabilities of NCP. What Nutanix provides through various solutions and technologies are the tools necessary for maintaining monitoring, automation, and governance.
Nutanix Prism, for example, enables monitoring and alerting on the health of a cluster as well as alerts on the use of default passwords all within the Prism Central management interface. Within Prism, there is also the ability to apply patches very simply with Life Cycle Manager.
Automation is present throughout the Nutanix platform in such a way that grants freedom to developers whose talents are more suitable for innovative tasks. The Playbooks engine in Prism provides just one way of automating the process of alerting, tying in system alerts, and placing compromised systems in quarantine.
With full software-defined networking in AOS and AHV, as well as the ability to define isolated network namespaces with Flow Network Security microsegmentation, the platform guarantees a high level of infrastructure governance. IT leaders can establish their own formal structures and establish processes for measuring results every step of the way.
Revolutionizing Cyber Resiliency
Individuals and organizations are guilty of making consistent security mistakes across the last two decades, whether it is poor password management and opening bad email links in 2001 or using repeat passwords and responding to phishing attempts in 2021. Having resilient security requires company-wide revolutionizing not only of technology but also of the frameworks and policies that apply to every person accessing the network through a device.
That revolution starts with a zero-trust framework and extends to the everyday methods that IT admins use to control the access, reach, and targets of potential ransomware threats.
By choosing Nutanix as the platform on which to build these strategies, decision-makers give themselves the best possible advantages in a landscape rife with cyber risks. Nutanix Cloud Platform is a way for organizations to harden their IT resiliency in a way that promotes simplicity and facilitates operational freedom.
Learn more about building a data risk management plan as well as enterprise-specific data protection measures.
“The Nutanix “how-to” info blog series is intended to educate and inform Nutanix users and anyone looking to expand their knowledge of cloud infrastructure and related topics. This series focuses on key topics, issues, and technologies around enterprise cloud, cloud security, infrastructure migration, virtualization, Kubernetes, etc. For information on specific Nutanix products and features, visit here.”
© 2024 Nutanix, Inc. All rights reserved. For additional legal information, please go here.