Best practices for cyber readiness, recovery, and rebuild (SEC225)

Here is a detailed summary of the video transcription in markdown format, broken down into sections:

Cyber Resilience: Best Practices for Readiness, Recovery, and Rebuild

Introduction

  • Michael Fulo and Matthew Ericson from Confluera, an advanced APN partner, discuss best practices for cyber readiness, recovery, and rebuild.
  • Cyber resilience is defined as the ability to anticipate, withstand, recover from, and adapt to adverse conditions and threats.
  • The key focus areas are:
    1. Cyber resilience as a continuous process
    2. Adapting to changes as a critical component

Confluera's Approach to Cyber Resilience

  • Confluera provides protection and security for cloud assets and applications, acting as a trusted data custodian.
  • They offer encryption everywhere, post-quantum cryptography, hardened images, multi-factor authentication, and multi-person authorization.
  • Cyber resilience is a continuous process that includes:
    1. Sensitive data scanning and classification
    2. Threat recommendations and cyber deception
    3. Clean room recovery for testing
    4. Recovery modalities (Cloud rewind, rebuild, and Clumio)
    5. Continuous adaptation to changes and new threats

Serving a Broad Spectrum of Customers

  • Confluera protects customers across various services, industries, and deployment models (on-premises, public cloud, GovCloud, local zones, etc.).
  • They cater to specific verticals, such as public sector, financial services, healthcare, and high-tech/composable applications.
  • Confluera's deep integration with AWS services and organizations provides continuous discovery and protection.

Customer Success Story: Sony

  • Sony, a media and entertainment company, approached Confluera with challenges around complexity, cost, and security concerns as they rapidly moved to the cloud.
  • Confluera protected Sony's on-premises data, replicated it to the cloud, and provided a 4x lower RPO, significant cost reduction, and a single pane of glass for their entire estate.

Cyber Resilience for Gen AI Applications

  • Confluera provides deep protection for the infrastructure, data, and training data used in Gen AI applications.
  • They continuously evaluate and provide protection for emerging technologies, such as Amazon Bedrock and other AI models.

Mutable Virtual Air Gaps

  • Snapshots, service-independent backups, and network air gaps are modern approaches to achieving the protection of traditional physical air gaps.
  • AWS features like snapshot replication, cross-region copies, and immutability, combined with Confluera's solutions, provide these air gap protections.
  • AWS' new service, AWS Air Gap Protect, simplifies the creation of secure, immutable, and isolated storage for clean backups.

Clean Room Recovery

  • Testing recovery of production applications is a critical best practice often neglected by organizations.
  • Clean room recovery provides a simple and safe way to periodically test recovery of applications into a secure, isolated environment.
  • It automates the recovery process, including the restoration of resources and execution of runbooks, to reduce the mean time to recover.
  • Clean room recovery supports not just EC2 instances but also containers, Lambda functions, and other dynamic resources.

Cloud Rewind for Modern Applications

  • Traditional backup and recovery approaches struggle to handle the complexity of modern, distributed applications.
  • Cloud Rewind (formerly Anodot) continuously discovers and protects the data and metadata of these applications, allowing for "recovery as code" using CloudFormation.
  • This enables rapid recovery of the entire application, including all dependencies, to a new location or for testing purposes.

Event-Driven Continuous Backups with Clumio

  • Traditional backup and recovery approaches face challenges at scale, including speed, cost, and regulatory requirements.
  • Clumio (recently acquired by Confluera) provides an event-driven, cost-effective backup and recovery solution for S3 and DynamoDB.
  • It leverages a serverless architecture to scale backup and recovery activities based on events, optimizing for cost and performance.

Key Takeaways

  1. Protect all data that cannot be easily recreated.
  2. Establish air gaps for application data and metadata.
  3. Test recovery frequently using tools like clean room recovery.
  4. Adopt a "rebuild on demand" approach with solutions like Cloud Rewind.
  5. Consider event-driven architectures and protection for scalable data protection.

Additional Resources

  • Confluera's offerings available on the AWS Marketplace and their main website.

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.

Talk to us