Business Resiliency

Securing the Modern Data Center

David Edborg By David Edborg Portfolio Manager, Business Resiliency April 19, 2016

The nature of cyber-attacks is evolving. Traditional cyber-crime centered on the theft of information and attacks to shut down an organization’s Internet presence. Emerging threats include cyber destruction and cyber extortion or blackmail.

The data that runs our businesses has a lot of value to criminals, particularly data about our customers. A recent study published by Dell SecureWorks pegged the value of banking credentials at 1% to 5% of the account balance, $90 for 300,000 airline points, $30 for an America Express Card, and $500 for credentials to a corporate email account. And cyber extortionists are demanding $600 to $1800 for encryption keys to unlock data held for ransom.

There are basically two primary motivations behind these crimes: criminals that steal information for profit, and hacktivists who seek to shutdown Internet sites or destroy data for ideological reasons.

Understanding the nature of the crime can help us construct appropriate defenses.

IT organizations need to adapt their security approach to address these new threats. In the past we focused on protecting ourselves from the outside world with protection technologies such as firewalls, DMZs, VPNs and access controls. However, many of today’s new threats are unleashed on the inside; disgruntled employees, malicious Internet sites, phishing, spear phishing, and whaling emails that release malware inside of IT’s perimeter defenses.

These emerging threats are rocking our organizations. Cyber criminals seem to stay a step ahead with new malware variants and encrypted viruses, while regulatory agencies are drafting new rules on how we need to protect and test our protection schemes.

At EMC World on May 2-5, I will go over the details on these emerging threats and the challenges we face in protecting against them. I invite you to join me on Monday with my colleague Azeem Aleem from RSA to our session is titled “Securing the Modern Data Center”. Later on Monday, I will be joined by Nazir Vellani from Ernst & Young for a session titled, “Ernst & Young: Isolated Recovery Solutions” where we will cover the associated regulatory, compliance, testing, and governance for an organization’s data assets.

I’ll also be patrolling the Global Solutions booth and the Core Technologies Division booth (#364). Visit the live data center and meet the experts Stefan Voss (@VossmanVoss) and Alex Almeida (@alxjalmeida) who designed the infrastructure piece of this solution. Please to stop by either location to introduce yourself, or ask more detailed questions.

David Edborg

About David Edborg

Portfolio Manager, Business Resiliency

David originally joined EMC (now Dell EMC) in 2005 and is currently the Portfolio Manager for Dell EMC Business Resiliency Services. Over his career at Dell EMC, David has served as a Global Practice Manager for Availability Technologies, as an Availability Services Solutions Principal, and as the Chief Architect for EMC’s Continuous Availability Services Line.

David has over thirty years in the computer security and disaster recovery industries. Out of college David worked as an IBM Assembler coder and wrote operating system mods for ACF2/VM; the first ever security product for IBM’s Virtual Machine OS. He has worked with other vendors and partners in the DR industry, including supporting recoveries from the 9/11 event. David has also worked in the packaged software industry as Director of Development and Support for a computer security product.

Read More

Share this Story
Join the Conversation

Our Team becomes stronger with every person who adds to the conversation. So please join the conversation. Comment on our posts and share!

Leave a Reply

Your email address will not be published. Required fields are marked *