Skip to Content
15:44 Webinar

From Ransomware Defense to Cyber Resilience

Hear from a government CIO, a real-life hacker-turned good guy, and a technology leader as they offer their unique perspectives on building a resilient data storage environment.
This webinar first aired on June 19, 2024
Click to View Transcript
00:05
I'm Kritika B, Cio for pure storage. And I wasn't going to start with this, but this is the coolest stage I've been on, I've been on many stages. This is the coolest one. Now that I've got that out of the way in this morning session over the next 10 to 15 minutes, we're going to discuss real world issues and trends as they relate to building resiliency.
00:28
Now, I'm sure many of you spend a lot of time thinking about resilience and also planning for the possibility that you might lose access to your data. Now, this planning is absolutely essential, but we all know that the unexpected can and will happen and this could be things like natural disasters, like earthquakes could be unpredictable events like floods and let's not forget the human element.
00:54
We have human errors, we have rogue admins and even planned outages that could impact access to our data and disrupt business operations. Furthermore, with ransomware on the increase and continuously evolving, it is of paramount importance that we secure our data. So now let's see what happens when all this planning meets real life.
01:21
And I'm so excited to have you here to share your insights on trends, your experiences and the importance of building a resilient environment for our data. So Hector, without further ado I'll start with you. You have such an interesting background. You started as the technical lead for L and anonymous hacking collectives.
01:45
You were involved in the attack on the cyber attack on Sony pictures. The biggest data breach, one of the biggest data breaches of its time, you've targeted various government affiliated sites globally including launching a DDOS attack that took down the CIA website for several hours. But today, as the good guy, you help businesses and
02:11
organizations test their system resiliency and identify security vulnerabilities by simulating cyber attacks. So I'm sure with us some of the emerging cybersecurity trends um that you see that um organizations need to be prepared to address and also the key, key concerns that they need to be prepared to address.
02:35
Yeah, I mean, it's a great question as someone that's still on the offensive side, even as a red teamer today and a researcher, uh my job is to always be on top of emerging threats. I want to be able to help organizations understand what those threats are. And so we're seeing a bit of concern regarding A I, right. There's a I for good and there's a I for bad on
02:55
the good side. I'm happy to announce that I'm sure you guys will see it. There's a lot of great software and products and tools that are leveraging A I for detection and responsive anomalies. On the flip side, you're seeing deep fake attacks against CFO S and C Suite executives and, and of course, that set ends up with folks losing money.
03:13
You have ransomware, that's still very uh um I would say successful in most cases and you have a lot of organizations, they're still kind of dealing with how to become resilience against a ransomware campaign. And of course, you have supply chain attacks and those supply chain attacks are becoming more sophisticated law term persistence, two year engagements against developers. And these guys are actually getting access to
03:36
organizations through these third parties. Thanks. He a lot of good information there to unpack. And I know many of us have the opportunities and challenges with the evolving A I technologies. On top of mind, Kim, as the cio for the city of New Orleans, you have faced um so many traumatic events from a technology perspective,
03:57
uh ransomware attacks, hurricanes and even a data center fire. So share with us. Um what happened here. How did it impact your team, the city services and ultimately the residents. Thank you Krithika. So the city of New Orleans has 400,000 residents. Uh We service 5000 city employees and our team
04:19
uh includes workers who support police fire and emergency medical services. So our daunting task were made even more daunting when we were faced with a 2019 ransomware attack that took all city services offline, all technology services came to a complete halt. Um We led a response with the Louisiana National Guard that brought in 200 volunteers to completely rebuild our technology
04:46
environment. So the impact on city services was great and the impact on our residents were during that time, our city services were offline. So access to data and information and an approaching tax season, it was a pretty daunting task for us to recover from that attack. Yeah, so Kim, these threats that we've talked about, right that you faced,
05:08
they cover a fair bit of ground. So share with us what strategies did you have in place to ensure data resiliency before all these adverse events and what adjustments did you make to tune those residency plans afterward? Interestingly, so the state of Louisiana had faced similar uh attacks in the months leading up to the cyberattack against New Orleans.
05:34
So we knew we had to have a resilient data infrastructure. Uh We had to do things like classify our data and understand what data we had and then uh how we were going to protect that data. So we had tiered our data, we knew which data was important how we would recover. We had a robust uh recovery strategy already designed and that strategy paid off for us.
05:56
Um We had safe um safely looked at what we would do in the event of an attack and we were prepared for it, unfortunately, prepared for that. So, um that response was really great for us. Um But then uh thinking forward, uh we had a fire in our data center during Hurricane Ida, which was two years later. And resiliency brought us not just to thinking
06:23
about how we would recover from a cyber attack, but then going forward, how we would make our data more resilient. It had meant that we moved to a data center outside the city of New Orleans and we stood up a robust backup strategy and that strategy came into play because two years later, a fire in our data center, a natural disaster and then a structural disaster meant we had to put that data recovery
06:48
strategy immediately into action. And that was uh all the planning and all of the things that we do did to prepare and make our data resilient really paid off for us at that time. Yeah. And it's an excellent point that um you, you got to start by knowing your data and categorizing your data and then proceeding to protect you. Yes, Hector.
07:07
So we've seen the adverse events that um you know, Kim had to face in a very short period of time. How do you assess organizational readiness to reduce risk and defend against data loss? And furthermore, what are the gas that organizations may not be thinking about that could affect resilience? Yeah. Um I I'll try to leave you with a good.
07:29
Gotcha at the end there. Um But yes. So right now you have the tools um that would help you get to a point where you can start to identify potential gaps in the organization. We have great resources like the N cybersecurity framework. There's a whole bunch of other frameworks and policies, uh or compliance uh uh frameworks that you could utilize depending on your
07:49
industry, depending on the kind of work you're dealing with, what kind of data you're storing. Um You wanna be able to, you know, work with your team. You have two wonderful cio s here. Um They'll be developing and deploying and working on uh you know, those based policies. You want to make sure that your CIS OS and this
08:05
it and the rest of the IES teams are kind of following suit on detection, protecting, classifying, assessing which assets are very important to you, um which are going to be your crown jewels. Um And then of course, being able to uh implement uh the capabilities to detect uh when an uh an attack is going to happen. If you detect a potential breach, what is going
08:27
to be your response. And then finally, you know, how are you going to maintain some sort of resiliency during all of this? Right? This is going to be very important for everybody in this room here to have some sort of business continuity. Um And that's going to require that you kind of look at your,
08:41
uh your long term strategies for your security program and then finance for a, gotcha. I'll give you one that might be a little bit scary for some of you in here. But with the recent takedown of the lock, um, the locked ransomware group and their affiliates, uh some precedents were set uh as a result of takedown and this was a global
08:58
operation between the FBI and NC A and some of the organizations. But the consequence of that is that locked and his affiliates have been added to the OFAC list. So if you are a victim of any of these affiliates and you have to pay a ransom, it is illegal for you to pay the ransom. That's a gotcha good one there. Yeah. Uh Hector with all these changes that we've
09:18
been seeing and discussing with cyberattacks and ransomware. What are some of the key things that organizations can do to improve cyber resiliency? Oh, yeah, I mean, look, that's a fantastic question. Um Here's what I'm seeing from the offensive side. I am a red teamer.
09:33
Some of you guys will call me in to assess your security, identify gaps. Um I do the engagement, I do a red team and whatever, you know what I'm noticing. Uh Critica, um Sometimes there are disconnects very bad disconnects between the CIO, right? And her policies and the CIO and the rest of the teams are supposed to be enforcing her policies.
09:51
Now, if, if Kim sets the policy and her team is not enforcing that policy, but nobody's validating whether those policies have been uh you know, put in place, then you have a massive gap and you won't even identify that gap once there's an incident, right? Um So you wanna make sure you guys communicate, communicate with teams,
10:09
leave the ego in politics outside. You guys are all working as a team. Um And of course, hygiene testing, validation. You guys are investing in EDRS. We validated your EDR uh is working to where it needs to be. You have a sock team, you have MS sp you have other capabilities you've added and invested in.
10:26
Well, let's validate to see those tools work, right? The problem a lot of organizations do is they'll, they will invest in a very expensive set of products or tools or solutions, they'll set it and then they'll forget it and move on with their lives. You know, sometimes you have to tweak your software, sometimes you have to kind of ensure that the software is working.
10:45
Now, in terms of data, I love the idea of the data classification, right? Because sometimes you may not be able to uh um you know, routinely back up all of your data or recover very quickly all of that data. You need to kind of classify, identify which data is sensitive which ones you want to prioritize over everything else. If all you need to pull is one terabyte of data
11:06
uh outside of uh you know, 10 petabytes of data then. Yeah, that's gonna speed uh speed up your recovery. So um and also finally, Critica um when it comes to security, you're always, and I, and I hate to be so cliched but you're, you're only as secure as your weakest one. Yeah.
11:21
Yeah. Good, good point there. And um I think you've given us a lot of, you know, good points that it and security leaders jointly need to have on their radar and be working through. Yeah. Uh Kim uh my last question of the session to you, um you faced off with both hackers and the theory of nature.
11:40
What advice do you have for people who think and work technology all day long about disaster resilience and how they could reduce risk? Well, first piece of advice, if you think about technology all day, keep thinking about technology all day. It should be the thing that keeps you up at night. Your data resilience strategy is so important
12:04
to your organization. Think through the worst case scenario. Think about the things that you don't expect to happen and you plan for those things. Um I think another really important thing is to build relationships, think about your future technologies and how you would implement things in uh a worst case scenario or just where you're going next. Uh build those relationships.
12:27
In fact, for us, our pure storage rep contacted us within hours after the cyber attack, he was there 24 hours later and 48 hours after that, we had product on the ground. So shout out to Tom Grady and the wonderful team in New Orleans for the work that they did for us. But um those are the things that really made us recover successfully. And then when an unexpected situation happened,
12:55
as Hector said, we had also planned for that and tested those strategies. So, natural disaster comes uh fire in our data center and we were able to restore our infrastructure within days and that was really critical to the city of New Orleans because our residents were without information. So if this is the way that you're thinking, you're on the right track and you should
13:17
constantly think along those lines. Resilience is Kim. Um we really appreciate your partnership and I'm so glad pure was standing by your side to ensure you have that resilient infrastructure to keep your data available. And if Tom is here, Tom Grady, please do stand up and take a bow.
13:37
Yeah. So as we can see, resilience isn't just about adding an air gap and hoping and even praying that everything's going to work out. It's about having that platform that enables you to detect and protect and gives you the technologies to rapidly recover from adverse events into a clean environment and restore your business operations as soon as you can,
14:06
Kim and Hector um Thank you so much for joining us today and sharing your insights with us. We really appreciate it. Ok. And for those of you who would like to continue the conversation Hector will be at our smart bar starting at 3 p.m. today along with our pr experts. And he is also part of a solution um session tomorrow morning,
14:32
uh which is defend your business using pure cyber resiliency solutions. Now, before I welcome our next speaker, uh VPO product marketing, Stephanie Richardson. I'm really thrilled to be announcing the winner of our Data Warrior Award, a customer who's really pushing the boundaries of A I and voice recognition over to the video,
15:04
a pioneer in voice recognition and A I media. Zen helps leading companies improve the world we live in by making A I interactions more seamless and natural powered by the pure storage platform media. Zen built a high powered R and D environment to supercharge its A I research cutting modeling time from one year to just two weeks and building new voice recognition models in less than a month.
15:29
Congratulations to media Zen, a true innovator in his field and this year's pure storage data Warrior Breakthrough Award winner.
  • Ransomware
  • Video
  • Pure//Accelerate
  • Cyber Resilience

Hear from a government CIO, a real-life hacker-turned-good guy, and a technology leader as they offer their unique perspectives on building a resilient data storage environment. Krithika Bhat, CIO for Pure Storage, kicks off the session by highlighting the critical need for robust data resilience planning to protect against natural disasters, human errors, and ransomware attacks.

Hector Monsegur, a former hacker, now helps organizations identify security vulnerabilities and enhance system resilience by simulating cyber attacks. He discusses emerging cybersecurity trends and emphasizes the importance of staying ahead of threats, particularly with the rise of AI-driven attacks.

Kim Walker LaGrue, the CIO for the city of New Orleans, shares her experience dealing with multiple crises, including ransomware attacks, hurricanes, and a data center fire. She explains the strategies her team implemented to ensure data resilience, such as classifying and protecting critical data, and how these plans were put to the test during real-life events. The importance of partnerships and having a robust backup strategy is underscored by her success in restoring services quickly after disasters.

ROADSHOW

Pure//Accelerate Events

Join us for a Pure//Accelerate event happening in a city near you. Register today and discover the storage solutions and strategies to power the next generation and beyond.
10/2024
DORA Compliance with Confidence
Discover how Pure Storage and Commvault help financial institutions meet the most stringent DORA requirements.
Solution Brief
3 pages
Continue Watching
We hope you found this preview valuable. To continue watching this video please provide your information below.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Your Browser Is No Longer Supported!

Older browsers often represent security risks. In order to deliver the best possible experience when using our site, please update to any of these latest browsers.