1 of 36

Cyber attack

What after?

Daniel.Olkowski@dell.com

2 of 36

Our environment

Applications,

Databases,

Mail

Linux, UNIX, Windows,

Backup

Server

DBs

Mails

Linux, UNIX, Windows,

Site A

Tape

library

Disk

system

SAN

Media

agent

Tape

library

Disk

system

VM

Data Domain

VM

LAN

Site B

Applications,

Databases,

Mail

Dell - Internal Use - Confidential

2

of Y

Dell Customer Communication - Confidential

3 of 36

Agenda

Threats
Compliance
DIA
Replication
And more!

3

of 20

Internal Use - Confidential

4 of 36

Cyber threats 2021: �the facts

Every 11 seconds�a cyber or ransomware attacks occur.*

39s

4

of 16

86%

of breaches �are financially motivated.

71%

48%

of breaches involved�small business.

43%

$6T

Total global impact of cyber crime in 2021.

Cybersecurity �Ventures

$1T

*Sources: Cybersecurity Ventures: � https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-20-billion-usd-by-2021� https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021

$13M

$24.7M

Avg. cost of cybercrime for an organization.

Banking	$18.4M
Utilities	$17.8M
Software	$16.0M
Automotive	$15.8M
Insurance	$15.8M
High Tech	$14.7M
Capital Markets	$13.9M
Energy	$13.8M
US Federal	$13.7M
Consumer Goods	$11.9M
Health	$11.9M
Retail	$11.4M
Life Sciences	$10.9M
Media	$9.2M
Travel	$8.2M
Public Sector	$7.9M

4

of Y

Speaker Notes:

Cyber threats don’t cause mere thousands of dollars of loss anymore—the damage is in the trillions. Accenture forecasts over $5T of global value at risk over the next 5 years.

Attacks are virtually non-stop and the cost per attack continues to increase. And while there is a common misconception that only certain sized businesses or industries are attacked, the reality is that nobody is immune. Bad actors target businesses of all sizes, and across all industries.

Additional notes:

– Attackers are able to move along the cutting-edge of accelerated technology transformation, exploiting vulnerabilities as they emerge.

– Attacks are increasing, as it the attack surface, and the potential impacts on business are greater than they have ever been before.

If we consider some of the trends we’ve discussed so far, they are creating great opportunity as we’ve seen…

…but they are also leading to greater potential for cyber attack, with greater potential for damage than ever before.

We’ve seen companies make rapid technology changes during the crisis without considering the security implications.

We’ve seen a huge increase in the number of remote workers, and therefore the surface of potential attack.

There is also a related increased potential for insider threats – for example from disgruntled employees who now have remote access to company servers.

Aside from this, more long-term we’ve seen R&D cycles shorten, driven by customer expectation of product updates, meaning less time to test for vulnerabilities.

And we’ve seen the emergence of companies who rely on their digital platform and data as their very identity. The stakes for them couldn’t be higher.

It’s particularly alarming, then, to read this quote from the World Economic Forum, in assessing the global risks brought by the pandemic:

“According to 38% of the risk experts surveyed, new working patterns leading to cyberattacks and data fraud are the most likely technological fallout risk for the world.”[1]

They report, for example, that phishing scams have increased markedly during the crisis.

Meanwhile, business leaders, of course, are acutely aware of the penalties for a failure to comply with GDPR – a €20m maximum fine, or 4% of global turnover.[2]

And that is aside from the reputational costs already inherent in being breached.

Even before the pandemic outbreak, as many 61% of large businesses had reported an attack in the previous 12months – those are 2019 UK government figures.[3]

And new types of threat are emerging every day of course – and they’re often going undetected.

On average, advanced cyber attacks go undetected for 197 days. [4]

From phishers, to hacktivists, to state-level attackers, criminals are clearly pursuing a cyber arms race with the business world.

So what does the perfect response look like? [Click to next slide]

Sources for Additional Notes: 1 – http://www3.weforum.org/docs/WEF_COVID_19_Risks_Outlook_Special_Edition_Pages.pdf 2 – gdpr.eu/fines 3 – https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/875799/Cyber_Security_Breaches_Survey_2019_-_Main_Report_-_revised.pdf 4 – https://www.delltechnologies.com/en-gb/microsites/connected-cybersecurity.htm#overlay=/content/dam/delltechnologies/assets/microsites/connected-cybersecurity/cyberattack-types.pdf]

Sources of Statistics:

2020 Verizon Data Breach Investigations Report: https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report.pdf

2019 Accenture Cost of Cybercrime Study : https://www.accenture.com/us-en/insights/security/cost-cybercrime-study

2020 Accenture Cost of Cybercrime Study : https://www.accenture.com/us-en/insights/security/cost-cybercrime-study

Cyber attack every 11 seconds – Cybersecurity Ventures: https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-20-billion-usd-by-2021

$6T total global impact of cyber crime in 2021 - https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021�2020 RiskIQ report - $24.7M USD cyber crime costs organizations on average in 2020 - https://www.helpnetsecurity.com/2020/08/28/global-cost-of-cybercrime-per-minute/

NEXT SLIDE

5 of 36

92%

Organizations cannot detect cyber attack

Average time to detect is 100 days

67%

Organizations had incident within last year within real issues

39%

Yearly detected

ransomware within malware

Dell Customer Communication - Confidential

6 of 36

Broad spectrum of sophisticated cyber threats

Motivations, Techniques and Goals

Terrorism

Sabotage & destruction to instill fear

Hacktivism

Advance�political �or social�causes

Insider

Trusted insiders �steal or extort �for personal, financial, & ideological reasons.

Increasingly targeted because of privileged access to systems

Warfare

Nation-state actors�with destructive cyber weapons�(NotPetya)

Espionage

Corporate or Nation-state actors steal valuable data

Crime

Theft & extortion �for financial�gain

6

of Y

Speaker Notes:

Too often, we see organizations focused on guarding against a very specific type of cyber attack or cyber actor. This narrow focus can put them at risk.

It's important to understand that Cyber attacks take many different forms and the attackers may have a variety of motivations, techniques and even platforms from which to launch their attacks. Thus, for example, organizations cannot count on paying a ransom as a last line of defense. While data may be encrypted and look like a ransomware-based attack, it may have been launched from a Nation state as a weapon, an insider with an ax to grind, or a hacktivist whose agenda is ideologically motivated and not financial. There may be nobody to pay to decrypt the data.

One of the most difficult types of cyber attack to defend against is one launched by an insider (knowingly or unknowingly). They tend to have physical access, full knowledge of the infrastructure and may even have benefitted from privilege creep, giving them access to more systems.

A good cyber recovery strategy takes all of these into account.

NEXT SLIDE

From Deleted Slide:

Main ideas:

– Attackers are able to move along the cutting-edge of accelerated technology transformation, exploiting vulnerabilities as they emerge.

– Attacks are increasing, as it the attack surface, and the potential impacts on business are greater than they have ever been before.

Narrative:

If we consider some of the trends we’ve discussed so far, they are creating great opportunity as we’ve seen…

…but they are also leading to greater potential for cyber attack, with greater potential for damage than ever before.

We’ve seen companies make rapid technology changes during the crisis without considering the security implications.

We’ve seen a huge increase in the number of remote workers, and therefore the surface of potential attack.

There is also a related increased potential for insider threats – for example from disgruntled employees who now have remote access to company servers.

Aside from this, more long-term we’ve seen R&D cycles shorten, driven by customer expectation of product updates, meaning less time to test for vulnerabilities.

And we’ve seen the emergence of companies who rely on their digital platform and data as their very identity. The stakes for them couldn’t be higher.

Attackers are able to move along this cutting-edge of technology transformation, exploiting vulnerabilities.