General
We have an infrastructure security solution, so we are protected...
End with a TEDW question
-You still need Infrastructure Security
-Fundamentally different from Data Security
-Have to have both to survive ransomware
What is TEDW? What's the purpose?
“Talk me through.../Tell me…”
“Explain…”
“Describe…”
“Walk me through…”
Encourages dialogue and expression-- an incredibly powerful tool to build an understanding of the other person's position
What is data resilience in terms of Rubrik?
Secure your data from insider threats or ransomware with air-gapped, immutable, access-controlled backups
-Immutable
-Retention Lock
-MFA, TOTP, RBAC, NTP
-Logical Airgap
What is data observability in terms of Rubrik?
Continuously monitor your data for ransomware, remediate sensitive data exposure, and find indicators of compromise
-Ransomware Investigation- Blast Radius
-Sensitive Data Discovery
-Threat Hunting
What is data remediation in terms of Rubrik?
Surgically and rapidly recover your apps, files or users, while avoiding
malware reinfection
-Mass recovery
-Orchestrated app recovery
-Threat Containment
I'm in IT Ops, it is IT Security's job to investigate a ransomware attack...
End with a TEDW question
-Typically, we see both IT ops team and their Sec Ops team are engaged in the event of a ransomware attack
What is Rubrik?
End with a TEDW question
- Data Security
- Resilience, Observability, & Remediation
- cyber-proof your backups
- continuously monitor your data
-ensure safe and quick recovery
What are some specific Rubrik features that ensures data resilience?
End TEDW
Immutable
Retention Lock
MFA, TOTP, RBAC, NTP
Logical Airgap
I would know if malware got into my environment... End with a TEDW question
- malware can sit dormant in an environment
- blast radius
I already have backups to recover from... (Reinfection) End with a TEDW question
- targeting backups
-clean copy
- recovery point
I thought M365 was protected by Microsoft...
End with a TEDW question
-M365 is a tier 1 app that’s being attacked
-MSFT suggests 3rd party protection
-Core operational problem - granular or scale recovery
-Cyber risk problem - admin credentials are compromised
Isn't Rubrik just backup? We already have a backup solution...
End with a TEDW question
Business built on backup / recovery - best way to get access to all data
Always having a “Security First” mindset & architectural principles
Langs
I already have backups to recover from... End with a TEDW question
- backup data is compromised
- discover any data anomalies/what applications are impacted
- recover critical applications in a timely manner
I know where my sensitive data lives... End with a TEDW question
- Classification can be manual
- Avoid double extortion = knowing sensitive data exposure (get house in order today)
I already have backups to recover from... (Complexity recovery process) End with a TEDW question
- time spent on answering the questions
-Clean recovery environment
- Automate app-level recovery
- Testable plan
I'm in IT Security, if we have to recover from an attack, that is IT Ops' job...
End with a TEDW question
-Typically, we see both IT ops team and their Sec Ops team are engaged in the event of a ransomware attack
We were already hit a few years ago, we've addressed our vulnerabilities...
End with a TEDW question
80% of ransomware victims suffer repeat attacks
Our backups are immutable...
End with a TEDW question
- turn feature on/ turn feature off
I would be able to identify what was infected...
End with a TEDW question
- time spent on discovering scope of the attack
I have a list of mission critical apps written down... End with a TEDW question
average downtime cost totaled $283,000
Automate app-level recovery
Testable plan
If we get attacked, we will probably just pay the ransom (direct vs indirect costs)...
End with a TED-W
Direct: Downtime, ransom payment
Indirect:lost productivity, damaged reputation, customer churn, legal fees, non-compliance fines, penalties, and restitution
If we get attacked, we will probably just pay the ransom to get our data back(complexity even after paying the ransom)...
End with a TED-W
- Decrypter key doesn't work
- double extortion
Tell me a customer story (data resilience)... End with a TEDW question
ex.
- WED2B
two recoveries taking place: one for data managed by Rubrik and one for Azure
backups. data on Rubrik was back up and running within 24 hours, it took weeks upon weeks to get NAS back up and running since it was not protected by Rubrik
Tell me a customer story (data observability)...End with a TEDW question
Ex.
Langs
Tell me a customer story (data remediation)... End with a TEDW question
Langs