drj logo
  • This field is for validation purposes and should be left unchanged.

Already have an account? Log in

drj logo

Welcome to DRJ

Already registered user? Please login here

Login Form

Register
Forgot password? Click here to reset

Create new account
(it's completely free). Subscribe

Skip to content
Disaster Recovery Journal
  • EN ESPAÑOL
  • SIGN IN
  • SUBSCRIBE
  • THE JOURNAL
    • Digital Edition
    • Article Submission
    • DRJ Annual Resource Directories
    • Article Archives
    • Career Spotlight
  • EVENTS
    • DRJ Spring 2023
    • DRJ Fall 2023
    • Other Industry Events
    • Schedule & Archive
  • WEBINARS
    • Upcoming Webinars
    • On Demand
  • MENTOR PROGRAM
  • DRJ ACADEMY
    • DRJ Academy
    • Beginner’s Guide to BC
  • RESOURCES
    • New to Business Continuity?
    • White Papers
    • DR Rules and Regs
    • Planning Groups
    • Business Directory
    • Business Resilience Decoded
    • DRJ Glossary of Business Continuity Terms
    • Careers
  • ABOUT
    • Advertise with DRJ
    • DE&I
    • Board and Committees
      • Executive Council Members
      • Editorial Advisory Board
      • Career Development Committee
      • Glossary Committee
      • Rules and Regulations Committee
  • Podcast

National Insider Threats Awareness Month

by Jon Seals | September 2, 2022 | | 0 comments

The Office of the Director of National Intelligence website posted this message, “The Acting Director of the National Counterintelligence and Security Center has issued his letter of endorsement for the fourth annual National Insider Threat Awareness Month in September 2022. Please join us during September to emphasize the importance of safeguarding our nation by detecting, deterring, and mitigating insider threats…”

Don Boxley, CEO and Co-Founder of DH2i (www.dh2i.com), Surya Varanasi, CTO of StorCentric (www.storcentric.com), and Brian Dunagan, Vice President of Engineering, Retrospect, a StorCentric Company (www.retrospect.com) have offered their thoughts: 

Don Boxley, CEO and Co-Founder, DH2i (www.dh2i.com): 

“Over the past couple of years, work from home (WFH) has morphed into work from anywhere (WFA). While few would argue the horrors of the pandemic, WFA could be viewed as one small positive. Organizations and their employees have learned that we can work from virtually anywhere given the right circumstances. And by circumstances, I mean, support from leadership and the right technology.

Unfortunately, the WFA paradigm has also led to an exponential increase in cybersecurity attacks – not just from external cyber criminals but from malicious internal bad actors as well. And what makes the internal threat even more dangerous is that many of these bad actors are armed with knowledge of confidential internal security procedures, which adds to their ability to cause serious harm to your organization.

We saw quite a bit of this at the start of the pandemic when people were first sent home virtually overnight to work. Many organizations were forced to depend upon their virtual private networks (VPNs) for network access and security and then learned the hard way that VPNs were not up to the task. It became clear that VPNs simply were not designed or intended for the way we work today. Both external and internal bad actors could, were and are still exploiting inherent vulnerabilities in VPNs. Instead, forward looking IT organizations have discovered the answer to the VPN dilemma. It is an innovative and highly reliable approach to networking connectivity – the Software Defined Perimeter (SDP). This approach enables organizations to build a secure software-defined perimeter and use Zero Trust Network Access (ZTNA) tunnels to seamlessly connect all applications, servers, IoT devices, and users behind any symmetric network address translation (NAT) to any full cone NAT: without having to reconfigure networks or set up complicated and problematic VPNs. With SDP, organizations can ensure safe, fast and easy network and data access; while slamming the door on potential cybercriminals.”

Surya Varanasi, CTO, StorCentric (www.storcentric.com):

“This September 2022 marks the fourth annual National Insider Threat Awareness month. It aims to shine a spotlight on the critical importance of defending against, detecting and mitigating damages from insider threats. Indeed ransomware and other types of malicious malware attacks are not only perpetrated by external cybercriminals, but internal bad actors as well. And, the expense is not only measured in ransomware payments, but also the almost incalculable cost of operations downtime, lost revenue, legal fees, regulations compliance penalties, a rise in insurance premiums, and/or a loss of customer trust. 

The need to backup data has become ubiquitous. But now, as ransomware and other malware attacks continue to increase in severity and sophistication, we understand the need to protect backed up data by making it immutable and by eliminating any way that data can be deleted or corrupted. 

What is required is an Unbreakable Backup solution that is able to create an immutable, object-locked format, and then takes it a step further by storing the admin keys in another location entirely for added protection. Additionally, the Unbreakable Backup solution should include policy-driven data integrity checks that can scrub the data for faults, and auto-heals without any user intervention. Ideally, it should also deliver high availability with dual controllers and RAID-based protection that can provide data access in the event of component failure. In deployment of such a solution, recovery of data will also be faster because RAID-protected disk arrays are able to read faster than they can write. With an Unbreakable Backup solution that encompasses these capabilities, users can ease their worry about their ability to recover — and redirect their time and attention to activities that more directly impact the organization’s bottom-line objectives.”

Brian Dunagan, Vice President of Engineering, Retrospect, a StorCentric Company (www.retrospect.com): 

“During National Insider Threat Awareness month we are reminded of the multitude of reasons a sound data backup strategy and proven solutions are critical. Given today’s economic and geopolitical climate it is a given that at some point virtually all organizations will suffer a successful cyber-attack be it from internal or external forces. Given this inevitability, it makes sense that the end customers I speak with, whether they are from private, public, or government organizations, are putting an increasing focus on their ability to detect and recover as quickly, cost-effectively and painlessly as possible. 

A backup solution that includes anomaly detection to identify changes in an environment that warrants the attention of IT is a must. Administrators must be able to tailor anomaly detection to their business’s specific systems and workflows, with capabilities such as customizable filtering and thresholds for each of their backup policies. And, those anomalies must be immediately reported to management, as well as aggregated for future ML/analyzing purposes.

Certainly, the next step after detecting the anomaly is providing the ability to recover in the event of a successful ransomware attack. This is best accomplished with an immutable backup copy of data (a.k.a., object locking) which makes certain that the data backup cannot be altered or changed in any way.”

Related Content

  1. Disaster Recovery Journal
    The Evolution of Cybercrime: From fire and theft to abduction and ransom
  2. Disaster Recovery Journal
    The Difference a Hurricane Can Make: The Change of Louisiana’s Emergency Preparedness Effort
  3. Disaster Recovery Journal
    Homeland Security in America: Past, Present, and Future

Recent Posts

Folio Photonics Expands Engineering Leadership Team with the Appointment of Greg Kittilson as Vice President of Engineering

February 7, 2023

Bright Data Appoints Gunja Gargeshwari as New Chief Revenue Officer

February 7, 2023

Spencer Health Solutions and Perigon Pharmacy 360 Announce Collaboration to Bring Innovative, In-Home Engagement Technology to High-Touch Pharmacy Care

February 7, 2023

Comtech Receives Additional Funding for U.S. Army Communications

February 7, 2023

ExtraHop Report Finds 78% of IT Leaders Agree XDR is a Necessity Despite Confusion

February 7, 2023

AlphaRTK Announces Free Educational RTK Access

February 7, 2023

Archives

  • February 2023 (312)
  • January 2023 (1391)
  • December 2022 (1144)
  • November 2022 (1595)
  • October 2022 (1574)
  • September 2022 (1571)
  • August 2022 (1581)
  • July 2022 (1365)
  • June 2022 (1711)
  • May 2022 (1651)
  • April 2022 (1618)
  • March 2022 (1924)
  • February 2022 (1549)
  • January 2022 (1472)
  • December 2021 (1446)
  • November 2021 (1835)
  • October 2021 (1777)
  • September 2021 (1697)
  • August 2021 (1661)
  • July 2021 (1566)
  • June 2021 (1768)
  • May 2021 (1666)
  • April 2021 (1798)
  • March 2021 (1907)
  • February 2021 (1038)
  • January 2021 (554)
  • December 2020 (30)
  • November 2020 (35)
  • October 2020 (48)
  • September 2020 (57)
  • August 2020 (52)
  • July 2020 (40)
  • June 2020 (72)
  • May 2020 (46)
  • April 2020 (59)
  • March 2020 (46)
  • February 2020 (28)
  • January 2020 (36)
  • December 2019 (22)
  • November 2019 (11)
  • October 2019 (36)
  • September 2019 (44)
  • August 2019 (77)
  • July 2019 (117)
  • June 2019 (106)
  • May 2019 (49)
  • April 2019 (47)
  • March 2019 (24)
  • February 2019 (37)
  • January 2019 (12)
  • ARTICLES & NEWS

    • Business Continuity
    • Disaster Recovery
    • Crisis Management & Communications
    • Risk Management
    • Article Archives
    • Industry News

    THE JOURNAL

    • Digital Edition
    • Advertising & Media Kit
    • Submit an Article
    • Career Spotlight

    RESOURCES

    • White Papers
    • Rules & Regulations
    • FAQs
    • Glossary of Terms
    • Industry Groups
    • Business & Resource Directory
    • Business Resilience Decoded
    • Careers

    EVENTS

    • Spring 2023

    WEBINARS

    • Watch Now
    • Upcoming

    CONTACT

    • Article Submission
    • Media Kit
    • Contact Us

    ABOUT DRJ

    Disaster Recovery Journal is the industry’s largest resource for business continuity, disaster recovery, crisis management, and risk management, reaching a global network of more than 138,000 professionals. Offering weekly webinars, the latest industry news, rules and regulations, podcasts, the industry’s only official mentoring program, a quarterly magazine, and two annual live conferences, DRJ is leading the way to keep professionals up-to-date and connected in an ever-changing world.

    LEARN MORE

    TWITTER

    Disaster Recovery Journal is the leading publication/event covering business continuity/disaster recovery.

    Follow us for daily updates @drjournal

    Newsletter

    The Journal, right in your inbox.

    Be informed and stay connected by getting the latest in news, events, webinars and whitepapers on Business Continuity and Disaster Recovery.

    Subscribe Now
    Copyright 2023 Disater Recovery Journal
    • Terms of Use
    • Privacy Policy