Disaster Recovery Journal Winter 2023

EDITOR’S NOTE : DCIG empowers the IT industry with actionable analysis that equips individuals within organizations to do supplier and product evaluations. DCIG delivers informed, insightful, third-party analysis, and commentary on IT technology. As industry experts, DCIG provides comprehensive, in-depth analysis, and recommendations of various enterprise data storage and data protection technologies. The views, thoughts, and opinions expressed in all Disaster Recovery Journal articles belong solely to the author. The information, product recommendations, and opinions in this article are based upon public information and from sources DCIG, LLC. believes to be accurate and reliable.

situation becomes particu larly problematic if an indi vidual inside the organization unknowingly helps facilitate the attack. Consider the recent attack on the MGM Resorts. Using a technique referred to as vish ing, a hacker called into the MGM Resorts support desk. This individual presented themself as an internal IT administrator who needed help remotely logging into its net work. Once the individual obtained login privileges, he or she had the necessary creden tials to perform administrative tasks. In doing so, they could bypass MGM Resorts’ cyber security perimeter defenses and render them partially or wholly ineffective. This instance represents only one example of an attack where a hacker may bypass existing cybersecurity perim eter defenses. Further, other such attack vectors exist. These show the danger of solely rely ing upon one’s cybersecurity perimeter for IT defenses. It also helps illustrate why organizations should create a cyber-secure DR infrastructure for their IT infrastructure.

this objective. It provides high-level guidance on how organizations may create such a cyber-secure DR infrastruc ture. However, organizations still must identify and map products and product features to this NIST Framework to successfully implement it. Assuming one’s organiza tion will eventually experience a cybersecurity attack seems almost fatalistic. An organiza tion may presume creating a cybersecurity perimeter around its production IT infrastructure will provide sufficient protec tion. Firewalls, anti-virus soft ware, and rigid security proto cols serve to limit and restrict access to production IT envi ronments. These techniques help to reduce the likelihood of a cybersecurity attack occur ring or succeeding if they do occur. However, recent attacks illustrate individuals outside or inside of the organization may participate in an attack. In worst-case scenarios, indi viduals both inside and outside the organization may work in concert with one another. This The Inevitability of a Cybersecurity Attack

Photo by J. Stoughton/NIST

The Role the NIST Framework Should Play in Creating a Cyber Secure DR Infrastructure By JEROME WENDT A ny organi zation irre spective of its size must acknowledge the reality of cybersecu rity threats. Further, no organization can or should assume it can completely secure its production environ ment against a cybersecurity attack. This puts the onus on organizations to create a cyber secure disaster recovery (DR) infrastructure so they can respond. The National Institute of Science and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity can help organizations achieve

14 DISASTER RECOVERY JOURNAL | WINTER 2023