[Music] hi everyone I'm Paul Chilton I'm a cyber resilience expert here at net apppp I'm here to talk to you today about how to protect your net app ontap environment from a ransomware attack now one of the things that a lot of people have not considered is just how expensive a ransomware recovery could be if you look at the chart I have up here over the past few years the cost of recovery from a ransomware attack has been growing and this is in the millions and keep in mind that this is just thecost of lost business and the cost to recover this does not include the companies that actually paid the ransom wear or paid the ransom rather so keep that in mind it's very expensive it's far better to protect yourself from an attack to begin with and avoid it totally or be able to recover quickly from it than to end up having to deal with this kind of cost by the way onethird of attacks are due to unpatch vulnerabilities this would an example of this would be that you maybe you learn about a set of security patches that are released in an upcoming OS release for some of your critical servers and instead of rolling them in right away you try to schedule the downtime several months out in order to put those patches in place during that month when those several months you're exposed and that vulnerability could be uh a way that an attacker gets in so the story there is as soon as those patches come out roll them in as fast as you can like I said it's far better to take a planned outage than an unplanned one and attackers are smart and theywant to get paid they're Ransom so as soon as they get in the first thing they're going to look to do is to see if they can disable your backups and in fact 90plus perc of the time attackers have targeted backups if they could so making sure that your backups are um inplace and protected and secure is just as important as securing your production data now many of you may be um in a situation where you have yourdata and your infrastructure on in on premises data center but you also have some of it in the public cloud and you're tying all that together in a hybrid Cloud so making sure that your security and protection and your hardening are all in place across your entire hybrid cloud is super important don't forget get how long it might take to recover from a ransomware attack and this is really tied to the recovery costs you can see that the most common time frame that it took to recover from a ransomware attack was one month and that's a significant amount of time if you envision that let's say a substantial part of your business or maybe all of your business is down for an entire month you know depending on your vertical in your business that could be anywhere from tens of thousands of dollars to Millions ions or even billions of dollars so that's a significant recovery time so again that gets back to making sure that you close up the uh loopholes and take care of the low hanging fruit right away now speaking of that one of the first things you can do is to assess your business criticality now at net app we have anode charge Workshop that we offer to help you assess your criticality it's kind of like a business impact analysis uh to get you moving down the road to uh determine which applications are most critical to your business to make sure that they're protected appropriately so that's your first stepnow also uh Neta takes a zero trust approach and we recommend that you do as well and what that does is it says only provide um access to data to those who absolutely need it not just to an entire group now from the standpoint of the zero trust approach you want to identify First you want to protect and you want to detect then you want to respond and you want to recover so net app has aligned a set of tools that align to each of these steps in your methodology to protect yourself from ransomware Attack blue XP classification is one so it helps classify your data at the file system level to understand the type of data you have uh data that might be sensitive data that might be critical to the environment and data that might not be well protected from a permission standpoint then to for protection purposes blue XP backup be able to back up your data from a one pane of glass to make sure your backups are in place they're also replicated to an off-site facility so that they're protected maybe even air gapped then for detection purposes blue XP observability so that's critical to have the observability to your infrastructure this tool looks at the infrastructure layer to see what the health of that layer is and to keep tabs onthat to look for things that have changed then finally if you need to respond to an attack that or an attacker that's attempting to get into your environment Blu XP security so Blu XP security monitors your environment looks for an attacker coming in takes some precautions and also uh prevents the attacker from having further access and then finally if you do get attacked you need to recover blue XP recovery is the other side of the blue XP Backup Tool to allow you to quickly and easily be able to recover from a backup identify which backup you need to utilize now uh finally we know that it's not a question of if you're going to get attacked it's a question of when you're going to get attacked um all the number of attacks that are happening are becoming more and more numerous so as a result netup has developed a program called the ransomware recovery guarantee program and what we guarantee with that is that you will be able to recover your data in a reasonable amount of time um and in order to ensure that you're able to recover and have the expertise that you need to be able to recover quickly you should also consider our netup Professional Services ransomware protection and Recovery Service so thisis a service that covers the entire gamut that you see over here of identification protection detection response and Recovery we also have other services that recover compon that align to components of that process as well in case you don't feel like you need the coverage across the entire gamut there but just keep in mind while this does cost um a little bit of um of dollars in order to have that service come and help you um the amount of cost that you're going to have in terms of recovery time and ransomware Recovery costs are likely to be a lot more so it's worth having the expertise alongside to help you so I hope that you found this informative today and um I appreciate uh the time here and excited to talk to you about how to protect your net app environment from a ransomware attack thank you