Krebs will chair the firm’s nascent CISO Advisory Board, and one of his first responsibilities will be recruiting CISOs from across industries to participate and share their insights about cybersecurity threats and unmet needs.
“The idea is to get a representative cross-section of industry — different industries, different verticals, public, private — pulling together to get their experiences of both what they’re seeing out there in the wild, in the real world, helping form future products and market iterations, but also where they see the gaps — what is it that they wish they had,” Krebs told Government Technology.
The company serves public and private customers, with Rubrik CEO Bipul Sinha telling GovTech that 10 or more state governments use its platform.
The CISO Advisory Board will aim to “design best practices for combatting ransomware,” “advance innovation in cybersecurity” and help customers improve their cybersecurity postures, according to an announcement shared with GovTech. Krebs said that can include trying to understand what it takes to make cybersecurity solutions easier for different customer bases to use.
As chair of the board, Krebs will aim to recruit CISOs from critical infrastructure, financial services, health care and other sectors, per the announcement. Krebs did not guarantee that state and local government CISOs will be included but told GovTech that the board aims to get “the full spectrum of insight into the threat environment and product space” to help it meet the needs of both the public and private sectors.
RANSOMWARE RESILIENCE AND DATA RECOVERY
No one solution or strategy will keep an organization safe, and public and private entities need to layer on various kinds of defense and resiliency measures to reduce their risks.
Organizations can currently find a flurry of solutions available to help with areas like identity authentication and privilege access management — all important parts of ransomware defense — but fewer ones focused on helping them recover data should they fall victim, Krebs said.
“That is the last thing everybody talks about — ‘Oh, yeah, make sure you’ve got backups and the tapes and cold storage somewhere’ — that’s really the extent of the conversation,” Krebs said.
But those backups need to be secured against ransomware actors who may target them, in addition to victims’ primary systems.
“If they attack your backup system, then they really have you under control,” Sinha said.
Rubrik takes aim at the issue, in part by offering a solution for creating “immutable” backups, which cannot be updated, changed or deleted. This is intended to prevent hackers from encrypting or destroying that backup data, so that victims have something to turn to when trying to restore systems.
Of course, public agencies will have additional concerns to address as well. Boston CISO Greg McCarthy previously said that even those able to restore from backups may feel pressured to pay extortion to stop ransomware actors from leaking sensitive resident information.
DIGITAL TWINS AND OPERATIONAL TECHNOLOGY
Discussing the ransomware space, Krebs noted that operational technology-heavy industries like manufacturing can face particular challenges.
Updating and patching are another essential part of defending against cyber attackers, reducing the number of vulnerabilities that hackers might exploit. But these industries often cannot afford to take their systems offline for long, making it difficult to schedule updates.
Digital twins can help ease this pain, however. Organizations can practice the updating process on a virtual replica of their systems, allowing them to troubleshoot first and catch potential issues before then working with their actual systems, Krebs said.
“The digital twins environment gives you the ability to test all of that in a protected production environment — or quasi production environment — to ensure that everything works,” Krebs said. “If you get the equivalent of the blue screen and death, well, you can go back and you can check your math [and] you can run it again.”
