Ransomware and supply chain hacks have become threats to organizations globally. Cyber risk puts pressure on organizations to focus on end-to-end security, from the silicon root of trust all the way up the tech stack.

This reality was brought to the forefront recently with a supply chain compromise at 3CX, provider of voice-over-IP unified communication tools. When a 3CX employee unwittingly downloaded a malware-infected app, the infection infiltrated 3CX’s own desktop application that spread to customers.

Events such as these bring to light the reality of modern cyber warfare, particularly when ransomware is involved. The legal ramifications of a victimized enterprise paying ransoms vary across countries and are altogether illegal in some regions. Even worse, paying a ransom is no guarantee of lost data being recovered, and if cyberattackers have already sold or distributed the stolen data, paying a ransom is rendered useless.

These hot button topics will be on the agenda when theCUBE, SiliconANGLE Media’s livestreaming studio, hosts “Navigating the Road to Cyber Resiliency” event, made possible by Dell Technologies Inc. On May 16 at 9 a.m. PT, the enterprise community will gather to hear from Dell Technologies’ Rob Emsley, head of data protection and cyber resiliency marketing, and Jim Shook, director of cybersecurity and compliance practice. Daniel Newman, chief analyst of Futurum Research, chief executive officer of the Futurum Group and a top industry expert, will also join the conversation. (* Disclosure below.)

Generative AI — A two-edged sword

The rise of generative artificial intelligence through rapidly-adopted tools, such as OpenAI’s ChatGPT, is adding new elements of concern in the security community. While the language-based ChatGPT offers a powerful way for a much wider audience to use AI, there is also a realization that threat actors will likely find a way to use the technology as well.

Security researchers have recently noted that although ChatGPT will refuse to generate ransomware attacks on demand, when the steps to create such an intrusion are fed into the AI platform, an attack can still be created. Although evidence that attackers are actively using the tool is scant, the security community is fully aware it is only a matter of time before the technology becomes more widely deployed in the threat landscape.

This scenario makes the implementation of practices such as zero trust even more urgent. In mid-April, Dell announced it would bring together more than 30 leading technology and security companies to help private and public sector organizations simplify zero-trust adoption.

“Navigating security is like trying to make your way through a high-stakes labyrinth,” said Herb Kelsey, security strategy program lead at Dell, in a statement accompanying the zero-trust announcement. “There are so many different, complicated passageways that make it hard to reach your destination. Zero trust can help ease this journey.”

Focus on backup and recovery

Along with zero trust, organizations must ensure that backup and recovery for data protection are front and center on the IT priority list. Supply chain hacks, such as the 3CX example, offer ample evidence that disruption can come from any direction and enterprises have to be prepared.

Air-gapping and immutability are two key techniques in data protection. An air-gapped copy of critical data placed in storage infrastructure unavailable through an external connection provides a measure of resiliency in the event of a major breach or ransomware attack where valuable information could be compromised. 

Immutability offers a method in which data can only be written, not modified or deleted. It is a part of Dell’s PowerProtect Cyber Recovery solution that protects backup data from alterations further layering defenses.

“Our Cyber Recovery Vaulting technology is independent of the backup infrastructure,” said Emsley, in an interview with SiliconANGLE. “It uses it, but it controls its own security; that is so important. It’s like having a vault that the only way it’s open is from the inside.”

TheCUBE event livestream

Don’t miss theCUBE’s coverage of Dell’s “Navigating the Road to Cyber Resiliency” event on May 16. Plus, you can watch theCUBE’s event coverage on-demand after the live event.

How to watch theCUBE interviews

We offer you various ways to watch theCUBE’s coverage of Dell’s “Navigating the Road to Cyber Resiliency” event, including theCUBE’s dedicated website and YouTube channel. You can also get all the coverage from this year’s events on SiliconANGLE.

TheCUBE Insights podcast

SiliconANGLE also has podcasts available of archived interview sessions, available on iTunes, Stitcher and Spotify, which you can enjoy while on the go.

SiliconANGLE also has analyst deep dives in our Breaking Analysis podcast, available on iTunes, Stitcher and Spotify.

Guests

During the event, theCUBE will be talking with Daniel Newman, chief executive officer of The Futurum Group, and Dell’s Rob Emsley, head of data protection and cyber resiliency marketing, and Jim Shook, director of cybersecurity and compliance practice at Dell Technologies Inc.

Image: SiliconANGLE