当前位置:首页 > 报告详情

OCI 中的勒索软件防御:有效控制和策略 [PAN1807].pdf

上传人: Fl****zo 编号:970926 2025-11-08 27页 2.63MB

1、 PAN1807-Defending Against Ransomware in OCIEffective Controls and StrategiesTal AltmanDirector,Network Specialists and Security ProgramsOracle North America CloudOctober 15,2025PresentersCopyright 2025,Oracle and/or its affiliates|Confidential:Internal/Restricted/Highly Restricted2Tal AltmanDirecto

2、r,OCI Networking Specialists and Security Programs,OracleGary AskewField Chief Information Security Officer,OracleRajesh PhiliposDirector,Global Technology,TriNet USA,Inc.Mike BarnettPrincipal Program Manager,TriNet USA,Inc.Oracle AI World 25 Agenda title3Copyright 2025,Oracle and/or its affiliates|

3、Confidential:Internal/Restricted/Highly Restricted123Introducing OCI Cyber Resiliency ConceptsCyber Resiliency Architecture and AssessmentsTriNets Cyber Resiliency JourneyIntroduction to Cyber Resiliency ConceptsGary AskewCyber Resiliency and Disaster RecoveryAre Not the SameCyber Resiliency is not

4、just standard backup with DR.-It must include enhanced data integrity checking at each phase of the backup and recovery process.Assume Breach.-It must have enhanced“separation of duties”architected into the tech and process.-It must have administrative,logical and virtual physical(Administrative Air

5、gap)separation from the primary backup and recovery infrastructure.-Structured data must support single transaction level backup and recovery.-Recovery data must be accessible and leverage incremental recovery,based on RTO/RPO,to a protected environment that can be quickly built into an alternate pr

6、oduction site.5Copyright 2025,Oracle and/or its affiliates|Confidential:Internal/Restricted/Highly RestrictedThe Cyber TriadCopyright 2025,Oracle and/or its affiliatesCyber SecurityDisaster RecoveryPowered ByCore Landing ZoneOCI MAP Foundations ProgramOCI CRA Foundations ProgramCyber ResilienceOCI F

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据《Defending Against Ransomware in OCI: Effective Controls and Strategies》的内容,以下是全文关键点: 1. **网络安全概念**:网络安全不仅仅是备份和灾难恢复,它包括数据完整性检查、职责分离、物理和逻辑隔离,以及支持单事务级别的备份和恢复。 2. **网络安全三要素**:网络安全、灾难恢复和核心着陆区共同构成了网络安全架构。 3. **网络安全架构(CRA)**: - **不可变性**:包括结构化和非结构化数据以及存储策略。 - **零信任**:涉及增强的IAM和网络分段。 - **威胁检测**:包括内部行为者的识别和减少停留时间。 - **备份和恢复操作**:包括数据损坏识别和自动化恢复过程。 4. **TriNet的网络安全之旅**:TriNet通过建立独立的、受保护的、隔离的环境作为恢复站点,并使用不可变的、隔离的备份存储来确保数据完整性和安全性。 5. **恢复时间目标(RTO)和恢复点目标(RPO)**:RTO衡量从勒索软件攻击到恢复能力的恢复时间,而RPO衡量从最近的、有效的备份到勒索软件攻击的数据丢失时间。
"如何打造企业网络安全防线?" "OCIAI如何助力数据备份与恢复?" "三步走,企业如何应对网络攻击?"
客服
商务合作
小程序
服务号
折叠