The Digital Operational Resilience Act (DORA), which sets requirements for the security of network and information systems in the financial sector, went into effect in Europe on Jan. 17 this year – and it’s had quite an impact on some businesses.
A large European insurance provider approached Hitachi Vantara after malware attacks raised compliance concerns. All of a sudden, they faced stiff penalties for non-compliance under DORA.
BJ Deonarain, technical manager for cyber resilience at Hitachi Vantara, says once they were called in, his team found gaps in governance and control within the company’s information security management system and overall security technology stack.
Deonarain says upon studying the company’s disaster recovery plan, they found it could not meet its recovery point objective (RPO) or the recovery time objective (RTO). An RPO refers to the maximum acceptable amount of data loss; while RTO is the maximum acceptable time to restore operations after a disruption.
Along with not being able to meet minimum disaster recovery requirements under DORA, the Hitachi Vantara team found that a lack of operational efficiency and board cybersecurity oversight created network vulnerabilities.
The Solution
Deonarain’s team started by doing a security posture assessment based on NIST and DORA standards to identify vulnerabilities. They then developed a defense and recovery strategy implementation, as well as an incident response strategy and MDR monitoring.
One big issue they identified: the insurance provider had petabytes of data, but no effective way to archive it.
Because Hitachi Vantara operates all over the world, Deonarain said they could offer the insurance provider a series of global security operations centers (SOCs) to manage all the data.
Now, a SOC in Switzerland, a second one in Montreal, and a third site in Guinea manage the data 24x7 via a security information and event management (SIEM) system.
“We also now do annual pentests on these systems in a five-year agreement,” explains Deonarain. “While we manage the first 18 months, the next three 6-month segments go to other third parties, and we finish it up for the last 18 months. It mitigates the risk for us to switch off the pentests with other service providers.”
Hitachi Vantara’s goal: offer the customer “always recoverable” data via the following:
- Hitachi Vantara Cyber Vault: An isolated, secure storage area for backups, designed to protect against ransomware and other cyber threats by ensuring data integrity and rapid recovery.
- Archive-as-a-Service: A managed service that lets businesses offload their data archiving and retention needs to Hitachi Vantara.
- Hitachi Vantara VSP One Hybrid Cloud Storage: Integrates on-premises storage with cloud environments.
Results
Deonarain says this combination of technologies delivered these results:
- Lab-validated environment recovery in 30 minutes.
- Enhanced security posture; remediated critical weaknesses and active supply chain flaws.
- Deployed threat monitoring and identified vulnerabilities for remediation and patching.
- Implemented ongoing security posture assessments and testing.
Learn More
Watch the webinar “Building Cyber Resilience: From Threat Assessment to Recovery” to learn more about how Hitachi Vantara solutions can help you protect your customers from the latest cyberthreats and maintain operational resilience.