Barbasol ft. Bryon Singh, RailWorks Corporation

Barbasol ft. Bryon Singh, RailWorks Corporation

By Steve Gold
Posted in Security
On March 26, 2024

Jurassic Park demonstrated isolation both in the literal sense, with the park being located on an isolated island, and in the operational sense, where different systems within the park are designed to function independently to prevent cascading failures. This dual approach to isolation is mirrored in the cybersecurity best practice of creating isolated instances of recovery data.

The film underscores the consequences of system failures and the lack of adequate isolation measures, particularly when Dennis Nedry, the park's IT architect (played by Wayne Knight of Seinfeld stardom), disables critical systems and uses a modified can of Barbasol to steal dinosaur embryos from the park. This act of sabotage leads to a catastrophic failure of the park's containment measures, demonstrating the dire consequences of not having robust, isolated backup systems in place.

The chaos in "Jurassic Park" serves as a vivid metaphor for the importance of isolated recovery environments in IT. Just as the park needed isolated systems to contain and manage the dinosaurs safely, organizations must establish and maintain isolated instances of recovery data to ensure business continuity and data integrity in the event of a cyberattack or system failure.

CIS Safeguard 11.4 significantly strengthens organizational resilience by mandating the maintenance of a separate, isolated instance of recovery data. This isolated backup acts as a vital lifeline in the event of cyberattacks, preventing data loss and minimizing downtime. It is particularly crucial in combating ransomware where attackers often target backups. By keeping backups segregated, organizations ensure they have uncompromised data for restoration. Additionally, this safeguard facilitates compliance with various data protection regulations like GDPR and HIPAA, which require robust backup and recovery measures.

Best Practices for Implementation:

  • Segregation: Ensure that the isolated instance of recovery data is physically or logically separated from the production environment to prevent cross-contamination in the event of a breach.
  • Encryption: Implement robust encryption mechanisms to protect the confidentiality of backup data, both during storage and transmission.
  • Regular Testing: Conduct periodic testing and validation of the recovery process to verify the integrity and effectiveness of the isolated backup environment.
  • Access Controls: Restrict access to the recovery data to authorized personnel only, and implement strong authentication measures to prevent unauthorized access.

Here’s a link to the Data Recovery Policy Template provided free of charge from the fine folks at the Center for Internet Security: https://www.cisecurity.org/insights/white-papers/data-recovery-policy-template-for-cis-control-11

Here are some details on this specific Control/Safeguard.  If you want more detail, DM me.

CIS Control 11 – Data Recovery

Establish and maintain data recovery practices sufficient to restore in-scope enterprise assets to a pre-incident and trusted state.

Implementation Group 1

CIS Safeguard 11.4 - Establish and Maintain an Isolated Instance of Recovery Data

Establish and maintain an isolated instance of recovery data. Example implementations include version controlling backup destinations through offline, cloud, or off-site systems or services.

Steve Gold

Steve Gold

Steve Gold is the Cybersecurity Practice Director at Gotham Technology Group (Gotham). He is responsible for providing the vision and thought leadership to expand Gotham’s legacy of success and build a world-class cybersecurity practice. He works closely with Gotham’s customers, industry partners, and subject matter experts to develop relevant solutions for Gotham’s clients and prospects.

Prior to joining Gotham, Steve worked with the Center for Internet Security (CIS), where he expanded the global reach, revenue, and impact of the CIS Benchmarks, CIS Controls, and CIS Hardened Images. He led the efforts to promote the CIS portfolio of low-cost and no-cost cybersecurity products and services that help private and public organizations stay secure in the connected world. He grew a team of security specialists from 12 to over 40 to assist organizations with implementing security best practices in their continual journey of cybersecurity maturity.

During his more than 20-year career, Steve led teams responsible for developing and implementing technology solutions at some of the industry’s most recognized companies such as Varonis, VMware, Dell & Wyse Technology

Steve is a frequent speaker/moderator at industry conferences and webinars, covering a wide array of information security topics. He resides and works remotely in Baltimore, MD.