Sass, DavidAre there companies in the #CyberRecovery space?
You know, to help design processes and systems meant to be used after you suffer an extinction level #cyber incident.
#TableTopThursday You get a call during lunch that you all of your machines and servers on your L4 network were wiped clean by a threat actor.
What do you do next?
Jamie BoothFigure out what an L4 network is.
@jamie it is from the Purdue Model, basically your business IT network
https://en.m.wikipedia.org/wiki/Purdue_Enterprise_Reference_Architecture
Patrick C Miller :donor: (@[email protected])
German battery maker Varta halts production after cyberattack https://www.bleepingcomputer.com/news/security/german-battery-maker-varta-halts-production-after-cyberattack/
Ouch. I'm not familiar with the framework, but I also work at a manufacturing company and we have separation between IT/OT for that exact reason.
@jamie in that case, I believe your IT network is L4, and your OT network is L3 - if not L2
Yeah, we maintain a separation between IT, OT DMZ, OT with firewalls in-between.
And it mostly worked during our...unscheduled test.
@jamie cool.
So, how much would it cost to lose the IT network one day and how long would it take to recover? (don't answer it)
And what about business continuity? Would that be a significant disruption to the business?
Yes. That goes with our saying.