Cyber resilience is the result of business, security, and IT coming together to develop an integrated strategy and roadmap that aligns cyber security and business continuity. Its goal is to transform business expectations and guarantee the business less than significant impact from a cyber-attack.

To achieve this, organizations need to invest in developing and maturing a recovery program that can be reliably called upon it to bring back their business in the event of an attack.

5 ELEMENTS OF CYBER RECOVERY PROGRAM MATURITY AND ACHIEVING INCREMENTAL OUTCOMES

1. Organizations need to utilize technology purpose-built for recovering from a cyber-attack. The latest cyber recovery technologies are designed to address common threat vectors and create an effective cyber vault to protect enterprise data by creating isolation and additional hardening features, such as air-gapping and immutable storage, alongside automation to maintain process integrity and minimal user intervention.

2. Modern malware is a major challenge for organizations due to its sophisticated nature and intent to remain inconspicuous allowing the hackers to go unnoticed until they are ready to strike with force and cause widespread damage. They are known to leverage zero-day vulnerabilities to access and spread the infection, because its signature is not known, and it easily bypasses the traditional security defenses. Continuously analyzing data and analyze behavioral patterns using AI/ML based security analytics tools increases the likelihood of finding indicators of compromise and take proactive action to neutralize the infection before an attack is launched.

3. Developing a recovery processes is critical in operationalizing cyber recovery technologies and being ready for a recovery effort. This process must be tied tightly to recovering the most critical data first and should be documented in a runbook to ensure repeatability. Without careful planning and runbooks, most organizations may not survive a major interruption to the operation of their business, regardless of how mature their technology implementations are. Developing a recovery runbook also acts as a forcing function to identify gaps in current recovery process, people and skills.

4. To deliver business recovery at speed and scale, it’s imperative to mature the cyber recovery program of the organization, tightly aligning recovery procedures with the criticality of specific business processes or application to normal business operations. This enables the core functions of the business to get back up and running as quickly as possible. This is usually a challenging effort because it relies on a deeper understanding of interdependencies of applications and respective data, configuration management and availability of infrastructure resources. While individual application recovery is achievable through runbooks, we find that incorporating an automation strategy is critical for mass recovery. In the case of cyber it is especially important due to the iterative nature of recovery which includes initial recovery, performing forensics and damage assessment and remediation before data can be returned to production.

5. Full cross-functional enablement of the recovery capability further integrates with organization-wide incident response plans and ensures complete adoption and readiness to execute a recovery. Security and business continuity are a shared responsibility and during widespread cyber-attack where applications, network, systems data are compromised, it requires a cross-functional organization to participate in the recovery efforts.

We’re also seeing many customers interested in having some of their cyber resilience initiatives managed for them to reduce risk and improve security operations. A centralized security operation streamlines threat intelligence, detection and response services. In addition to providing 24×7 operations, MSSPs have a wider view of global cyber threats landscape and bring unique insights. Organizations can redirect their resources that have deep institutional knowledge to high value business recovery operations while the provider can help with incident response, coordination and infrastructure recovery.

Integration of these critical technologies and processes enable organizations build their cyber resilience by knowing they have a “last line of defense” and can recover, should they fall victim to an attack.

HOW TO START A CYBER RECOVERY STRATEGY:

There are a few different activities which are great places to start in building your recovery strategy. One is to conduct a current state analysis to establish a baseline and determine areas to invest in. There are a few ways to achieve this, which include a program maturity analysis or a Business Impact Analysis. Both provide different analyses but will help identify specific activities to prioritize.

Another great place to start is with a well-known industry framework to ensure you’re properly evaluating and designing your cyber recovery plans. The NIST Cybersecurity Framework is one that’s been chosen by many organizations because its holistic view and in-depth recommendations.

Author: Arun Krishnamoorthy, Global Strategy Lead for Resiliency and Security, Dell Technologies

Source: https://www.dell.com/en-us/blog/cyber-resilience-5-core-elements-of-a-mature-cyber-recovery-program/

FOR A FREE CONSULTATION, PLEASE CONTACT US

Benchmark your application strategy with data. Read this ASR survey of IT decision makers about adoption of containers and Kubernetes.

Application containerization—packaging software to create a lightweight, portable, consistent executable—delivers technical and business advantages over conventional delivery methods. Containerized apps are quickly deployable for easy scaling, run in diverse environments and offer security advantages thanks to their isolation from other software. In combination with orchestration software such as Kubernetes, containers can also be centrally dispatched, managed and scaled for IT agility.

In September 2021, Dell commissioned Aberdeen Strategy and Research (ASR) to survey hundreds of IT decision makers with experience in choosing or deploying containers. The goal was simple, to better understand how and why containers and Kubernetes are being deployed at mid-size as well as larger enterprises, assess container-related performance advantages and uncover challenges associated with Kubernetes and container environments. The survey found that on average over 50% of applications are containerized.

Among the use cases for container adoption highlighted in the results are the expected drivers of application development and testing. Other interesting drivers include server consolidation, multi-cloud capability and automating the pipelines from application code to production environments. Interestingly, the survey highlighted the fact that the deployment of third-party applications and services is cited as a driver more frequently than the in-house development of custom applications. Even for organizations that do little more than tie together existing applications with lightweight scripts or use off-the-shelf applications, containerization offers logistical benefits.

It should be no surprise that security, time-to-market, improved deployment capabilities and driving efficiencies are cited as key drivers by respondents to this survey. Also, some common inhibitors to adoption were cited including enabling technology that is too complex to justify the effort, uncertainty around security capabilities, lack of internal know-how and fear of spiraling costs.

Application deployment trends found by the survey show that while container adoption is widespread, virtual machines continue to lead as the deployment mechanism for applications. This points to the need for a pragmatic approach to enterprise architectures that assumes the co-existence of VMs and containers for the foreseeable future. Furthermore, organizations cited the strong need for support for both public cloud and private cloud deployment options with a hybrid approach being pursued by over two-thirds of surveyed organizations.

Original research like this is a great way to benchmark how your IT strategy aligns with industry trends. Please read the executive summary of the results and also reference the infographic summarizing how Dell Technologies and VMware solutions provide a pragmatic approach for container adoption.

Author: Bob Ganley, Dell Technologies Cloud Product Group

Source: https://www.dell.com/en-us/blog/container-adoption-trends-why-how-and-where/

FOR A FREE CONSULTATION, PLEASE CONTACT US.

We are a leading technology solutions provider that helps organisations to digitally transform their business. With PAN India presence, supported by 200+ certified committed professionals, we design and implement IT infrastructure solutions to deliver cost-effective, agile and scalable solutions to meet our customer’s present as well as futuristic needs. Recently, we have been recognized by the World HRD Congress as one of the Dream Companies to work for under IT/ITES category and were awarded this prestigious award at the 30^th Edition of the World HRD Congress & Awards in Mumbai on 23rd March 2022.

The World HRD Congress recognizes organizations who have demonstrated excellence and innovation in the field of IT/ITES. The goal of the World HRD Congress is to provide a platform showcasing dream companies that individuals can work for in various industries. The nominations are evaluated by an eminent jury comprising of senior professionals based on pre-defined criteria and go through a rigorous six-step process from receiving the entries to the final rankings and includes a presentation by the short-listed companies on innovative HR practices, company values, work culture, CSR and more. You can check out the link for more details about the ranking and awards at http://dreamcompaniestoworkfor.org .

We received the award for ensuring employee happiness & satisfaction along with job security and clear road maps and avenues for growth. We have always strived to provide an environment for innovativeness where everyone has a responsibility and ownership to continuously improve what they are doing.

While expressing pride and happiness over the recognition, Mr. Anoop Pai Dhungat, Managing Director, stated “This is a important milestone for us and we will continue to invest our management time and focus on creating a highly committed workforce and delivering great value to our customers. We strive to keep up the good work by our HR team and continue to improve our workplace culture for the future and move towards being a great organization.”

Looking ahead in line with the Company growth story we are looking at a overall headcount growth rate of 20 percent during the year. We also believe in selecting talent from campus and grooming them in various areas of technology and operations. Each year over the past three years, this has been one of our areas where our hiring has focused on.

Most organizations realize that application modernization is essential in order to thrive in the digital age, but the process of modernizing can be highly complex and difficult to execute. Factors such as rapidly growing application volume, diversity of app styles and architectures, and siloed infrastructure can all contribute to the challenging nature of modernization. To add to this complexity, there are multiple ways to go about modernizing each individual application. Depending on business and technical goals, you may opt to lift-and-shift some apps, while containerizing or even refactoring others. Either path then results in varying degrees of time commitments, app performance, and ultimately, comparing the level of effort needed to meet an organization’s anticipated return on investment.

THE FIVE R’S

The Five R’s are a set of common modernization strategies that organizations can use when moving applications to modern infrastructure and cloud native application platforms. The first step to efficiently modernizing your application portfolio is to determine the best strategy for each app based on business needs and technical considerations (e.g., how much effort will be involved in modernizing the application and the target infrastructure platform for the app).

Refactor
Refactoring refers to making significant source code changes to the application (rewriting the application or service), typically using cloud native technologies such as microservices and application programming interfaces (APIs)s. While the process can be complex and laborious, this strategy actually provides the most benefit for high-value systems and applications that require frequent updates and innovation.

Replatform
Replatforming involves containerizing an application and moving it to a Kubernetes-based platform. There may be small code changes needed to take advantage of the new environment. This strategy is commonly implemented when moving applications running on virtual machines (VMs) to container-based apps running on a modern app platform or public cloud infrastructure.

Rehost
Rehosting refers to changing the infrastructure or operation of an application without changing the application itself. This is often done to gain the cost benefits of the cloud when the rate of change to an application is low and wouldn’t benefit from refactoring or replatforming.

Retain
Retaining involves optimizing and retaining an application as-is. This strategy might be used when there is data that can’t be moved, or a modernization that can be postponed.

Retire
Retiring is when a traditional application is no longer used or replaced with an off-the-shelf software-as-a-service (SaaS) offering.

THE RELATIONSHIP BETWEEN TIME AND VALUE IN YOUR APP MODERNIZATION STRATEGY

In most cases, the higher the business value of an application, the greater potential benefit there is to undergo more change. By refactoring primarily business-critical and high-value apps, you can maximize your team’s precious time while prioritizing the applications that have the most to gain from more flexible architectures and scalable infrastructure. Applications that remain unchanged for long periods of time and don’t hinder your company’s ability to innovate don’t need to be rewritten. When the goal is to increase IT efficiencies and decrease IT costs for apps requiring infrequent updates, you’ll be better off rehosting or replatforming these applications.

HOW TO ASSESS AND DISPOSITION YOUR PORTFOLIO

The main factors that play a critical role in a successful and actionable modernization strategy fall into three categories: technical, business, and organization/people. VMware helps organizations jumpstart app portfolio modernization by analyzing and prioritizing these considerations and more through service engagements like VMware App Navigator in our Rapid Portfolio Modernization program. By assessing and dispositioning your application portfolio, you can determine which of the Five R’s will be the best course of action for each of your apps.

For technical factors, consider variables such as application framework and runtime, architecture design, dependencies, and integrations. Tools such as Application Transformer for VMware Tanzu and our Cloud Suitability Analyzer can help streamline this discovery and analysis. For business factors, consider elements like business criticality, licensing costs, and time-to-market factors. For organizational and people factors, consider domain expert availability, organizational and team structure, and calendar dependencies.

Ultimately, there are lots of facets to consider when deciding the best course of action for each application in your portfolio. But, by leveraging this framework with VMware as your partner, you can standardize and simplify your strategy to efficiently assess and disposition your portfolio.

LANDING ZONES

Once you have determined which apps you want to refactor, replatform, and rehost, where do these apps go after they’re modernized? We call the new target infrastructure “landing zones,” which may include some combination of on-premises, public cloud(s), Kubernetes, VMs, platform as a service (PaaS), and bare metal. Because of the dynamic nature of applications and the complexities of enterprise IT budgets, choosing the right landing zones is rarely as simple as just identifying the least expensive option.

To determine the best landing zones for your apps, consider factors like data gravity, developer experience, potential cloud exit strategies, and implications to the mainframe.

HOW TO GET STARTED

We’ve established what the Five R’s are, the relationship between effort to change and expected value in app modernization, app disposition strategies, and how to decide on the right landing zones. But how do you get started on this app modernization path? Here’s a guideline:

Get Buy-in: make sure all the stakeholders for an application are brought into the modernization effort.

Set Expectations: provide as much visibility as possible into the time and effort that a modernization project will require. Avoid over-promising and under-delivering.

Restructure when Needed: prepare for your organizational structure to evolve as modernization efforts advance. Pay attention to how other companies have organized, but don’t just assume the same approach will work for you.

Prioritize Your Portfolio: analyze your applications and divide them under the Five R’s: refactor, replatform, rehost, retain, retire.

Look for Patterns in Your Portfolio: identify commonalities among your applications, looking for architectural technical design similarities.

Choose the Right Starting Point: pick one or a few small(ish) projects that will help you start on the right foot in terms of building skill, momentum, or both. Or, focus on one or a few groups of similar applications, selecting a representative application in each group to start with.

Make Smart Technology Decisions: don’t choose a set of technologies simply because it’s what the “cool kids” are using. Make sure your choices are right for your organization.

Break Down Monoliths: plan carefully to decompose monolithic applications into more manageable pieces without worrying about satisfying any cloud native purity tests.

Pick Platforms Pragmatically: base cloud and platform choices on the needs and capabilities of your organization.

Interested in following this guideline? VMware’s Rapid Portfolio Modernization program brings automated tooling and proven practices to execute upon each of these steps in a seamless and effective way.

Ultimately, the best app modernization path is one that aligns with your business goals, can produce results quickly, and is agile enough to evolve along with demands. The Five R’s provide you with a framework to best disposition your apps in a way that reduces the overwhelming nature of app modernization.

Want to learn more about how to kickstart your application modernization efforts? Check out our eBook A Practical Approach to Application Modernization.

Author: VICTORIA WRIGHT

Source: https://tanzu.vmware.com/content/blog/the-five-rs-of-application-modernization

FOR A FREE CONSULTATION, PLEASE CONTACT US.

Enterprises can use these methods to move from proof-of-concept to a production edge platform that delivers a competitive advantage.

In enterprise IT circles, it’s hard to have a conversation these days without talking about edge computing. And there’s a good reason for this. “The edge” is where businesses conduct their most critical business. It is where retailers transact with their customers. It is where manufacturers produce their products. It is where healthcare organizations care for their patients. The edge is where the digital world interfaces with the physical world – where business critical data is generated, captured, and, increasingly, is being processed and acted upon.

This isn’t just an anecdotal view. It’s a view backed up by industry research. For example, 451 Research forecasts that by 2024, 53% of machine- and device-generated data will initially be stored and processed at edge locations. IDC estimates that, by 2024, edge spending will have grown at a rate seven times greater than the growth in spending on core data center infrastructure. In a word, this kind of growth is enormous.

WHY EDGE?

What’s behind the rush to the edge? The simplest answer to that question is that business and IT leaders are looking for every opportunity they can find to achieve a competitive advantage. Eliminating the distance between IT resources and the edge achieves several different things:

• Reduced latency– Many business processes demand near real-time insight and control. While modern networking techniques have helped to reduce the latency introduced by network hops, crossing the network boundaries between edge endpoints and centralized data center environments does have some latency cost. You also can’t cheat the speed of light, and many applications cannot tolerate the latency introduced by the physical distance between edge endpoints and centralized IT.
• Bandwidth conservation– Edge locations often have limited WAN bandwidth, or that bandwidth is expensive to acquire. Processing data locally can help manage the cost of an edge location while still extracting the maximum business value from the data.
• Operational technology (OT) connectivity– Some industries have unique OT connectivity technologies that require specialized compute devices and networking in order to acquire data and pass control information. Manufacturing environments, for example, often leverage technologies such as MODBUS or PROFINET to connect their machinery and control systems to edge compute resources through gateway devices.
• Business process availability– Business critical processes taking place in an edge location must continue uninterrupted – even in the face of a network outage. Edge computing is the only way to ensure a factory, warehouse, retail location, or hospital can operate continuously and safely even when it is disconnected from the WAN.
• Data sovereignty– Some industries and localities restrict which data can be moved to a central location for processing. In these situations, edge computing is the only solution for processing and leveraging the data produced in the edge location.

As companies implement edge computing, they are moving IT resources into OT environments, which are quite different from the IT environments that have historically housed enterprise data. IT teams must adapt IT resources and processes for these new environments.

Let’s talk about the state of many edge implementations today and how to optimize your path forward.

MOVING BEYOND PROOFS OF CONCEPT (POCS)

The process of implementing and operating edge computing isn’t always straightforward. Among other things, edge initiatives often have unclear objectives, involve new technologies, and uncover conflicting processes between IT and OT. These challenges can lead to projects that fail to move from the proof-of-concept stage to a scalable production deployment.

To help organizations address these IT-OT challenges, the edge team at Dell Technologies has developed best practices focused on moving edge projects from POCs to successful production environments. These best practices are derived from our experience enabling IT transformation within data center environments, but they are adapted to the unique needs of the edge OT environments. To make this easy, we have distilled these best practices down to three straightforward recommendations for implementing edge use cases that can scale and grow with your business.

1. Design for business outcomes.

Successful edge projects begin with a focus on the ultimate prize — the business outcomes. To that end, it’s important to clearly articulate your targeted business objectives upfront, well before you start talking about technology. If you‘re in manufacturing, for example, you might ask if you want to improve your production yields or to reduce costs by a certain amount by proactively preventing machine failure and the associated downtime.

Measuring results can be difficult when you are leveraging a shared infrastructure, especially when you are trying to look at the return on investment. If your project is going to require a big upfront investment with an initial limited return, you should document those business considerations and communicate them clearly. Having specific business goals will enable you to manage expectations, measure your results as you go, and make any necessary mid-course corrections.

2. Consolidate and integrate.

Our second recommendation is to look for opportunities to consolidate your edge, with an eye toward eliminating stove-piped applications. Consolidating your applications onto a single infrastructure can help your organization realize significant savings on your edge computing initiatives. Think of your edge not as a collection of disconnected devices and applications, but as an overall system. Virtualization, containerized applications, and software-defined infrastructure will be key building blocks for a system that can enable consolidation.

Besides being more efficient, edge consolidation also gives you greater flexibility. You can more easily reallocate resources or shift workloads depending on where they are going to run the best and where they are going to achieve your business needs. Consolidating your edge also opens opportunities to share and integrate data across different data streams and applications. When you do this, you are moving toward the point of having a common data plane for your edge applications. This will enable new applications to easily take advantage of the existing edge data without having to build new data integration logic.

As you consolidate, you should ensure that your edge approach leverages open application programming interfaces, standards, and technologies that don’t lock you into a single ecosystem or cloud framework. An open environment gives you the flexibility to implement new use cases and new applications, and to integrate new ecosystems as your business demands change.

3. Plan for growth and agility.

Throughout your project, all stakeholders must take the long view. Plan for your initial business outcomes, but also look ahead and plan for growth and future agility.

From a growth perspective, think about the new capabilities you might need, and not just the additional capacity you are going to need. Think about new use cases you might want to implement. For example, are you doing some simple process control and monitoring today that you may want to use deep learning for in the future? If so, make sure that your edge infrastructure can be expanded to include the networking capacity, storage, and accelerated compute necessary be able to do model training at the edge.

You also must look at your edge IT processes. How are your processes going to scale over time? How are you going to become more efficient? And how will you manage your applications? On this front, it makes sense to look at the DevOps processes and tools that you have on the IT side and think about how those are going to translate to your edge applications. Can you leverage your existing DevOps processes and tools for your off-the-shelf and custom edge applications in your OT environment, or will you need to adapt and integrate them with the processes and tools that exist in your OT environment?

A FEW PARTING THOUGHTS

To wrap things up, I’d like to share a few higher-level points to consider as you plan your edge implementations.

Right out of the gate, remember that success at the edge depends heavily on having strong collaboration between your IT stakeholders and your OT stakeholders. Without that working relationship, your innovations will be stuck at the proof-of-concept stage, unable to scale to production, across processes, and across factories.

Second, make sure you leverage your key vendor relationships, and use all the capabilities they can bring to bear. For example, Dell Technologies can help your organization bring different stakeholders within the ecosystem together through the strong partnerships and the solutions that we provide. We can even customize our products for particular applications. Talk to us about our OEM capabilities if you have unique needs for large edge applications.

Finally, think strategically about the transformative power of edge, and how it can give you a clear competitive advantage in your industry. But always remember that you are not the only one thinking about edge. Your competitors are as well. So don’t wait to begin your journey.

Author: Philip Burt, Product Manager-edge strategy, Dell Technologies.

Source: https://www.dell.com/en-us/blog/three-ways-to-optimize-your-edge-strategy/

FOR A FREE CONSULTATION, PLEASE CONTACT US.