Introduction to the Redjack Cyber Resilience Platform
This blog is an overview of the recent webinar: Intro to the Redjack Platform for Cyber Resilience
Many organizations face a common challenge: they lack visibility into their sprawling IT infrastructure and they don’t understand how it aligns with their business operations. As these organizations grow, this lack of insight becomes even more pronounced.
Understanding your environment isn’t just a matter of identifying vulnerabilities or configurations; it's about understanding how assets interconnect and operate within a complex ecosystem. By gaining a real-time understanding of how data flows through your environment - the lifeblood of your operations - you can strategically prioritize the most critical areas of your infrastructure, reducing the likelihood of disruptive outages. Ultimately, this approach fosters greater accountability around the critical business functions of your organization, mitigating potential risks and ensuring smoother operations.
Placing a Business Function Lens on Your Asset Inventory
Redjack revolutionizes asset inventory by adopting a business function perspective. Our technology excels at analyzing communication patterns and profiling devices based on their behavior, making it ideal for reverse engineering an organization's operational processes and workflows.
Superior asset discovery
Redjack's approach starts with deploying sensors that support various environments including cloud (Microsoft Azure, AWS, GCP), hybrid, on-premises, and containers such as Kubernetes and VMware. These battle-tested sensors are already in use across numerous customer deployments and, once set up, the deployment process takes only a few minutes. They are designed to be massively scalable, capable of analyzing up to 2 petabytes of data per second, capturing business interactions seamlessly. Moreover, their deployment is both lightweight and cost-effective, ensuring minimal disruption to operations. They efficiently collect communication data to identify assets and their dependencies, eliminating the need for manual asset discovery.
Business function alignment
The platform compiles the list of assets identified by the sensors and automatically assigns them to critical business functions, which are then validated by your team. It encourages a shift from IT-centric thinking to a more business-focused perspective, allowing executives to focus on business functions like "logistics and shipping" rather than generic IT groupings like "Windows servers." This approach ensures that asset management is aligned closely with the organization's overarching business objectives and priorities.
Asset prioritization: resilience & criticality
Prioritization involves creating a resilience score and a criticality score to assess the importance of assets and business functions and understand their potential business impact in case of downtime.
The resilience score is created based on the following considerations:
Isolation: how difficult is this asset to get to
Hardness: how easy is it to compromise this asset once it’s reached
Redundancy: how well would the network continue to function if this asset goes down
You can improve the resilience score of the assets in your network by putting mitigation strategies into place.
The criticality score assesses the importance of an asset to the overall business function. For example, if you need to restore the payroll function after an incident, you generally aren’t going to be able to restore every single server in the payroll system in 15 minutes. Redjack helps you prioritize essential components for rapid recovery, ensuring that the organization can resume operations promptly.
Assets with low criticality and resilience scores may not require immediate attention, whereas those with high criticality and low resilience scores should be prioritized in disaster recovery, patch management, triage planning, and other business continuity-related planning exercises.
Here is an example of how scoring works in action: Imagine you have a shared drive that four of your most critical business functions depend on because it is used to store information that those functions depend on. You know that each minute of downtime for those four functions combined would cost the organization 5 million dollars. But you don’t know that this shared drive is significant because in your asset inventory it’s just a shared drive. This example illustrates how shifting your focus to business functions rather than individual IT assets is essential.
This scoring mechanism effectively highlights critical devices and significant risks within your environment. By adopting an evidence-based approach, you can analyze risk more comprehensively, instead of relying solely on manual analysis and subjective estimations. Envisioning your infrastructure as a web enables a deeper understanding of the interconnectedness of assets and the potential cost implications of disruptions.
Ongoing monitoring
Organizations generally aren’t designed, they grow organically as your IT staff adds capabilities as needed. Enterprise environments also change drastically month by month as new assets are integrated into the infrastructure and old assets are phased out. The Redjack platform continuously monitors these changes to ensure that decision-makers have access to the most up-to-date information, facilitating informed and timely decision-making.
Benefits of the Redjack platform
Identify points of failure
The Redjack platform identifies potential points of failure within your environment. For example, a particular asset may not seem especially critical on its own but it's a critical dependency for four of your most important business functions. In this case, the Redjack platform is able to highlight the asset’s significance, ensuring that it is not overlooked. This capability ensures that you're alerted to potential points of failure where a vulnerability or disruption could have a significant impact on your operations.
Evidence-based proof
When you are making strategic decisions, having evidence-based information is important. With the Redjack platform, you can trust that insights are grounded in solid evidence. For instance, if we assert that two critical business functions are interdependent, we can provide concrete proof through communication records. Similarly, when it comes to assessing third-party risk, we offer visibility into your connections with external organizations, backed by verifiable data. Unlike other solutions that lack substantiation, Redjack ensures transparency by providing proof to support all claims made within our platform.
Enabling disaster recovery
With the Redjack platform, you have access to evidence-based information about how your environment truly functions. This level of insight enables you to confidently conduct live disaster recovery tests. For instance, restoring a critical business function involving thousands of IT assets seamlessly in the event of a disaster becomes not only possible but achievable. The Redjack platform transforms our customers from a state of uncertainty to enabling and empowering them to restore their critical business functions and continue operations in the face of an incident or disaster.
Example: recovering from ransomware
In many disaster scenarios, significant time is spent just identifying the affected systems and determining what the necessary steps are to bring them back online. During ransomware incidents, the lack of clarity into which systems are vital for business functions and the sequence in which assets need to be brought online in order to restore those functions can lead to uncertainty and financial repercussions. Some organizations, lacking the necessary context for resilience, opt to pay ransom demands as a last resort. The Redjack platform, however, lets you look back in time and analyze your infrastructure's pre-disaster state, giving you the insight you need to recover. By providing comprehensive visibility into supporting business functions, dependencies, and third-party connections, Redjack equips organizations with the knowledge needed to restore critical business functions effectively.
Revolutionize asset inventory using a business function perspective
The journey toward cyber resilience is fraught with challenges for many organizations. The lack of visibility into sprawling IT infrastructures and their alignment with core business operations poses a significant hurdle, especially as organizations evolve and expand. Redjack addresses this critical need by revolutionizing asset inventory through a business function lens, enabling a deeper understanding of how your infrastructure is interconnected. By deploying sensors across your environment and compiling asset lists correlated with critical business functions, Redjack ensures alignment with organizational priorities.
The Redjack platform enables organizations to focus resources on the most crucial components for rapid recovery and continuity. With ongoing monitoring and evidence-based insights, Redjack empowers organizations to identify points of failure, make strategic decisions grounded in solid evidence, and confidently create disaster recovery plans and test them. Ultimately, Redjack transforms organizations from a state of uncertainty to one of resilience, equipping them to restore critical business functions seamlessly in the face of adversity, such as ransomware attacks or other disruptive incidents.