It’s Not An “If” It’s a “When” Inside xDR and Recovery

Welcome to this month’s episode of Delve! Today we’re delving into the IT equivalents of our emergency services – xDR and recovery. Cyberspace is not just about cyber defences – antivirus, password safes, web and internet security. Layered in behind all of that is intelligence tech that round-the-clock monitors digital activity, and layered behind that, are the post-digital-disaster recovery and investigation teams – the clean-up crew of recovery specialists and digital forensics! With billions of pounds at stake, it makes sense that these things exist, but how do they work? And how do they work together? That’s what our guests today are going to be helping us understand.

Jake Anthony, Solutions Engineer, LogRhythm

Originally from Middle Earth (the Midlands), Jake Anthony is a Solutions Engineer at LogRhythm. During his time at university, he spent three years leaving in Headingly, Leeds – studying a computer science degree. You’d be surprised to hear that this degree was not his first choice, he originally wanted to study Ancient South American Archaeology, but this is something Leeds University didn’t cater to. Post-university he moved to Nottingham and joined a distributor as a sales Account Manager, but left for London on a whim after a trip to Barbados. He flitted through sales jobs before a mentor suggested he become a Solutions Engineer (SE) at ITC where he built SIEM solutions– from there joined LogPoint as an SE for 18 months, before joining LogRhythm three years ago where he uses his past experience to help organisations get their security monitoring strategy right.

Nick Barron, Chief Operating Officer, Harbor Solutions

Buckinghamshire born & bred, Nick Barron is the Chief Operating Officer (COO) at Harbor Solutions. Nick kicked off his career by going into an IT helpdesk – helping people to fix their modem within 2 days, a role which he found through the Yellow Pages! At the turn of the century, he went to Nortel to be a Senior Pre-sales Consultant and spent 2 years working on dial-up to .com companies. After this, he ventured into Sales at Global Crossing and then into cloud computing at Carenza before joining Softcat – to start-up Cloud Softcat. Several years later, he moved to Harbor Solutions as the Chief Technical officer (CTO) and is now COO. Nick enjoys the challenge of trying to fix things – so much that he takes them apart to figure out how and why they work, and once upon a time, Nick was quite the sportsman with rugby, fencing, kayaking, and then rowing up to National standard.

Discussion points

• What detection & response is in 2022 and which emergency services would you relate it to most?
• The term “SOC” is short for security operations centre and “the visibility triad” are the three things that make up the ideal combo of tech for a SOC.
• Now, all this sounds very exciting and specialist, but, in IT terms means it can’t be accessible to all… so who can embrace this type of stuff? And how do they get started?
• Are we too scared of what monitoring will show us? Do we stick to “easy street” i.e. log collection
• What’s your experience of real-world cyber events and, in doing so, let’s get into the response part of the equation?
• When did backup become data protection?
• Recovery… is easy in 2022, right?! Except I can guess you’re going to say it’s not and there’s a reason why data protection now features in the cybersecurity world?
• How do recovery teams work with IT or SOC teams?
• Are there organisations out there who are still “just collecting logs”? And, Nick,  please tell me that every organisation you talk to has actually retired their tape drives and “chuck-the-tape-in-your-boot” strategy years ago?
• Which tech topic has tickled your taste buds this year and are you going to Delve into and why?

About Delve

Delve is a technology podcast, where the host, Lance Williams, is joined by guests to tackle technology topics that need exploring, unpacking and in some cases, de-mystifying in our brave and boundary-less IT world. Available on all podcast platforms, please subscribe and tune in each month as Lance interviews special guests from the cybersecurity world and beyond.