Bernardo Starosta, CEO,VM2020 Solutions
This is the first in a series of blogs introducing thin digital twins—VM2020’s pioneering approach to fully simulating real-world IT environments.
Forward-looking IT and cybersecurity leaders are looking for innovative ways to improve readiness and response. Many are looking to simulation and modeling tools to better understand the business impact of cyberattacks and to gain confidence in their cybersecurity strategy and investments.
As former DHS CISA Director Chris Krebs recently pointed out “You can't just assume that your plans are going to work. You have to test them. You have to develop a set of alternate scenarios that may put you in uncomfortable positions.”
Unfortunately, fully replicating a production IT environment and simulating attacks and other events is a resource-intensive and costly proposition, beyond the means of most organizations.
New thin digital twins, however, let IT and security teams realistically simulate full-scale IT environments in software for ultimate economics, simplicity, and agility. In this blog series I’ll provide an introduction to thin digital twins and explain how they can help you increase insights, improve preparedness, and accelerate response and recovery efforts. Ideal for proactive and reactive endeavors, thin digital twins provide a practical, cost-effective way to improve IT operations and strengthen your security posture.
Quite simply, a digital twin is a virtual representation of a physical object or system, used for modeling and analysis purposes. Digital twins were originally used in manufacturing for component design, process optimization, quality management, and other applications. Now many businesses are considering them for a variety of use cases including IoT systems, healthcare, construction, and supply chain management. (Gartner has included digital twins on their list of Top 10 Strategic Technology Trends, spurring a wave of interest in the technology).
You can use digital twins to model the behavior of complex systems, to run simulations, and to carry out ‘what-if’ scenarios and data analysis. By performing in-depth descriptive, diagnostic, predictive, and prescriptive analytics you can gather insights, answer questions, and make data-driven decisions.
Clearly digital twins have enormous potential for IT and cybersecurity. By simulating IT implementations, organizations can identify vulnerabilities, pinpoint threats and issues, and test out remediations or the impact of changes. But creating an exact digital replica of a production IT environment-fully mirroring system configurations, applications, and data-even if virtual, is still a complicated and expensive undertaking. Few businesses can afford to stand-up duplicate compute, storage, and networking infrastructure just to run simulations and hunt threats.
Server virtualization solutions and cloud-based services have the potential to reduce digital twin cost and complexity, but neither have fully delivered on the promise. Maintaining an exact copy of your production environment using hypervisor-based storage is inherently inefficient and prohibitively expensive. And cloud-based services have turned out to be far more costly and complicated than originally advertised. In practice, most organizations are not maintaining a full copy of their production IT environment on AWS, Azure, or GCP. And even if they are, cloning large datasets in the cloud takes far too long. The data could be obsolete by the time it is ready for use, and an attacker may have already traversed the network and done irreversible damage.
Some organizations have tried using third-party cyber ranges to avoid infrastructure expenses and cloud latency issues altogether. But fully replicating an enterprise IT implementation at an external cyber range is a resource-intensive and time-consuming proposition, fraught with challenges. It can take months just to get up and running.
In information technology “thin” is commonly associated with data storage components that do not consume space. A thin digital twin provides an exact replica of your IT infrastructure, applications, and data without the overhead or complexity of traditional simulation and modeling solutions. To make the twins thin the automation engine needs to have a very deep integration with advanced data cloning technology in modern storage systems and the ability to map the zero footprint clones to hypervisors, software defined networking, and container platforms. VM2020 thin digital twins let you fully simulate your production IT environment in software at previously unachievable price-points. You can use thin digital twins for a wide variety of applications from proactive threat hunting, to vulnerability assessment, to threat containment and recovery.
As Chris Krebs explained, empowering security professionals is “about making it easier for them to be productive in a secure way so that they know what to look for and have the tools to be secure.” That’s what our thin digital twins are all about.
In my next blog I’ll explain some of the advantages and benefits of thin digital twins. And in future blogs I will review some specific applications and use cases for them.
If you’re ready to prove the impact your cyber initiatives are having in a business context through evidence-based solutions, we’re ready show you.
Request Demo