Ransomware Recovery Case Study: Air-Gapped Cyber Recovery

Derive Tech deployed Dell CyberVault at the Port of NY/NJ’s largest terminal, closing ransomware gaps and meeting cyber insurance requirements.

Overview

At the Port of New York and New Jersey, a network outage isn't a simple IT problem. It stops cranes. It holds containers. It costs the business millions of lost revenue per day. When the Port's largest privately held container terminal needed to close its ransomware exposure and satisfy cyber insurance requirements, they called Derive Technologies.

Derive designed an air-gapped cyber recovery architecture built on Dell CyberVault as part of their managed IT services engagement.

The architecture keeps backup data behind a hardware air gap, completely off the production network. Machine-learning detection from CyberSense identifies when an attack happened and which backups stayed clean.

Entity Overview

Client

Largest privately held multi-user container terminal operator at Port of NY/NJ

Industry

Marine Logistics / Critical Infrastructure

Core Challenge

Ransomware exposure with backups accessible via production network; unmet cyber insurance requirements

Primary Solution

Dell CyberVault air-gapped cyber recovery solution, delivered as part of managed IT services

Service Provider

Derive Technologies: MBE-Certified managed IT services provider

Why Standard Backup Wasn't Enough

Container terminal operations run on data. Crane movements, vessel scheduling, cargo manifests, customs clearances: everything is networked. If ransomware gets in, the terminal stops.

 

Derive's review found the existing Dell backup environment had no airgap. The backup infrastructure sat on the same network as production, which meant an attacker who got into production could also reach the backups. No clean restore point. No defensible answer for the cyber insurance auditors who required one.

 

How the Architecture Works

 

1. Hardware-Level Air Gap with Dell CyberVault

PowerProtect DataDomain replicates into the vault without touching production networks. The vault has no network connection to production systems. Ransomware can't reach what it can't see.

2. Ransomware Detection with CyberSense

CyberSense analyzes backup data with machine learning, identifying exactly when corruption started and which restore points are still clean. Ransomware recovery stops being guesswork and becomes a documented, repeatable process.

3. Cyber Recovery Software and Network Isolation

Enforces security at the hardware level by controlling all access to and from the vault. This protection is embedded in the network's physical design, not dependent on policy compliance.

 

The Client Now Has:

•       Ransomware exposure eliminated. The vault has no network connection to production systems.

•       Cyber insurance requirements satisfied with a documented, auditable architecture

•       Clean restore points identified by CyberSense. Ransomware recovery is now a repeatable process as opposed tobeing improvised.

•       Backup data sits completely off the production network, enforced at the hardware level

Before vs. After: Cyber Recovery Transformation

Before Deployment

  • Backups exposed through production network
  • No air-gapped backup layer
  • Cyber insurance requirements unmet
  • No verified clean recovery path
  • Threats detected only after corruption occurred
  • Large network attack surface

After Deployment

  • Fully air-gapped backup vault
  • Dell CyberVault + Data Domain deployed
  • Cyber insurance compliance achieved
  • CyberSense identifies clean recovery points
  • Faster attack detection and visibility
  • Hardware-level physical isolation

For critical infrastructure operators, ransomware is a reality, not a hypothetical. The question is what happens when it gets in. Derive's cybersecurity services and managed IT services give you an air-gapped cyber recovery architecture that holds up under both an attack and a cyber insurance audit.

Learn more about Derive's cybersecurity services and managed IT services at derivetech.com

About Derive Technologies

Derive Technologies is a managed IT services provider based in Manhattan. They serve logistics operators, healthcare organizations, and financial services firms across the Tri-State area. MBE-certified and ISO 9001:2015-certified, with a specialty in cyber recovery architecture and ransomware planning for critical infrastructure environments. Their Lower Manhattan staging facility handles configuration and testing before any live deployment.

TRUSTED BY

We’re proud to partner with some of the most respected names in the industry, delivering innovative IT solutions that drive lasting success.

From streamlined IT operations to enhanced security, these success stories reflect the trust businesses place in Derive Technologies — and the results we deliver every day.

"When my company suffered a ransomware attack on Dec. 23, 2023, I immediately reached out to Derive for assistance. With their round-the-clock remote and on-site assistance throughout the holidays, my company was back to normal IT operations only five days later. I continue to rely upon their expert and responsive IT services to this day."

- Allen Greenwald, President, Prudent Publishing

"IT Initiatives has had a highly positive experience collaborating with Derive Technologies on the Fellowship LIFE project. Your team has successfully implemented our envisioned next-generation network infrastructure, utilized to provide exceptional care and services for our clients’ residents while meeting operational needs and objectives."

– John Dalton, Principal Consultant
IT Initiatives

“Derive worked with our IT staff, suppliers, and technology partners to optimize a unified solution in far less time and with less expense than we imagined. As trusted partners, they
went above and beyond to secure our systems and ensure our goals were met or exceeded.”

– Matt Miller, Executive Director, Applewood

“Our IT infrastructure was on the verge of obsolescence… until Derive Technologies helped us remediate that situation. Collaborating on
an IT roadmap highlighted their insight and ability to modernize our IT environment. Now our systems are faster and ready for future enhancements — and most important, patient data is safer than ever.”

- A major NYC Metro area healthcare service provider

“The HPE SimpliVity solution was precisely what we needed at this point in our company’s evolution. Having the ability to tap into the advantages of cloud computing while adding even greater data security and DR/BU capabilities was something we did not think was possible. But with HPE SimpliVity and the Derive Technologies’ team, it quickly became our new reality.”

- Chief Technology Officer, Private Equity Firm

“Derive has stepped up to the plate. They understand what healthcare is about. It’s not selling me a server; it’s selling me a service that helps me take care of my patients at the end of the day.”

– Vince Splendido, Asst. VP for Materials
Management and Revenue Cycle for Allied Services

 “The solution far exceeded our expectations in terms of both short-term and long-term business value. Our infrastructure is now the foundation for us to deliver on our commitment to our customers: Get it right the first time, every time.”

- Chief Technology Officer, Global Logistics Company
Derive Technologies Business IT Solutions

Let’s build your IT success plan

Ready to optimize, secure, and future-proof your technology? Our experts will assess your current IT environment, identify opportunities for improvement, and create a tailored roadmap to help your business thrive.