Technology has changed the world we live in – 50% of world population online who contribute to billions of interactions over internet on a daily basis. Business of the day is interwoven with technology – they are inseparable. Despite the opportunity harnessed from adoption of technologies in business there is need to address the risk of cyber attacks. Cyber attacks are inevitable; they have devastating effects on business and are getting more sophisticated day by day.
Cyber resilience refers to the ability of an enterprise to run its operations despite an adverse cyber attack or data breach. Cyber resilience aims to defend the organization against potential cyber attacks and ensure the organizations survival following an attack including minimizing customer harm, reputation damage and financial loss.
Sophistication of the threat landscape can lead to catastrophic events to organizations – some may even go out of business. Organizations MUST accept that the inevitable will occur. Once that fact is accepted then focus should shift to how to reduce impact after a cyber attack/data breach.
Is Cyber Resilience necessary for a business?
It will happen
Today economy and business environment runs on an interconnected world. The reliance of technology creates efficiency and effectiveness in delivering organizations mission however the same technology can be compromised rendering the usefulness of the technology. Acknowledging that cyber attacks are part of the game is an important realization. Once that has been accepted an organization will stop jumping like a headless chicken whenever there is a data breach reported in the media. Secondly, the organization becomes laser focus on – Response & Recovery. Two elements that are critical survival trait during and after a successful cyber attack.
Threat Landscape is ever evolving
Security experts agree that there are no silver bullets in cyber security. No one solution can protect your organization from cyber attacks. In addition, despite the best solutions & controls in place an organization can’t completely secure its information due to the fact the threat landscape keeps on evolving. There too many unknown unknown’s (Threats you don’t know and you don’t know that they exist) which pose a greater risk due to the fact you can’t anticipate for them based on past experiences. Organizations are putting an emphasis on cyber defense as they set up blue-teams to be on the lookout of the attacks targeting the organization and working tirelessly to defend the organization from those attacks. The defense strategy has even enhanced with breakthrough technologies that enable automated defense. Artificial Intelligence (AI) & machine learning are enhancing the security posture of organizations by enabling quick learning and identification of outliers which could be indicators of compromise. Automation in defense promotes prompt detection enabling organization to proactively respond to the attack.
GDPR is here…..
Regulators are putting pressure on organizations to protect customer data and ensure business continuity during & after a data breach. Article 32 says that personal data must be processed in such a way that ensures the security of data, including protection from unauthorized/unlawful processing, against accidental loss, destruction or damage by implementing appropriate technical and organizational measures. The article goes further to provide the security measures expected of the entities that are in scope of the regulation. The regulator expects the entities to cyber resilience in order to;
The hefty penalty (4% of annual turnover) does promote security of organizations. Organizations will have a hard time explaining to their shareholders why they had to pay such penalties which would have been dividends paid out. The management will focus on cyber security to avoid penalties as well as the tough questions from their shareholders – either way it’s a win for the organization.
Building a strong foundation
For Burj Khalifa to stand tall at 829.8M a strong foundation of over 45,000 m3 of concrete was used to construct the foundation. Structural engineers tell us that the strength of any building is based on the foundation. The same concept is applicable in cyber resilience – the ability to continually provide services to clients despite an adverse cyber attack is based on the organization cyber security programme.
Cyber resilience is a structured journey not a random walk.
The journey starts off by understanding the business, its operations and strategy. What the marketing team is doing is important to the CISO who is developing a resilience strategy. A good understanding of the business gives a clear picture of the main functions that keep the business going and what are the main cyber risks that could potentially hurt the business.
A good foundation is great, but organizations must develop and implement the appropriate safeguards to limit or contain the impact of a potential cyber security incident. Beyond business and IT controls, it’s of paramount important for an organization to implement continuous monitoring to detect anomalies and potential cyber security incidents before they can cause any significant damage. Next phase is on building capacity on incident response measures which help the organization take necessary steps to minimize the impact of the attack. The essence of cyber resilience is to survive an incident and be able to return to return to business as usual following an attack.
Cyber attacks will occur in spite of an organization best effort to prepare and prevent them. In addition organizations don’t have a budge to keep buying the latest technology that promises to prevent all attacks. A paradigm shift has to happen with focus not on eliminating cyber risks but creating cyber resilience. Organizations cyber security strategy should encompass Preparation, Prevention, Detection, Response and Recovery for it to gain true value of cyber resilience.
2018 © Villbo Group Limited.