Every battle is won before its fought – Sun Tzu
The pace of change for technology is challenging established notions of what an Enterprise IT is all about. New advancements of technology (IoT, AI, Block chain, etc) have radically changed the traditional IT infrastructure from set of assets owned and controlled by the enterprise. Enterprise of the day has IT resources that are out of the enterprise visibility and control. This is fuelled by the technology advancements but as well business models that are aimed at improving interactions with customers and other stakeholders.
From a security point of view, the technology advancements lead to a corresponding increase in attack surface. The attacks are getting more sophisticated and vicious leading to massive losses to enterprises. No wonder CEO’s and Board members rank cyber security as one of the biggest business threats. On the contrary they want their organizations to use technology to better interpret the evolving needs of customers and better engage with them. The balance between the adoption of technology and the risk from the same is causing most CEO and the board sleepless nights if not weeks.
The best way to predict your future is to create it – Peter F. Drucker
We have moved from a phase if it will happen to when it will happen and now we seeing focus shifting to how much damage will be done. There is a realization that despite the best efforts cyber incidents are inevitable. Organization are acknowledging that the inevitable will occur and it’s prudent to focus on reducing the impact/or loss that will arise from the incident.
Developing the strategy
A Cyber Security Strategy is a plan of actions designed to improve security and resilience of the enterprise. The foundation of any cyber security strategy should be a business risk assessment. With a good understanding of the business goals, it is easy to identify cyber risks than can hamper accomplishment of the business goals. An effective cyber security strategy must be aligned with your business strategy where cyber risk are an integral part of your corporate risk management strategy. The cyber security strategy should be developed at the board level hence the need of having a board member with cyber security know-how. It goes a long way in influencing the strategy and getting the needed buy-in from the rest of the board.
A sound strategy frames a cost-effective, well-resourced, organization-wide approach to addressing cyber incidents.
Prepare for the inevitable
There is no greater challenge than security your organization from cyber threats. The complexities of the threat landscape and swiftly evolving technologies make it difficult to provide enterprise security on an ad hoc basis. It all starts with creation of security and governance policies that are complimented with technology solutions to prevent cyber threats. Resources in terms of budget, people and technology must be invested and balanced to mitigate cyber risks.
Do the basics and do them well
Access & Monitor
The access and monitor aspect is a continuous process that keeps the enterprise in check in terms of compliance to standards/regulations e.g. ISO27001, GDPR etc. Continuous monitoring is needed to gauge the cyber security posture of the enterprise which can guide on how resources are to be utilized so as to attain the desired posture. Monitoring gives ‘early-warnings’ which when addressed can prevent catastrophic incidents. Majority of enterprises are investing heavily in monitoring solutions – SIEM, SOC as there is a realization of the need to enhance visibility. Enterprises may not have control when cyber incidents occurs, but they can control how they respond to them. Continuous monitoring offers the opportunity for analyze Indicators of Compromise (IoC)which leads to prompt detection and taking appropriate remediation plan.
Expanding detection capabilities is paramount on the cyber security strategy.
Accept some attacks will compromise the organization – plan for it
Despite the best efforts, organization needs to prepare for a successful cyber attack. It will happen anyway! It’s important to ensure that the enterprise has the right resources and skills to quickly identify, isolate and determine the level of investigation and response required to maintain business as usual. How an organization responds to an incident can either contain or escalate the incident. A poor response can even create a crisis. A well coordinated incident response can limit lost time, money as well as cost of recovery and save the organizations reputation. Given the cost associated with cyber incident organization need to consider transferring the risk through cyber insurance. The cyber security strategy must document the risk the organization is willing to manage what needs to transferred to an insurer.
Good cyber is good business
The right cyber security strategy will bring a higher visibility on potential risk exposure across the enterprise. Good cyber security postures bring numerous benefits to the enterprise including a higher degree of confidence to stakeholders- shareholders, investors and customers, reduced potential regulatory fines, avoid losses contingent to a cyber attack and minimize the financial impact in case of cyber incident.
2018 © Villbo Group Limited.