By Rashmi Chandrashekar
The digital age has brought new challenges for businesses, including increased risk of cyber-attacks, breaches, and failures. As a result, companies are adopting cyber resilience strategies that combine the best practices from IT security, business continuity, and other disciplines to better align with the needs and goals of today’s digital business. Business-enabling technologies are turning into entry points for risk, attack, and failure due to digital transformation, shattering the conventional barriers that have existed between businesses and other players in the global economy.
Companies are increasingly viewing cyber resilience as a key element of their strategy to prevent incidents and minimize losses if they do occur. According to Cisco’s annual “Security Outcomes Report,” 96% of executives surveyed considered security resilience to be a high priority. In addition, firms with a mature zero-trust model reported in place had a 30% higher resilience score than firms without one. Hence, to develop more resilient systems that can withstand dynamic threats, a risk-based framework must go beyond simple risk assessment.
Achieving Cyber Resiliency
Cyber resilience is a strategy that acknowledges the inevitability of incidents occurring within an organization’s environment. It involves adopting a mindset that recognizes the likelihood of a cyber-attack happening in your business. However, the effectiveness of a cyber-resilient program is not measured by the number of attacks prevented but by how quickly an organization can detect, alert, respond to, and mitigate incidents.
An important aspect of cyber resilience is an organization’s ability to understand its environment and learn from it, which can lead to the development of specific capabilities to better manage potential risks and seize opportunities. Consequently, building cyber resilience must prioritize dynamic capabilities that enable both proactive and reactive measures. This approach ensures that organizations can respond quickly and effectively to emerging threats while also taking proactive steps to prevent potential incidents.
To support this effort, two frameworks can be leveraged: the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity and the Mitre Cyber Resiliency Engineering Framework (CREF). NIST’s framework outlines fundamental cybersecurity activities organized into five functions: Identify, Protect, Detect, Respond, and Recover. Meanwhile, CREF follows four guiding principles: Anticipate, Withstand, Recover, and Adapt. These principles aim to maintain a state of preparedness, continue essential functions despite attacks, restore functions after an attack, and minimize impacts by adapting to changes in functions and supporting cyber capabilities.
Best Practises for Designing a Robust Cyber Resilience Strategy
A cyber resilience plan must be tailored to each organization and consider key factors such as uptime, service disruptions, and maximum recovery periods. It’s essential to consider budgetary constraints and set goals for how much the plan should save you. While cyber resilience may seem like an expense, it’s actually an investment. However, simply investing more money does not necessarily guarantee greater protection. The key is to invest wisely and make the right decisions regarding cybersecurity and recovery.
It’s important to prepare for the worst-case scenarios and not assume that attackers can be stopped at the door. Inevitably, they will find a way to breach defenses, and it’s crucial to have a plan in place for how to respond. This involves working with cybersecurity experts and partners to determine the best course of action. Organizations should put protections in place wherever possible and ensure that attackers cannot disrupt or destroy recovery paths. It’s essential to always be thinking one step ahead to stay ahead of potential threats. Here are some practices that organizations can implement:
- Testing of a cyber resilience plan
Organizations must frequently test their cyber resilience framework to ensure no stone has been left unturned. Ransomware simulations and penetration testing can help in finding new vulnerabilities before any bad factors exploit them. Companies can also partner with a third-party cybersecurity solution and have them try to infiltrate the organization’s network. Such simulation exercises can help test the plan. Finding weaknesses and loopholes early on allows time to implement fixes and mitigate risks.
- Regularly update the cyber resilience plan
Maintaining cyber resilience is an ongoing process that requires constant effort to safeguard one’s business from modern threats and challenges. Therefore, it is crucial to examine the current cybercrime scenario and assess potential risks regularly. Furthermore, it is imperative to scrutinize one’s own assets, framework, and possible vulnerabilities and, accordingly, revise and adjust the cyber resilience strategy to stay informed.
- Interlock with other departments
Partnering with other executives and leaders enables the integration of cyber resilience best practices throughout the organization. This involves incorporating these practices into various aspects of the company that includes business units based on company products and services, cross-business functions such as human resource training, marketing and sales marketing and sales.
- Compliance with regulatory requirements
For certain businesses, cyber resilience is an aspect that cannot be overlooked. Companies are subject to various regulations set forth by industry, national, and state entities that dictate how they must safeguard and uphold the security of customer data. To ensure that their cyber resilience strategies meet government standards, organizations should consult their state’s laws. They must also modify their approach to storing, encrypting, and transmitting data to enhance their cyber resilience and fulfill regulatory requirements.
The Bottom Line
An all-in-one cybersecurity approach is generally considered the superior option for safeguarding a network. Rather than piecing together individual solutions and teams, opting for bundled end-to-end services and products can help prevent any potential gaps in the system. This comprehensive approach should extend to all aspects of network security, including the installation of software on laptops, the setup of firewalls, and virtual private networks (VPNs). In addition, by utilizing experts who are familiar with the products and protocols, companies can better identify threats, protect their systems, respond quickly, and recover their data in full.
(The author is Rashmi Chandrashekar, Global Director- DXC Security, DXC Technology, and the views expressed in this article are his own)
