The rate of cybercrime and cyberattacks on organizations is increasing at an alarming rate. According to research, cybercrime damage is expected to reach $8 trillion in 2023. Almost every organization will be impacted by a cyberattack this year and it is crucial for businesses to rethink their risk management and incident response strategies. And cyber resilience frameworks play a big role here.
By Brian Pereira, Founding Editor, Digital Creed
In the face of an increasing threat landscape due to the growing volume and sophistication of attacks, companies need more than a security solution or governance policy to be prepared for these attacks. They need a proactive and integrated approach with threat monitoring, threat intelligence, and end-to-end managed services.
That’s where cyber resilience comes in. It is not an afterthought but needs to be built by design.
See also: Why do Hackers Love to Target Backups?
Why are the Attacks Increasing?
In a volatile and dynamic business environment, businesses are under tremendous pressure to deliver innovative services and products at shorter intervals. Customer expectations have also increased and there is more choice now. There is always the fear of customer churn in increasingly competitive markets. As if all this were not enough, supply chains have been impacted leading to shortages of raw materials and components. For instance, the auto industry faced a manufacturing slowdown last year due to the shortage of semiconductors.
To cope with these pressures, organizations had to embrace digitalization and modern ways of conducting business – at an accelerated pace. That involves the transformation of business processes and embracing new technologies – and integrating modern (cloud-based) platforms with legacy infrastructure.
This is not easy to do and requires careful planning and (phase-wise) implementation. When digitalization is done at speed one cuts corners and this introduces vulnerabilities and gaps in systems. This increases the risks for organizations and it calls for revisiting risk management strategies.
For instance, hurried cloud deployments result in misconfigurations – an open invitation for hackers. If databases are not adequately secured, it will result in data leaks and breaches. Almost every day we hear about an incident where an organization’s customer credentials and personally identifiable information (PII) have been stolen and sold on the dark web. Ransomware attacks are also a huge problem and are more frequent today.
See also: India 7th most cyber-breached country in the world, Russia tops the charts: Surfshark
Stepping Up Defences
Consider the case of a typical organization, say a bank, or hospital or airline, that provides services to tens of thousands – or millions of customers. These services are usually provided by computerized systems. These systems need to run efficiently, 24×7 and 365 days. That means the IT systems need to have minimum downtime or failure. In the IT world, we call it the “five nines” or 99.999% uptime. If these systems are down for even a minute, customer services would be affected. And when so many customers are dependent on these services, the impact on the organization would be huge.
The cause for these system downtimes is likely to be a cyberattack in nine out of 10 incidents. And even the best cybersecurity solutions or policies will not prevent this. Organizations need something more to fight modern cyberattacks and threats.
To prevent security incidents, they need end-to-end managed security services backed by a robust incident response plan.
That’s where cyber resilience frameworks come in.
See also: 10 steps every business can take to avoid a cybersecurity breach
What is Cyber Resilience?
Organizations can no longer take a reactive approach to cyberattacks. Rather, they need to expect it and be prepared – and predict it. They WILL be attacked; it’s only a matter of WHEN. And when the attack does occur, they need to activate their incident response plan or strategy to minimize the impact on infrastructure and services. It’s like having a plan for a building fire – and regularly doing fire drills so that everyone knows what to do when there is a fire.
Cyber resilience is a comprehensive framework that aims to protect the entire organization, including its people, processes, data and information systems in the event of a cyber attack.
But the volume of these attacks could be huge, and the in-house IT staff or on-premise systems may not be able to handle it. That’s why organizations need to take a holistic, integrated approach that includes managed security services – which are usually outsourced to managed security service providers.
Cybersecurity v. Cyber resilience
Many people think that having good policies and robust solutions are adequate to protect their organizations from cyber attacks. So, how is cyber resilience different?
The two terms are not the same and should not be used interchangeably.
Cybersecurity is a subset of cyber resilience. Cybersecurity solutions protect information assets – data and systems. But cyber resilience protects the business and its operations and is aimed at ensuring business continuity when a cyberattack occurs.
It is imperative for organizations to have a comprehensive cyber resilience framework with data governance. This is especially true for data-driven organizations – they should have a data governance policy and risk management framework in place.
Cyber Resilience Framework
As we said before, cyber threats to your organization are imminent as your business scales and your data sets grow. Hackers are always looking for intellectual property and sensitive data to steal. You also have to look out for insider threats – employees leaking databases and storing them on personal clouds like Gdrive, OneDrive, Box Drive, Box, etc.
A cyber resilience framework can check this, and mitigate or prevent data leakage and other threats to your organization. This is essential for running your business operations with minimum downtime (business continuity) when breaches occur.
Gartner says a resilient cybersecurity strategy is essential to running the business while protecting against security threats and preventing data breaches and other enterprise cybersecurity threats.
Here are some steps to establish a cyber resilience framework:
- Identify weak spots or vulnerabilities
- Protect critical IT assets
- Detect early signs of malpractice
- Respond with immediacy (contain the breach to prevent lateral spread)
- Recover as holistically as possible
Invest in recovery and response too. Boston Consulting Group (BCG) found that the typical cybersecurity organization spends 72% of its budget on identifying, protecting and detecting breaches and only 18% on response, recovery and business continuity.
