By | Human Engineers
Cyber resilience has risen to greater prominence in the last few years. As a practice and a concept, it aims to redress many of the issues not encompassed by traditional cybersecurity measures.
Attacks and data breaches are rising in general, the last few years have seen year-on-year growth in the number of successful attacks, and the ongoing pandemic has only fuelled the fire. Swaths of the global economy may have shut down, but threat actors certainly haven’t taken a holiday; the Financial Times even dubbed COVID-19 “a gift for cybercriminals.”
A robust cyber resilience strategy is now a must for any company, particularly those working in a data-centric industry.
But how does this concept of resilience differ from cybersecurity, and what’s involved?
Cybersecurity and cyber resilience
Cybersecurity is an essential part of resilience and involves utilizing processes, technologies, and protective measures to ensure the safety of systems, networks, and data from cyberattacks. Solid cybersecurity mitigates the risk of an attack occurring. In this sense, cybersecurity is a proactive defensive strategy.
On the other hand, cyber resilience involves a much broader scope and bridges cybersecurity and a business’ general resilience. We can define cyber resilience as an organization’s ability to handle a cyberattack, including its overall preparedness, response, and recovery.
After all, the effects of a cyber attack are not limited to notifying the relevant authorities and affected clients. There are often regulatory fines involved, a loss of reputation, and the accompanying financial hit. To cope with these matters and stay above water, companies need dynamic, agile business strategies that keep ongoing cybersecurity at the fore.
Building cyber resilience
There are multiple roadmaps for creating cyber resilience, including Symantec’s simple yet sensible five-pillar model and the National Institute of Standards and Technology’s (NIST) comprehensive framework.
Almost all models involve the following steps:
1. Recognize
Understand that the likelihood of a cyber attack is high and that an organization is probably more vulnerable than previously imagined. Many entities are embracing a “not if but when” mindset regarding potential attacks, which helps create a culture of preparedness.
2. Defend
Here’s where traditional cybersecurity measures have their place in overall cyber resilience. Organizations should follow a three-pronged approach to cybersecurity that comprises staff education, adherence to basic digital hygiene practices (sign out of accounts, keep operating systems updated, use long, complex passwords), and a full suite of cybersecurity tools.
The heady days of the early internet are over, and defending a company’s data and systems with just antivirus is akin to leaving the keys in one’s front door and hoping for the best. Companies need the following, at a minimum:
- Virtual Private Network (VPN) — Encrypting data transmissions and shielding activity from would-be threat actors are what VPNs are for. For instance, the ExpressVPN app can help protect one’s devices when connecting to unsecure networks. VPNs can also be used to cover a whole network and any connected Internet of Things (IoT) devices through specialized routers.
- Antivirus and antimalware — Both are necessary to find and quarantine known and modern threats.
- Email scanners — Human error remains a critical issue in cybersecurity. Email scanners help mitigate the risk by detecting any digital nasties masquerading as legitimate communication.
- Firewalls — To filter traffic and ensure unwanted outsiders can’t get in based on a set of predefined security rules. Companies need enterprise-level firewalls.
3. React and respond
Know in advance what to do when an attack occurs. This element encompasses knowing what regulatory bodies need to be informed and the expected timeframes; protocols for advising affected clients; keeping business partners whose systems may also be involved in the loop; security strategies for the immediate aftermath.
4. Rebuild
Having plans that cover how an organization can recoup any financial losses, retain clientele, and generally be resilient in the face of significant business upheaval. Companies can also take the opportunity to learn from any previous cyber incidents and analyze their past response; this information can form part of any future rebuilding strategies.
