From Security to Cyber Resilience
Cyber resilience is a concept that over the past five years has been evolving as information security, business continuity and risk management disciplines continue to converge. Today, cyber resilience methods and frameworks are driving the conversation across multiple disciplines to protect business, to protect governments, and to protect ourselves as individuals.
Let’s start with these three important definitions:
- Cyber Resilience – is the ability of an organization to continue to function with the least amount of disruption in the face of cyberattacks. It is an end to end approach that brings together critical business functions, information security, disaster recovery, business continuity, and crisis management to protect the business.
- Cyber Security – is designed to protect systems, networks, and data from cybercrimes. Effective cyber security reduces the risk of cyberattack and protects businesses from the deliberate exploitation of its assets.
- Business Continuity – it provides the capability to resume operations when an event causes a service disruption. Business continuity address natural disasters, accidents, and deliberate physical and cyberattacks that affect the organization.
At the core of these definitions is the protection of “data,” the information that allows us to conduct business and communicate globally. The exponential influx of data that we see today provides significant business value, but can also leave organizations and individuals exposed to cybercrime or other disruption.
Over the past half-century or so, the enterprise has evolved as technology has shaped organizations. Information technology began to support business at scale for the first time with transaction processing, and the advent of personal computers brought a new wealth of knowledge to professionals’ fingertips, empowering them like never before. From there, data centers became the nerve-centers to house data, expand business models, and transform industries. These legacy layers have been largely driven by people and policies set by organizations.
Even with today’s technological innovations, sophisticated security tools, and cybersecurity risk management frameworks, organizations and governments are struggling to adequately protect their digital assets from the evolving threats. Today’s data breaches are no longer one organization’s problem; businesses, governments and individuals need to take responsibility and perform sufficient data protection. In addition to the basics of data security, 21st century enterprises have to embrace Artificial Intelligence (AI) and other cognitive systems across their organizations to remain competitive and meet business goals.
Current state of data and cyber security
Technological innovations will continue to accelerate, reinforcing the need for a new way of thinking about cyber resilience. However, innovations do not always make data protection a priority, which can lead to shortcomings within an IT environment.
The journey to cloud also puts organizations in new and unforeseen scenarios where data no longer has to be confined to one location; many businesses use multiple clouds with multiple vendors. Organizations might feel that they have less control of their data as they move away from homegrown infrastructure, despite the protections that are built into today’s public, private, or hybrid clouds. Any doubts that an organization might have should compel them to commit even more focus and resources to cyber resilience.
The Future of Cyber Resilience in the Cognitive Age
It is next to impossible for an organization or an individual to manage and protect the volume of data changing hands on a regular basis. That is why we need to design secure, cognitive-based systems and applications from the start to help repair, protect and recover critical data with minimal human intervention. It is just as important to use a framework for an end-to-end risks and threat management model that helps organizations maintain governance and continuously improve. For example, many companies and governments have embraced The NIST (National Institute of Standards and Technology) Cybersecurity framework https://www.nist.gov/framework
Enclosed are some recommendations for your own organizations:
- Identify cyber resilience readiness and gaps across the organization
- Identify assets and risks – prioritize by critical business functions
- Assess your cyber resiliency processes and procedures
- Define a roadmap and actionable tasks to build or improve your resiliency plans
- Protect against attacks by preventing threats before they wreak havoc with proactive access controls and automating vulnerability fixes
- Protect business critical applications and data
- Make continuous compliance a priority for privacy by design to meet regulatory requirements
- Make data protection awareness and training mandatory
- Detect unknown threats fast with advanced analytics using Artificial Intelligence (AI), cognitive tools and automation
- Make zero trust your guiding principle for network policies
- Investigate active threats from inside and outside the organization. Hackers use social engineering with your employees and your suppliers and partners are part of your supply chain
- Respond with established cyber incident crisis management policies and communication protocols
- Respond to cyberattacks and security breaches with resiliency orchestration – every minute counts
- Engage cyber incident responders leveraging threat intelligence to repel attackers and minimize business impact
- Remediate the attack damage by restoring systems and closing vulnerabilities
- Recover by activating Cyber Incident Recovery crisis management plans
- Recover by executing automated and orchestrated workflows for your mission-critical business applications
- Ensure your business is back and running quickly based on your well-rehearsed recovery drills
- Prioritize resources and maintain active incident recovery command center until you are back to business as usual
We need to look at cyber resilience from a continuous compliance perspective, so industry regulatory requirements are handled with security and privacy in mind when building new systems and applications. We also need to use things like automation and orchestration technologies wherever possible for speed of execution, plus immutable storage to protect configurations and critical data, so cyberattacks do not cripple the chances of a smooth recovery.
The good news is that these technologies are more pervasive, and getting better and faster all the time. But cyberattacks like NotPetya, which cost organizations millions of dollars in June 2017, are likely to strike again.
Humans are still in charge, but the combination of man and machine is even more powerful. Artificial Intelligence and cognitive computing is able to monitor, analyze patterns, provide context across high numbers of alerts, and take action or provide recommendations in real time. This frees up security professionals from repetitive tasks and manual analysis of massive amounts of data, not to mention its cost effectiveness and improvements to overall cyber resilience.
It is obvious that the advancement of technology requires new levels of security and cyber resilience, regardless of industry. While some malicious actors may want to use technology to harm, professionals in these fields must work together to overwhelm those adversaries with technology that is built to do good.
One thing that doesn’t change, no matter how sophisticated technology has become, is the need for responsible governance and stewardship. Cyber resilience in the cognitive age should be a team sport, with suppliers, partners and customers all working together toward a common goal.Recommend0 recommendationsPublished in