Cyber Security VS Cyber Resilience: Shifting Business Mindsets
October 2022 - Michael Simkovic, Chief Executive Officer, CSO Group
Today, employees can work from anywhere, on any device, and on any network. Productivity has reportedly scaled as a result, but this “remoteness” has simultaneously opened the floodgates to a myriad of cyber attacks; including phishing schemes, ransomware, and denial-of-service attacks (DoS).
Organisations are more attune than ever to the criticality of elevating cyber security as a business priority. However, when it comes to planning for and dealing with cyber attacks, organisations often fail to consider the implications of defending and responding and further, what it takes to journey back to recovery. This is where cyber security differs from cyber resilience.
What is cyber resilience, and how broad does it extend?
Cyber resilience is not just about responding to threats. It’s a mind shift which recognises that cyber attacks will happen in some way, shape, or form, and so the focus turns to how an organisation can anticipate, absorb, recover from, and adapt to such attacks. It is about the minimisation of business disruption as a whole.
Cyber resilience is an organisation-wide effort with everyone playing an interconnected role in being responsible for the entire organisation. This includes non-technical and non-cyber employees committing to being knowledgeable about cyber security to keep up to date with the ever-evolving area.
Once businesses implement an organisation-wide cyber security culture, they must learn how to be more proactive and predictive in their cyber security approach in order to be truly resilient. Meaning that when a successful attack occurs, they have the ability to maintain and sustain operations with minimal affect under adverse circumstances.
Taking steps towards cyber resilience
Cyber resilience is about taking steps towards operating adaptive and responsive cyber resilience processes while ensuring the continuity of secure business operations, no matter what the future may bring.
By focusing on becoming more cyber resilient, organisations ultimately minimise the risk of exposure to critical infrastructure, reduce financial loss, and maintain the continuity of business operations.
The following five practices outline approaches taken by highly resilient companies and that organisations looking to uplift their resilience can take:
1. Schedule regular cyber security exercises
To achieve strong cyber resilience, organisations should run testing exercises as part of their planning and preparation. Running immersive, scenario-based cyber crisis exercises such as tabletop or red teaming is a low-risk way for the crisis management team to identify strengths and vulnerabilities in their overall preparedness. The more often organisations run these exercises, the more fit and competent they are to maintain and sustain operations under a real cyberattack. Do not limit the organisation involvement to technical personnel. This needs to include key decision makers who will be essential in the end-to-end process.
2. Leverage existing capabilities
While cyber resilience helps businesses defend against cyber crimes, it can also be a costly investment. However, businesses don’t have to reinvent the wheel. Instead, they can incur minimal overhead by examining their existing capabilities and programs in their critical infrastructure. Then, they can leverage what is already in place to build the first line of their network defence.
3. Focus on maintaining strong cyber security hygiene
Organisations can’t afford to be complacent when it comes to cyber security hygiene, especially given that it is where most incidents arise. According to our technology partner Crowdstrike “Common IT misconfigurations continue to be the root cause of many security breaches.”[i] Organisations must implement an organisation-wide cybersecurity hygiene policy with a common set of practices which should be continuously reinforced. Organisations that have a solid security program, are aware of where their gaps are, and are managing those gaps from a risk perspective, reduce the likelihood of an event occurring and offset the impact when one does.
4. Combine elements of cyber security and business operations into one seamless function
Cyber resilience is more than just planning, testing, and exercising. It’s about bringing all the components of a good control testing program together with the elements of crisis management and business continuity, all the while ensuring that the organisation is coordinated and can operate smoothly and efficiently under adverse conditions.
5. Engage specialist third parties
While internal teams may have in-depth knowledge of their environment, they are likely to miss gaps in the system while a third-party assessor can take an unbiased approach to the controls and systems. With a broader overview of the system, a third-party specialist can also determine whether an organisation is compliant with government regulations relating to their cyber security practices.
Cyber resilience in the digital frontier
In the current landscape, it’s not a question of if but when a cyber attack will happen. Traditional cyber security alone is no longer enough to protect businesses adequately, so keeping up to date with leading practices and tools is necessary to minimise the risk. Businesses need to focus efforts on building a truly cyber resilient organisation to not only improve their ability to anticipate, adapt, and recover quickly but to also maintain their competitive edge in this digital world.
At CSO Group, we provide effective ICT cyber security services and solutions to mitigate business risks and threats. To find out how we can help your business improve its cyber resilience, contact the CSO team.