Cyber Resilience: Meeting the New Standard in Security
We sat down with Richard Horne, Noetic Advisory Board Member to explore the major issues that organizations face in the dynamic realm of cybersecurity. Richard, who spends much of his time strategizing with boards and executive committees, shared the common themes that organizations are facing today. In this blog, we’ll explore the first major theme: Cyber resilience is the new standard.
Historically, cybersecurity efforts have been predominantly geared towards safeguarding data integrity and confidentiality. However, with the escalating frequency, sophistication, and cost of cybercrime, there’s a pressing need for organizations to shift their focus towards ensuring the availability of systems and data. In fact, 2023 was a record-breaking year for cybercrime, with a cyberattack occurring once every 39 seconds, and the average cost of a data breach reaching $4.45 million globally.
“Our whole approach to cybersecurity for many years was driven by privacy and protecting data [and] the confidentiality of data. And what we’ve seen in the last few years is attackers really targeting the availability of systems and data.” – Richard Horne, Noetic Advisory Board
Unlike traditional measures that primarily emphasize prevention, modern cyber resilience acknowledges the inevitability of breaches and disruptions, instead focusing on the organization’s ability to withstand, adapt to and recover from evolving cyber threats.
The Definition of Resilient in Cybersecurity
Beyond the scope of traditional cybersecurity measures, cyber resilience represents the capacity of an organization to anticipate, withstand, recover from, and adapt to the ever-evolving landscape of cyber threats and attacks. It’s a comprehensive approach that starts with building strong security defenses, and considers the organization’s ability to react and minimize the impact in the event of a cyber attack.
A Checklist for Cyber Resilience
A Shift in Mindset
According to Richard, mindset is among the most critical elements to establishing a cyber resilient culture, especially as organizations adopt transformative technologies such as generative AI. Prior to implementation, security teams must consider whether they could sustain operations if such technologies are compromised. This proactive mindset is focused on understanding reliance on technology and ensuring business continuity in the face of cyber threats.
The Influence of Regulatory Requirements
Throughout our conversation, Richard also emphasized the role of regulations in driving a culture of cyber resilience within organizations. The Digital Operational Resilience Act (DORA), for example, presents a significant shift in regulatory focus within the European Union that provides standards for navigating cyber risk, rather than just the financial stability of firms. Similarly, the Securities and Exchange Commission (SEC) and the NIST Cybersecurity Framework (CSF) 2.0 compel organizations to gain a deeper understanding of their technology infrastructure and develop plans for rebuilding in the event of a cyber incident.
Other key considerations for establishing cyber resilience include:
- Calculate the risk-reward ratio for new technologies: It’s essential to prioritize security from the outset, embedding cybersecurity measures into the development lifecycle of new technologies. To strike a balance between innovation and cybersecurity resilience, organizations must conduct comprehensive risk assessments that address the potential implications of integrating new technologies into existing infrastructure. By understanding the risks upfront, organizations can make informed decisions and implement appropriate safeguards.
- Implement Defense-in-Depth strategies: A Defense-in-Depth strategy acknowledges that no single security measure is foolproof, and therefore, relies on a combination of preventive, detective, and responsive controls to mitigate risks effectively. This layered approach also increases the complexity for attackers, making it more challenging for them to penetrate defenses and compromising sensitive data or systems.
- Employ proactive monitoring systems: Organizations take an average of 204 days to identify a breach. Establishing proactive monitoring systems is essential for early detection of anomalous behavior and potential security incidents. These systems continuously monitor network traffic, user activities, and system logs for any signs of suspicious or malicious behavior. By leveraging advanced security analytics and threat intelligence, organizations can identify deviations from normal patterns and promptly investigate potential security incidents before they can escalate.
- Develop comprehensive incident response plans: Incident response plans should cover a wide range of scenarios, from data breaches and malware infections to denial-of-service attacks and insider threats. By having well-defined incident response plans in place, organizations can minimize downtime, contain the damage, and swiftly restore normal operations in the event of a cyber incident.
- Regularly test and refine processes: Conducting tabletop exercises and simulated cyber attack scenarios allow organizations to identify gaps in their response capabilities, refine their procedures, and train personnel on their roles and responsibilities during a real incident.
Embracing cyber resilience isn’t just a choice—it’s the new standard in cybersecurity. By embedding resilience into their organizational DNA, organizations can navigate the complex cyber threat landscape with confidence, safeguard critical assets, and ensure sustained business continuity in the face of adversity.
Check out the podcast for more insights from our full interview with Richard: Securing our Future, ep. 2: Resilience, Transparency and Transformation.
About The Author(s)
