Cyber Resilience - Surviving the Digital Wild West
Alvin Manuel, Senior Director, Technology Consulting & PH Cybersecurity Competency Lead, SGV & Co.
Alvin Manuel, Senior Director, Technology Consulting & PH Cybersecurity Competency Lead, SGV & Co.
As we march further into the digital age, organizations increasingly rely on technology to power their operations. While tech has revolutionized our society, it has also created a new frontier for cybercriminals to exploit. The stakes are higher than ever, as cyber-attacks have evolved from benign website defacement to debilitating ransomware that has disrupted mission-critical functions and created data breaches, damaging customer trust and company reputation.
The frequency and severity of incidents have caught the attention of regulators, resulting in tighter regulations and higher penalties around cybersecurity and privacy. The democratization of technology has also lowered the barriers to entry for cybercriminals, making organizations of all sizes and sectors open to attacks.
Severely constrained by economic, geopolitical, and security talent challenges, organizations rapidly realize that they cannot prevent or predict all major cyber incidents. The key is to focus on building cyber resilience – the ability to withstand, respond to, and spring back from attacks with minimal disruptions.
This starts with a proactive mindset that assumes the organization has been compromised. Organizations can take action early to adopt a holistic approach that balances prevention, survival, and recovery by starting with the assumption that attacks will eventually degrade, disable, or disrupt a critical functionality, system, or supply chain. Akin to preparing the organization in anticipation of a storm or flood, organizations should proactively architect systems to fail securely when compromised, train their people to act decisively, and ensure that the impact of attacks is mitigated or reduced.
Here are key steps that organizations need to take to build this posture.
Involve the Business
The proactive mindset has to start from the top. Despite the torrent of attacks, many executives still view them as a distant possibility rather than an imminent threat. This is reflected in capabilities that focus on prevention rather than a balanced approach. While investments in detection and response have accelerated in recent years, many organizations are still struggling to detect and respond to attacks effectively. To address this gap, security leaders must capture the imagination of management as to what a cyber-attack would look like within their context. This engagement increases collaboration and invites management to be advocates of resilience.
Improve visibility
Effective cyber resilience requires visibility over assets, risks, and opportunities. Organizations cannot manage what they cannot see, which is why it is crucial to take stock of their mission-critical assets. This process should also identify dependencies and shared responsibilities that traverse beyond typical IT boundaries, including operational technology, cloud, and ecosystem partners.
Continuous monitoring and detection of threats, disruptions, attack vectors, and vulnerabilities should be undertaken alongside identifying key assets with prioritization based on the overall risk posed to the organization, especially with the current skills shortage.
Simplify Security
Security leaders will need to simplify security for their organizations to respond swiftly. With the growing number of security solutions in the market, it’s easy for organizations to become overwhelmed and fall into the trap of buying more solutions without a clear strategy. This can result in a patchwork of disparate solutions that are difficult to manage and integrate, leading to gaps in coverage and increased complexity.
Leaders must Ensure that the Security Solutions, Teams, and Processes they Deploy are Integrated and Work Together Seamlessly
Leaders must ensure that the security solutions, teams, and processes they deploy are integrated and work together seamlessly. This requires a careful evaluation of the capabilities, focusing on automation, cohesion, and centralized visibility and control. By simplifying the security stack and reducing complexity, organizations can improve their ability to detect and respond to cyber threats, reduce costs, and provide a more streamlined and efficient security posture.
Exercise and Test
A cyber response requires developing, updating, and testing a robust incident response plan that clearly identifies the roles and responsibilities of team members, defines clear communication channels, and establishes a framework for decision making during an incident. To be truly adaptive, organizations need to build muscle memory by continuously exercising incident responses against various complex real-world attack scenarios. These simulations should consider integrating various dimensions such as law enforcement, corporate communications, legal, and suppliers to help achieve better collaboration, insights, and lessons. Ensuring teams are prepared to handle varying situations will reduce the time to restore operations, limit damages and sustain the confidence of stakeholders.
Security by design
As they modernize their systems and transform their operations, organizations need to build security into the very infrastructure and architecture of systems and continuously learn from previous experiences. While frantically embracing emerging technologies like the metaverse, large language models, and AI, organizations cannot neglect the need to address cyber and privacy risks upfront and incorporate cybersecurity considerations early in their overall adoption strategy.
In the new frontier where customers expect services to be ‘always on’ and secure by default, cyber resilience is no longer an option – organizations must thrive. It is a key enabler for organizations to innovate with confidence, make transformational changes and preserve the trust of customers and stakeholders. Leaders must prioritize cyber resilience and work together to create a more secure and resilient digital world.
