Getty Images
Cybersecurity and cyber resilience are not the same. They’re related, of course, but both have different demands, principles and mindsets.
Cybersecurity is an organization’s ability to protect its information assets from digital threats and vulnerabilities, whereas cyber resilience refers to an organization’s proactivity in being able to do the following:
Cyber resilience also assumes a breach has or will happen and provides the foundation to prepare and manage through such an attack.
Read on to learn how to build a culture of cyber resilience.
As fast as businesses are growing and expanding, so are risks and disruptions. With the pressure for organizations to use more technology in the form of digital transformation strategies and the growth of the hybrid workforce, organizations are faced with an increased cyber-risk that needs to be managed and mitigated.
Despite best efforts to reduce risks, it’s unlikely any organization can prevent attacks that target business-critical resources, especially when attack surfaces are broadened. At the same time, it’s key businesses aren’t beholden to the fear of cyber threats. This would hamper innovation, critical growth and transformation, as well as enable competitors to surpass them.
Limiting the effect of an attack or vulnerability requires coordination and collaboration from security, IT and the business.
The business has ultimate responsibility for managing risk. Risk is a sliding scale — some risks must be accepted, and some can be temporarily ignored. Other risks are codified in liability, and regulation can’t be ignored, which begs the question: Which protections can be maximized? It should be those that pay dividends in securing the business, while encompassing a proactive approach when dealing with a data breach.
Many organizations have a disaster recovery (DR) plan in place. However, traditional backup and recovery plans do not take into consideration how cyber attacks or vulnerabilities can still affect backups and recovery systems.
Organizations could reintroduce the same vulnerabilities or increase the effectiveness of a cyber attack if they rely solely on a DR plan. DR plans recover data — not the security, services and workstreams surrounding it. Successfully restoring key systems from an attack means restoring applications, platforms, networks and the security that supports them. An encompassing approach to recovery requires fluidity and the ability to switch response tactics — something which requires cross-function collaboration and dedication.
Cyber resilience provides a holistic approach that links business, operations and technology considerations. It requires enterprise security be approached from the perspective of what you’re going to do when you get attacked — work with the assumption you’ll get hit.
The best approach to creating a solid cyber-resilience program is to apply the anticipate, withstand, recover and adapt foundations.
About the author
Geoff Hancock is global director of cybersecurity engineering at World Wide Technology, where he leads a team of architects and technical experts to provide assessment, consultation and implementation services to customers and partners. Hancock is also chairman of the Federal CISO Alliance and board member of the National Technology Security Coalition, the largest private sector CISO group. He is also adjunct professor at George Washington University, where he teaches the World Cyber MBA program.
Cloud-managed Wi-Fi provides IT groups with several benefits, including policy enforcement, network management and consistent AP …
As enterprises accelerate toward digitization of their complete IT stack, NaaS — which can lower costs, increase QoS and improve…
Network asset management software helps network teams keep track of network devices and software, ensuring timely upgrades, …
The California Age-Appropriate Design Code Act goes into effect in 2024, meaning businesses with users under the age of 18 should…
In this Q&A, Schneider Electric’s Michael Lofty discusses why and how organizations need to step up efforts to reduce CO2 …
Fake product reviews can be harmful not just to consumers, but to businesses if their product is negatively targeted by bad …
When Windows 11 administrators encounter an issue with a desktop without a clear fix, they should perform general troubleshooting…
PC prices are dropping as manufacturers lower prices to move inventory. Market saturation following the pandemic is a significant…
Cloud Software Group lays off 2,250 workers following major changes to sales and product development after merging Citrix Systems…
AI-powered automated inventory tracking systems aren’t perfect. However, retailers with high rates of lost sales from missing …
Explore scaling options in AKS, such as the horizontal pod and the cluster autoscaler. Then, follow a step-by-step tutorial on …
Looking to shift your organization’s workloads to the cloud? Understand the advantages and disadvantages of IaaS and PaaS options…
Barclays Eagle Labs incubator to take over Tech Nation’s role in administering UK government digital growth grant amid backlash …
Bontaz used to face regular IT outages that took too long to recover from. Then it got DataCore software-defined storage and the …
The worsening economic climate is leading to job cuts across the IT sector, with Microsoft only the latest to announce thousands …
All Rights Reserved, Copyright 2000 – 2023, TechTarget
Privacy Policy
Cookie Preferences
Do Not Sell or Share My Personal Information