May 12, 2020 By Douglas Bonderud 4 min read

Cyber resilience emerged as a response to the evolving need for information security. Organizations recognized that attacks were a question of when, not if, and adapted security strategy to include orchestrated response and recovery frameworks that could identify critical assets, protect key data, detect potential issues, respond to immediate threats and jump-start recovery to get businesses back on track.

As a result, enterprises went to work on building resilience “funnels” — strategies that aggregate and address issues along the traditional corporate IT stack, from local servers to third-party providers and hybrid cloud services. The advent of democratized technologies and delocalized work, however, has created a new attack avenue. Instead of funneling down into common cyber resilience capture points, many attackers take a sideways approach that targets remote users, lateral services or public connections.

To solve for emerging attack vectors, organizations need a new defensive design: the cyber resilience web. Not sure where to start? Let’s break down six critical components of this security string theory.

1. Start With Support

The first pillar of any cyber resilience framework is identification: locating key business applications and any associated risks. In the context of a cybersecurity web, this expands to include identifying key supports, specifically from the C-suite.

Why? Because effective webs need firm foundations to deliver consistent results over time. Broad security strategy that lacks boardroom budgets and boosters won’t hold for long. As a recent IDC white paper notes, the scope of support also matters. Along with C-suite champions, organizations need stakeholder buy-in from data owners, IT teams and frontline employees.

Ultimately, webs must cast a wide net to encompass the new realities of enterprise IT efforts. Identifying and cultivating key supports is essential to delivering security strength at scale.

2. Build Big

Protection comes next. In the context of depth-based cyber resilience, this means leveraging first-line defenses such as firewalls, malware detection tools and runtime application self-protection (RASP) solutions. Building out breadth to remediate and recover from attacks tied to expanding 5G networks, emerging industrial internet of things (IIoT) devices and the evolving security risks of remote work collaboration tools, however, requires thinking big.

Here, the focus is on designing security strategy that doesn’t just build up the infosec funnel, but also builds out along new lines of work. Front-line solutions such as virtual private networks (VPNs) can help mitigate obvious threats, but the broader goal is to generate policies and procedures that loop in all users and devices.

For example, remote workers need training on how to recognize potential phishing attacks or malware infections, and it’s worth creating a dedicated channel for them to report issues and get help from IT teams. While this might mean leveraging a third-party provider to help manage cyber resilience at scale, it’s worth the effort to build the biggest web possible.

3. Stick the Landing

As the “2019 Cost of a Data Breach Report” notes, it takes enterprises almost 200 days on average to detect a breach — and another 69 days to contain it. Although these timelines are going down as security technologies improve, there is another problem: attacks that escape unseen.

For web-building businesses, the goal here is “stickiness” — ensuring that identification and detection tools are sensitive and speedy enough to detect threats at a distance. Accomplishing this goal means recognizing fundamental shifts in collaborative and operational frameworks.

Venture Beat notes that “human layer” attacks are on the rise now that video conferencing and on-demand collaboration are essential functions. Traditional security tools can’t stick the landing here, since they’re built to detect predictable patterns and find potential faults. Instead, organizations need to lean on the emerging asset of artificial intelligence (AI) solutions able to account for human behavior and quickly raise red flags.

4. Mind the Gap

Response forms the backbone of any effective cyber resilience strategy. Organizations need ordered, well-orchestrated response plans to get back on their feet and back to business as usual after a cyberattack.

When it comes to webs, however, it’s critical to mind the gap and adjust key openings as necessary. IT teams already suffer from alert fatigue — the result of an overabundance of reports and alerts from security solutions. Expanding security strategy across the breadth of on-demand technologies tends to come with massive alert increases, which can make it virtually impossible for staff to keep pace, let alone get ahead.

In this case, it’s about defining a threshold and then expanding — or contracting — web gaps to match infosec expectations. Your best bet is combining automation with incident analysis. Automated tools allow organizations to tighten up their web with security solutions capable of responding and remediating specific threat categories without human assistance. Staff can then define alert triggers for more worrisome threats, such as odd access requests or large file transfers, and address them ASAP.

5. Test the Tensile Strength

Recovery is the final step in the cyber resilience life cycle, and it encompasses tools and techniques needed to evaluate response, ensure remediation and allow companies to resume essential operations. For our web-based defense design, recovery means testing the tensile strength by making sure that polices and procedures are working as intended.

In practice, this means regularly developing and evaluating security polices to ensure they reflect current trends. Employee education is the first step. All staff need training in secure IT use, no matter when, where or how they connect. Next is testing. This should include third-party assessments and pen tests as well as simulated in-house phishing campaigns to evaluate staff readiness. Simply put: It’s better to break the web yourself, build a better one and try again than to have a hacker break it for you.

6. Get a Leg Up

Cyber resilience web strategies also offer the opportunity to go beyond typical life cycle limits by proactively engaging with potential threats. That’s because the broad nature of web security strategy affords access to massive infosec datasets across multiple threat channels. By combining advanced threat identification with next-generation analysis, organizations can both defend against current attacks and predict potential vectors to secure corporate networks at scale.

Resilience is required to get a business back on track. Funnels form the foundation, but increasing work diversification and IT democratization demands web-based designs that support rapid remediation and recovery.

More from Risk Management

2024 roundup: Top data breach stories and industry trends

3 min read - With 2025 on the horizon, it’s important to reflect on the developments and various setbacks that happened in cybersecurity this past year. While there have been many improvements in security technologies and growing awareness of emerging cybersecurity threats, 2024 was also a hard reminder that the ongoing fight against cyber criminals is far from over.We've summarized this past year's top five data breach stories and industry trends, with key takeaways from each that organizations should note going into the following…

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

How TikTok is reframing cybersecurity efforts

4 min read - You might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity through its channels and programs. To highlight its efforts, TikTok celebrated Cybersecurity Month by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.Global Bug Bounty program with HackerOneDuring Cybersecurity Month, the social media…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today