Risk Management May 12, 2020
By Douglas Bonderud 4 min read

Cyber resilience emerged as a response to the evolving need for information security. Organizations recognized that attacks were a question of when, not if, and adapted security strategy to include orchestrated response and recovery frameworks that could identify critical assets, protect key data, detect potential issues, respond to immediate threats and jump-start recovery to get businesses back on track.

As a result, enterprises went to work on building resilience “funnels” — strategies that aggregate and address issues along the traditional corporate IT stack, from local servers to third-party providers and hybrid cloud services. The advent of democratized technologies and delocalized work, however, has created a new attack avenue. Instead of funneling down into common cyber resilience capture points, many attackers take a sideways approach that targets remote users, lateral services or public connections.

To solve for emerging attack vectors, organizations need a new defensive design: the cyber resilience web. Not sure where to start? Let’s break down six critical components of this security string theory.

1. Start With Support

The first pillar of any cyber resilience framework is identification: locating key business applications and any associated risks. In the context of a cybersecurity web, this expands to include identifying key supports, specifically from the C-suite.

Why? Because effective webs need firm foundations to deliver consistent results over time. Broad security strategy that lacks boardroom budgets and boosters won’t hold for long. As a recent IDC white paper notes, the scope of support also matters. Along with C-suite champions, organizations need stakeholder buy-in from data owners, IT teams and frontline employees.

Ultimately, webs must cast a wide net to encompass the new realities of enterprise IT efforts. Identifying and cultivating key supports is essential to delivering security strength at scale.

2. Build Big

Protection comes next. In the context of depth-based cyber resilience, this means leveraging first-line defenses such as firewalls, malware detection tools and runtime application self-protection (RASP) solutions. Building out breadth to remediate and recover from attacks tied to expanding 5G networks, emerging industrial internet of things (IIoT) devices and the evolving security risks of remote work collaboration tools, however, requires thinking big.

Here, the focus is on designing security strategy that doesn’t just build up the infosec funnel, but also builds out along new lines of work. Front-line solutions such as virtual private networks (VPNs) can help mitigate obvious threats, but the broader goal is to generate policies and procedures that loop in all users and devices.

For example, remote workers need training on how to recognize potential phishing attacks or malware infections, and it’s worth creating a dedicated channel for them to report issues and get help from IT teams. While this might mean leveraging a third-party provider to help manage cyber resilience at scale, it’s worth the effort to build the biggest web possible.

3. Stick the Landing

As the “2019 Cost of a Data Breach Report” notes, it takes enterprises almost 200 days on average to detect a breach — and another 69 days to contain it. Although these timelines are going down as security technologies improve, there is another problem: attacks that escape unseen.

For web-building businesses, the goal here is “stickiness” — ensuring that identification and detection tools are sensitive and speedy enough to detect threats at a distance. Accomplishing this goal means recognizing fundamental shifts in collaborative and operational frameworks.

Venture Beat notes that “human layer” attacks are on the rise now that video conferencing and on-demand collaboration are essential functions. Traditional security tools can’t stick the landing here, since they’re built to detect predictable patterns and find potential faults. Instead, organizations need to lean on the emerging asset of artificial intelligence (AI) solutions able to account for human behavior and quickly raise red flags.

4. Mind the Gap

Response forms the backbone of any effective cyber resilience strategy. Organizations need ordered, well-orchestrated response plans to get back on their feet and back to business as usual after a cyberattack.

When it comes to webs, however, it’s critical to mind the gap and adjust key openings as necessary. IT teams already suffer from alert fatigue — the result of an overabundance of reports and alerts from security solutions. Expanding security strategy across the breadth of on-demand technologies tends to come with massive alert increases, which can make it virtually impossible for staff to keep pace, let alone get ahead.

In this case, it’s about defining a threshold and then expanding — or contracting — web gaps to match infosec expectations. Your best bet is combining automation with incident analysis. Automated tools allow organizations to tighten up their web with security solutions capable of responding and remediating specific threat categories without human assistance. Staff can then define alert triggers for more worrisome threats, such as odd access requests or large file transfers, and address them ASAP.

5. Test the Tensile Strength

Recovery is the final step in the cyber resilience life cycle, and it encompasses tools and techniques needed to evaluate response, ensure remediation and allow companies to resume essential operations. For our web-based defense design, recovery means testing the tensile strength by making sure that polices and procedures are working as intended.

In practice, this means regularly developing and evaluating security polices to ensure they reflect current trends. Employee education is the first step. All staff need training in secure IT use, no matter when, where or how they connect. Next is testing. This should include third-party assessments and pen tests as well as simulated in-house phishing campaigns to evaluate staff readiness. Simply put: It’s better to break the web yourself, build a better one and try again than to have a hacker break it for you.

6. Get a Leg Up

Cyber resilience web strategies also offer the opportunity to go beyond typical life cycle limits by proactively engaging with potential threats. That’s because the broad nature of web security strategy affords access to massive infosec datasets across multiple threat channels. By combining advanced threat identification with next-generation analysis, organizations can both defend against current attacks and predict potential vectors to secure corporate networks at scale.

Resilience is required to get a business back on track. Funnels form the foundation, but increasing work diversification and IT democratization demands web-based designs that support rapid remediation and recovery.

 |  |  |  |  |  |  |  |  |  |  |  |  | 
Douglas Bonderud
Freelance Writer

More from Risk Management
September 26, 2023

The Growing Risks of Shadow IT and SaaS Sprawl

4 min read - In today's fast-paced digital landscape, there is no shortage of apps and Software-as-a-Service (SaaS) solutions tailored to meet the diverse needs of businesses across different industries. This incredible array of options has revolutionized how we work, providing cost-effective and user-friendly tools that streamline tasks and boost productivity. However, this ever-expanding application ecosystem comes with its challenges: namely, shadow IT and SaaS sprawl. According to a recent study by Entrust, 77% of IT professionals are concerned about shadow IT becoming a…

September 25, 2023

Are you ready to build your organization’s digital trust?

4 min read - As organizations continue their digital transformation journey, they need to be able to trust that their digital assets are secure. That’s not easy in today’s environment, as the numbers and sophistication of cyberattacks increase and organizations face challenges from remote work and insider behavior. Digital trust can make your organization’s digital transformation stronger. A lack of digital trust can do irreparable harm. However, according to ISACA’s State of Digital Trust 2023 report, too many organizations struggle to define and implement…

September 21, 2023

Most organizations want security vendor consolidation

4 min read - Cybersecurity is complicated, to say the least. Maintaining a strong security posture goes far beyond knowing about attack groups and their devious TTPs. Merely understanding, coordinating and unifying security tools can be challenging. We quickly passed through the “not if, but when” stage of cyberattacks. Now, it’s commonplace for companies to have experienced multiple breaches. Today, cybersecurity has taken a seat in core business strategy discussions as the risks and costs have risen dramatically. For this reason, 75% of organizations…

September 20, 2023

How IBM secures the U.S. Open

2 min read - More than 15 million tennis fans around the world visited the US Open app and website this year, checking scores, poring over statistics and watching highlights from hundreds of matches over the two weeks of the tournament. To help develop this world-class digital experience, IBM Consulting worked closely with the USTA, developing powerful generative AI models that transform tennis data into insights and original content. Using IBM watsonx, a next-generation AI and data platform, the team built and managed the entire…

© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature