The Case for Cyber Resiliency in IT Security
Join the DZone community and get the full member experience.Join For Free
The news surrounding security breaches can be sobering but they’re stories every business owner needs to hear. The headlines involve Target, Home Depot, eBay, and many other large corporations, each suffering big losses to both their finances and their reputation. The attacks are real and they’re only increasing each year. The sad part is that though strides have been made in security, breaches are not only possible, they’re likely, and many executives aren’t recognizing it. In a recent survey, more than 80% of corporate executives said they were confident in their cyber security programs. But no amount of confidence can prevent all attacks. This fact has begun to set in among companies all over the world, which is prompting a noticeable shift in strategy and policy. Instead of focusing on preventative measures, companies are now looking to build greater cyber resiliency.
Hackers have a number of advantages when it comes to getting around existing security measures. They control the timing of their attacks, choosing when and in what way they can infiltrate a business’s system. They’re also very innovative in creating new ways to steal data or cause damage. Hackers also work hard to understand their targets, knowing what the weaknesses and strengths are and planning accordingly. This is shown by the fact that more than three-fourths of all attacks are directed at a specific company. In other words, hackers have a clear target in mind and know how to bypass the target’s established defenses. With these advantages at hand, it’s easy to see how difficult it is for companies to prevent every single attack. In fact, it’s virtually impossible, which is where cyber resiliency comes in.
The idea behind cyber resiliency is to improve internal security systems and procedures to a point where a company can bounce back from an attack quickly. One of the main goals is to decrease the amount of time spent between detecting a threat and resolving the problem. In some cases, the time from detection until an actual resolution can be weeks or even months. Many larger companies have struggled to right the ship after an attack, showing an alarming lack of preparation. Cyber resiliency means actively seeking out intruders within the system, then immediately reporting and eliminating them. These actions should be coupled by efforts to repair the system. All of this takes a large degree of coordinated effort to achieve simultaneously, preparation that needs to be worked into the existing network.
Most of this can be achieved through a Cyber Resiliency Program (CRP). Within a CRP, a business should accurately define the risks that security threats pose and determine what are the most essential systems they would need in case of an attack. A CRP should also develop a security policy that not only improves computer security but sets strict controls over ways to minimize threats to a business’s key assets. Companies that use a Cyber Resiliency Program should also detail a specific way to recover from an attack. The recovery plan needs to specifically address every individual issue spanning the entire company and how the organization can return to full operation as quickly as possible. This plan should also be tested regularly, providing everyone within the organization the practice to carry out every element of the plan with precision and efficiency.
These new efforts don’t mean that businesses should stop focusing on preventative measures. The likes of anti-virus software, data encryption, two-factor authentication, and other measures can still be quite useful for preventing damaging attacks. Even though intruders will still get through, the vast majority of them can be turned away, leaving the system free to handle the rest of the threats that have infiltrated. That also means a shift in business model will be expected, with different perspectives adopted more focused on resiliency, while also integrating a budget that reflects these new priorities.
Cyber security can be a difficult task to tackle since the issue is so complicated, with many different facets to account for. It can also be disheartening knowing preventative efforts won’t be successful 100 percent of the time. That’s why cyber resiliency can prove to be so valuable to a company. Attacks will happen, and it’s up to each company to show their resilience to overcome the attacks, plan for the future, and recover as quickly as possible, emerging stronger than they were before.
Opinions expressed by DZone contributors are their own.