Resilience is as vital as it is difficult to achieve
In a digital world that is increasingly filled with new attack vectors and dangerous cyber criminals, companies need to build resilience to a wide range of risks – something easier said than done.
In a world filled with risk, resilience – which is generally defined as the ability to return to the status quo after a disturbing event – is essential. Since the digital world opens up a whole host of potential new and dangerous risks, it is unsurprising to learn that resilience is one of the biggest concerns for businesses in the 21 century.
One of the areas where resilience is a key focus for businesses is in their ability to bounce back from a cyber attack, such as an instance where malware or a virus is introduced, or worse still, ransomware infiltrates and blocks their digital systems.
Brian Tarr, Chief Product and Solutions Officer at Nexio SA, suggests ransomware is one of the major issues enterprises today find themselves grappling with. Obviously, there are many dangers inherent in ransomware, among which are fears of a loss of service, not to mention data, alongside the additional threat of reputational damage.
“In my opinion, companies should look to establish an ‘incident response team’ that includes key members of any and all departments that may play a role in such a response – such as security, customer service and public relations, to name a few. Many organisations don’t do this, for fear of such an approach being viewed by customers as accepting the fact that you will be attacked. However, how you prepare beforehand and how you respond afterwards are absolutely critical,” he says.
“For me, the key to resilience in this respect lies in understanding your adversary upfront, as this enables you to identify which of your workloads may be vulnerable, how the criminals are likely to attack, and how you can best prepare your workforce. The latter entails ensuring that they understand how to identify anything that looks suspicious, what to do about it thereafter, and the type of attachments they should never open. This should also be governed by relevant policies that can help mitigate any bad behaviour.”
Tarr adds that many businesses have had their existing resilience plans tremendously shaken up by the recent coronavirus lockdown. With significantly more people working from home, this has further changed enterprises’ approach to resilience and security. After all, it is accepted that generally, people are more lax in respect of security at home, increasing the chances of employees unintentionally opening a bad link.
“In dealing with the threat of ransomware, CIOs have also realised the importance of effective disaster recovery (DR), which forms a critical aspect of a proper resilience plan. DR is, after all, key to enabling the business, at the very least, to restore everything up to a point just before the attack took place.
“Of course, while DR can mitigate the danger of ransomware, it alone cannot provide the resilience large companies demand. The only way to fight this kind of threat is through a multilayered approach that encompasses not only DR, but also network and endpoint security, as well as ongoing education of employees. Ultimately, you need a mix of security, backup, continuity and education to create a truly resilient strategy. Over and above putting in protection measures, companies must also have detection enabled, with 24x7x365 security incident and event monitoring to ensure timeous response.”
It is this need for a complex mix of things that means the best option for an enterprise is to partner with a systems integrator that can bring a range of different competencies and capabilities to the table, and provide an end-to-end solution, he points out.
“Remember, too, that the right partner can also assist with a digital transformation strategy, which will further help with issues of visibility, automation and proactive security. The right partner will also be able to assist with the dangers inherent in working from home.
"With increased security risks and new endpoints, it means there are a multitude of attack vectors alongside myriad new services, technologies and solutions. Developing true resilience to all of this requires commitment, attention to detail and a willingness to partner with the kind of experts that have the experience to help you navigate the complexities of this new landscape,” he concludes.