How prepared is your organization to withstand a major cyber security incident? Do you have systems in place to ensure that your business can continue to perform even if there is a critical incident? If you do, you’re in the majority.
According to a recent Mimecast report, just 44% of companies say they have a cyber resilience strategy in place.
And 76% of companies that don’t have a cyber resilience strategy say that they think a cyber attack is either inevitable, extremely likely or likely.
What is cyber resilience?
Cyber resilience is a term meaning an organization’s preparedness for and ability to respond to and recover from cyber attacks and other cyber security incidents while also being able to maintain business continuity.
The objective of having strong cyber resilience is to be able to maintain the delivery of the business’s goods and services at all times. When an organization has strong cyber resilience it can adapt to any number of threats, challenges and crises.
Why is cyber resilience important?
Building cyber resilience in your organization is important because the traditional measures that have been put in place to protect systems and infrastructure are no longer enough to ensure that business operations can continue if there is an adverse event.
Many CIOs and IT security experts believe that cyber threats have become so sophisticated, that preventative strategies alone are not good enough to offer protection. They believe that eventually there will be unauthorized access to their companies’ systems, and they want to be prepared for this inevitability as best as they can.
When there is an adverse cyber issue, there are numerous ways that it can negatively affect your organization. This can include:
- Extensive downtime
- Loss of data
- Confidentiality and privacy breaches
- Loss of money
- Loss of intellectual property
- Reputational damage.
There are a number of ways these issues can happen, and they are not always malicious. Sometimes they can be the result of issues like human error or software/hardware failure. Therefore it is important that businesses are just as ready to respond and recover from cyber issues as they are to prevent them.
What’s the difference between cyber resilience and cyber security?
Cyber resilience and cyber security can often be confused as being the same thing because they sound very similar. While the two terms are closely related, they are entirely different things.
Cyber security refers to the processes and measures implemented within an organization to protect sensitive data, systems and networks from cyber attacks and cybercriminals. These measures are designed to reduce the risk of malicious attacks and unauthorized access to protected systems.
Cyber resilience, on the other hand, goes beyond cyber security – it involves cyber security, but it also encompasses business resilience.
It encourages businesses to be more agile and adaptive and to think differently about cyber security and helps them to understand the ways that attackers may have an advantage, no matter what cyber security measures are in place so that they can be prepared, respond and recover successfully in the event of a cyber incident. The aim of this is to be able to return business operations to “normal” – that is, the way they were before the attack.
How COVID-19 has exposed a lack of cyber resilience
The COVID-19 pandemic shook up the business landscape all around the world and changed the way most businesses operate. In many organizations, it saw people working remotely in numbers never seen before. This in turn increased a range of IT security risks including using new tools, resources and systems that hadn’t been in use in their companies before. Many employees were accessing company systems on personal devices or over home internet networks that were insecure, exposing sensitive company data to risk.
As IT teams had to respond rapidly and deploy solutions quickly, sometimes there just wasn’t enough time to look at the impacts on cyber resilience, and for many organizations, their cyber resilience regressed during this time.
Cyber threats also rose markedly in this time.
According to a Mimecast report “Securing the Enterprise in the COVID world”, there was a 64% rise in the volume of cyber threats in 2020 compared to 2019.
Email threats, for example, rose by two-thirds during this time.
The Mimecast report reveals that cyber resilience has not kept pace with the new dangers posed by the pandemic. Cybercriminals are increasingly focusing on employees who continue to work remotely, and also the upheaval and chaotic nature of transitioning back to the workplace.
What climate change means for cyber resilience
Climate change is one of the biggest challenges facing the world today, and its impacts are far-reaching. With global warming already a reality and temperatures predicted to continue to rise over the next few decades, companies should be prepared for the flow-on effect that this can have on their cyber resilience.
There are several ways this can happen. Natural disasters caused by climate change, such as forest fires and unpredictable weather events (think hurricanes, flooding, extreme inclement weather), can directly impact companies’ IT infrastructure.
Higher temperatures and droughts can make it difficult to adequately cool data centers, quickly taking systems down. Drought has already shown itself to be problematic for digital systems. A drought in Taiwan over the past two years – the world’s largest producer of semiconductors - has caused major supply chain issues for computer chips which have had an impact on all sorts of digital systems - everything from cars to televisions and computers that require them in the manufacturing process have been affected.
Climate change is also causing pressure on energy systems, with power cuts and other disruptions likely to increase.
Businesses are already likely to be affected by it: a Harvard Business Review study found that 70% of businesses worldwide are having their operations disrupted by abnormal weather patterns.
The biggest threats to cyber resilience in 2022
As we look towards a new year, it’s time to take stock and look at goals and priorities for business – and cyber resilience should be no exception.
Cyber resilience isn’t something you can create and forget about: it is an ever-evolving concept that needs to be able to respond to emerging threats. The next year is likely to see a continuation of many issues that have plagued cyber resilience in companies over the past few years, with new issues emerging.
- The financial burden of cyber attacks
Many businesses are struggling as the pandemic has caused massive disruptions for their industries. Hospitality, tourism, leisure and manufacturing are just some of the industries that have lost revenue either as a result of reduced customers or because of supply chain issues or other impediments to full productivity (COVID outbreaks, social distancing requirements, etc.)
At the best of times, companies aren’t able to sustain a huge financial hit that comes with a cyber attack. And in these precarious times, the added burden of a financial attack may be the proverbial nail in the coffin for many businesses.
According to IBM, the cost of data breaches hit a record high during 2021 – now costing companies an average of $4.24 million per incident.
- Digital transformation
The rapid pace of change as organizations embrace digital technology in their business practices is far from over, even if it has passed its peak since the beginning of the pandemic. While many digital tools can help bring efficiencies to the workplace, they can also pose a risk as another way for data to be breached.
- Failure to modernize technology
Many companies are still using systems and infrastructure that are quickly becoming out of date and obsolete. These can pose a risk to cyber resilience as they are increasingly no longer fit for purpose and run the risk of failing entirely or being exploited by criminals.
According to the IBM report, businesses that have modernized their processes had significantly lower costs associated with data breaches than those who hadn’t.
- Organizations failing to make cyber resilience a priority
Not being committed to cyber resilience of course is one of the biggest threats to cyber resilience. In some organizations, a lack of understanding and commitment to cyber resilience from the boardroom and senior executives down can see complacency, and ultimately this is a critical situation just waiting to happen.
- Ransomware – more prevalent than ever before
Ransomware continues to be a major issue for all types of organizations. When they are affected, it can completely cripple their systems for a very long time, causing chaos. There doesn’t seem to be any end in sight.
According to the Federal Bureau of Investigation, in the first half of 2021 in the United States, there was a 60% increase in the reported number of ransomware incidents and a 20% increase in losses reported, compared with the same period of time in 2020.
Ransomware has become even harder to deal and is continually becoming more sophisticated. New tactics include deleting or encrypting system backups, making it much more difficult for organizations to restore systems if they are affected.
The main benefits of cyber resilience
When you develop and implement cyber resilience strategies within your organization, there are a range of benefits that you will experience. These include:
- Improvements and enhancements to your company’s systems security
- Better data protection
- Preparedness for natural disasters and their impact on systems
- Reduced monetary losses
- Decreased risk of reputational damage
- Decreased risk of breaching regulatory requirements
- Increased compliance with information and privacy protection requirements
- More efficient work processes
- A better workplace experience for employees
- Increased trust and confidence from customers
- A more highly skilled IT team.
The elements you need to build cyber resilience in your organization
There are four main areas that you should focus on when it comes to building cyber resilience in your organization:
1. Management and protection
This element includes having the ability to identify, manage and assess the various risks that are associated with your organization’s information systems. It also includes taking steps to protect information and infrastructure from various risks such as cyber attacks, data breaches, unauthorized access and systems failures.
At this stage you should consider:
- Protection from malware, ransomware and viruses
- Developing appropriate security and information protection policies
- An official information security management program
- Regular training for the security and IT staff
- Awareness training for employees
- Appropriate software update and patching processes
- The use of encryption
- Management of assets
- Security of network and communications
- The physical security of the work environment
- Risks to supply chain management
2. Identification and detection
This part involves having processes in place to continually monitor your network and information systems. This needs to be done in order to detect any potential issues and incidents before they have a chance to be a significant problem.
At this stage, you should consider:
- Your security monitoring systems
- How to actively detect threats
3. Response and recovery
This aspect includes implementing measures that will see you responding to incidents in a way that ensures your business is able to continue to operate, even if your systems have been affected by a significant outage or cyber-attack. These measures should also have a focus on returning the business to normal operations as soon as possible.
At this stage, you should consider:
- Management processes for incident response
- The continuity management of your IT and communications systems
- Business continuity planning
- How to share information and work in a collaborative manner when there is an incident.
4. Governance and assurance
A significant business process like cyber resilience needs to have oversight by senior management and needs to be incorporated into all of your critical business processes. As you build it, it should also begin to closely align with your company’s overall business goals and objectives.
At this stage, you should consider:
- Developing and implementing a risk management program
- Committing to continual improvements
- Developing appropriate governance structures and processes
- Involvement and commitment from the top of the organization down
- Carrying out a formal internal audit.
Tips to become more cyber resilient in 2022
There are some practical steps you can take to ensure your organization can strengthen its cyber resilience into 2022 and beyond.
1. Understand your assets
The business systems your organization uses are most likely highly interconnected. If you have an outage, it could cause problems for multiple systems and processes at the same time. Having a good understanding of how your systems are connected to critical business functions can help you to build appropriate continuity strategies.
2. Understand your supply chain
Supply chain issues have plagued businesses since the beginning of the pandemic. The global supply chain has become incredibly precarious. It’s critical to understand exactly where supplies you rely on are coming from, and what impediments may be in place to continue to access them. If possible it might be appropriate to find alternatives, possibly at a more local level.
3. Best practice cyber hygiene
Make sure you have the basics right. This means patching and upgrading systems, using virus detection software, installing a firewall, only allowing secure computers on your network, educate your employees about common cyber threats such as phishing.
4. Develop comprehensive recovery plans
Perform in-depth analysis to determine exactly how much disruption your business is able to withstand before it can cease to serve customers. Then you should design recovery and backup solutions that will let you get up and running again as quickly as possible after a critical incident.
5. Carry out drills
Disaster scenario planning drills are the best way to test your company’s preparedness without being in an actual disaster. A drill can help you to simulate and rehearse what will happen if there is a critical cyber incident, providing employees with a good understanding of what will be expected of them in a real-life situation while also testing your strengths and weaknesses. You can tailor cyber resilience examples to your unique business environment.
How DeskAlerts can help improve your cyber resilience
DeskAlerts is an internal communications software system that helps you to communicate with employees quickly in a disruptive way that they cannot ignore.
The system uses a range of channels and tools that can be used strategically to target information to the right employees in the right place at the right time.
You can send information to the entire workforce or just to specific groups of users and schedule your communications in advance to make the most of a multi-channel communications approach.
Some of the DeskAlerts features that will help you build cyber resilience include:
- Sending custom screensavers to company computers reminding employees about various IT security issues
- Displaying password hygiene rules on your employees’ login screens
- Sending surveys and quizzes to test employees’ knowledge and understanding of cyber security
- Sending pop-up notifications to employees about emerging cyber security threats they need to be vigilant to
- Quickly informing employees when there is an incident so that risk can be minimized.
Your business relies on its systems infrastructure in order to be productive, competitive and profitable. When systems are compromised, this can all go out the window. Building a culture of cyber resilience will help you to weather any critical incidents and to survive into the future.
What is meant by cyber resilience?
We can define cyber resilience as an organization’s ability to anticipate adverse cyber conditions, and to withstand and recover from them, with minimal impact on business continuity.
How does cyber resilience work?
Cyber resilience involves developing strategies, plans and processes that enable preventative measures to encounter any vulnerabilities to systems and business processes from cyber attacks, human errors or system malfunctions. The ultimate goal of cyber resilience is to protect the company as best as possible while also recognizing that some things cannot be completely secured, regardless of the implemented security measures.
How important is cyber resilience?
Cyber resilience is important for businesses to ensure that they can remain competitive and viable in an increasingly unpredictable landscape. Making the company’s data, IT infrastructure, and critical business processes a top priority will help maintain business continuity in major cyber security or other technology issues.
What is a cyber resilience strategy?
A cyber resilience strategy is one that is based on best practices to build competencies and skills within an organization. This includes incorporating appropriate tools and cyber resilience solutions to build capacity in the IT space in the event of a critical incident.