3 Tips To Build A Cyber Resilience Roadmap

Why Organizations Need to Quantify IT and Cyber Risk

The path to achieving cyber resilience starts with identifying, prioritizing, and responding to the risks faced by an organization, both internal and external risks. Quantification of risks plays a critical role when it comes to prioritization of risks. Quantification of risks, however, is not a new concept. For example, financial services organizations quantify the credit risks from their customers who hold credit cards, banks quantify the risks of bad loans, and so on. But when it comes to cybersecurity, there are only a few organizations that practice Cyber Risk Quantification properly. As per Deloitte’s 2019 Future of Cyber Survey, half of the participating C-suite executives responded that they use risk quantitative tools while the other half still depend largely on the traditional approach—the experience of their cybersecurity experts or maturity assessments.

Cyber Resilience Best Practices

To achieve cyber resilience, it’s important to strike the right balance between people, processes, and technology. A common mistake made by organizations is becoming over-dependence on tools and technology while ignoring the importance of well-informed and skilled people and well-designed processes for cyber resilience. What organizations should strive for is bringing all three components of cyber resilience together in a complementary and streamlined manner.
 

People

People are considered to be the weakest link in the cybersecurity chain and are usually targeted by bad actors. Needless to say, ensuring cybersecurity is everyone’s responsibility and it is important that every employee is aware of their roles, responsibilities, and accountability.

To make the workforce cyber resilient, here are some key measures that organizations can undertake:

• Providing relevant cybersecurity training to employees depending on their roles.
   
• Ensuring that the cyber resilience program is supported by the top management and leadership who undertake periodic review of cyber resilience initiatives and monitor the readiness to face a cybersecurity attack or data breach.
   
• Educating board members so that they aware of basic cybersecurity terms relevant to their business and industry cybersecurity trends.
   
• Establishing specialist functional groups within the organization to monitor and address risks in real-time
   

Processes

Having the right governance and strong processes in place is crucial for achieving cyber resilience. Speaking of governance, some of the best practices include

• Maintaining regulatory compliance.
   
• Validating that proper controls are in place and operating effectively on data.
   
• Having a responsive, agile adjustment of policies, processes, and technologies.
   
• Monitoring the preparedness to face cyber breaches using strategies such as scenario-based prediction, war-gaming, and proactive reporting.
   
• Devising an effective communication plan, documenting when and how to notify key stakeholders.
   
• Ensuring alignment with the organization’s overall governance framework

With regards to processes, organizations can put into practice a number of key measures for cyber resilience, including

• Creating a comprehensive documentation process for collaboration and information sharing within the organization as well as externally with third-party organizations.
   
• Implementing a centralized asset management system for software, hardware, and data, both internal and external, for full visibility into critical assets and security controls.
   
• Using continuous monitoring systems, such as Security Information and Event Management (SIEM), and data analytics for identifying and detecting security incidents.
   
• Deploying various controls to prevent cybersecurity incidents such as application control, patch applications, multi-factor authentication, restricting administrative privileges.
   

Technology

Technology is the biggest enabler to fight against cyber criminals and is the most trusted and important pillar to achieve cyber resilience. Key focus areas for organizations in this regard include:

• Achieving a balanced technology portfolio i.e. in terms of investments in tools and technologies, more investment should be directed towards response and recover capabilities.
   
• Ensuring that the technologies being used are securely updated based on industry standards as older systems and technologies grow increasingly vulnerable.
   
• Adopting a more mature and advanced approach to protect assets—using automation and orchestration technologies as a part of response and recovery capabilities.
   
• Creating an air-gapped copy of critical assets, ensuring robust protection against the corruption or deletion of data by using write once, read many/immutable storage technology.
   
• Leveraging point-in-time technology to identify potential breach or infections and devise corrective measures, and using advanced technologies like deception to deceive attackers.