Security / Compliance

National Cyber Security Month 2019 week 2 - Building Cyber Resilience

By Cory Dzbinski / Oct 03, 2019

36515569 Security Thread Protection

National Cyber Security Awareness Month

Welcome to our second week of National Cyber Security month (NCSAM). This week we'll talk about Cyber Resilience and what it means.

In details gathered from a 2019 Vanson Bourne survey, only 46% of organizations have a cyber resilience strategy in place. Meanwhile, 29% are in the process of rolling one out, and 22% are currently planning or have a longer timeline for launching their cyber resilience plan. It’s positive to see that the number of organizations with a cyber resilience strategy, is up from 27% last year, yet it’s also clear that most organizations still have plenty of work ahead in this area.

Out of the organizations that do have a cyber resilience plan in place (or are working toward implementing one in 2020), on average there are six different major areas of focus. These key areas include email security (74%), network security (73%), web security (71%), data backup and recovery (66%), internal email protection (64%) and endpoint protection (61%).

Learning From Leaders

When it comes to taking action ahead of an attack, most mature organizations share a few common characteristics. For starters, they appear to be more aware and more prepared in general, focusing on a combination of prevention and detection. Just over 10% of highly-mature organizations noted that it is inevitable their organization will suffer a negative business impact resulting from an email-borne attack in 2019. What’s more, 65% recognize that upon suffering an email-based attack, it’s critical that their organization maintains email uptime during the episode.

Cyber resilience leaders from highly-mature organizations also offer a greater selection of training methods, rather than a one-size-fits-all approach. Not only that, but they also conduct their email security awareness training on a more frequent basis than their less mature counterparts.

Elements of a Cyber Resilience Plan

The four dimensions of cyber resilience include:
1. Threat protection
2. Adaptability
3. Durability
4. Recoverability

Threat protection is the key to prevention. This is where the focus falls on stopping bad things from happening. Think of this dimension as the defense strategy.

After that comes adaptability which, at a high-level, means that the plan can’t be static. Attackers adapt constantly in their techniques and your plan needs to do the same in terms of techniques, technologies and people.

Once those are rock-solid, you need to make sure that durability is covered as well. These are the details that matter during an attack when everything is going haywire and there is still a business to run. Durability means having a continuity plan that allows organizations to keep running without a hitch.

Finally, a plan must account for recoverability, allowing a business to return to a good state within a quick timeline (whatever that particular window might look like for the business). For some industries, this means losing no time at all, because entire systems, and even lives, depend on their services. A national average of two to three days of downtime for ransomware incidents is simply not acceptable for many organizations. Think minutes versus days.


Achieving Cyber Resilience

It is clear that becoming a cyber resilience leader begins with teamwork. Security leaders within the organization should work toward raising everyone’s awareness and understanding of email security policies and best practices.

As evidence shows, frequent and engaging training is an integral piece of this puzzle, coupled with understanding the importance of integrating effective threat intelligence. When every employee in your organization, regardless of title, understands that they play a key role in security success, things begin to change for the better. These cultural shifts are not only positive reminders that each team member is a vital part of the process, but they’re key to improving an overall security posture.