A 2017 data breach at Equifax left around 147 million consumers and their personal data compromised. An application vulnerability on an Equifax website meant the attackers could access social security numbers, driver’s license numbers, birth dates, and addresses. In addition, 209,000 of the credit bureau’s customers also had their credit card information exposed.
Equifax’s poor handling of the incident is oft-cited as what not to do an example of coping with a data breach. And the company is not alone. This is just one example of a large enterprise falling victim to a cyberattack and either messing up incident reporting procedures or being ground to a halt over basic failures — Maersk and Uber spring to mind here.
Small companies are not immune either, hackers rightly assume smaller businesses have poor cybersecurity, and therefore, are easy targets. In fact, according to Forbes, companies with 50 employees or less may be targeted more frequently.
Major breaches such as the above, and the increased threat level wrought by 2020’s ongoing pandemic, showcase an alarming trend, and highlight the need for a more dynamic and comprehensive approach to cybersecurity.
Enter cyber resilience, a concept that is slowly overtaking traditional cybersecurity as the preferred security strategy for enterprises both large and small.
But what is the difference and how are general resilience and cybersecurity linked?
Here we detail what you need to know about both, how the two are related, and what companies can do to build a robust resilience strategy.
Cybersecurity and Cyber Resilience: Definitions, Differences, and Commonalities
What is cybersecurity?
Cybersecurity is a set of practices and/or protocols that work in tandem to protect data, devices, systems, and networks from malicious activity or exposure.
You can think of cybersecurity as a proactive strategy that individuals and organizations worldwide all use to remain secure. It involves the use of dedicated tools, such as VPNs and antiviruses, and standards, such as logging out of accounts and limiting access to certain data.
What is cyber resilience?
Cyber resilience is different in that it involves all the defense strategies we see in cybersecurity, but extends to encompass an enterprise’s overall resilience to attacks. You can think of cyber resilience as an amalgam of cybersecurity and solid business practices.
When we talk about cyber resilience, we are referring to an enterprise’s overall ability to prepare for, respond to, and recover from a cyber attack.
As you can imagine, cybersecurity plays an important part in cyber resilience, particularly at the preparation stage, but it cannot equip an organization with the strategies it needs to mitigate the effects of an attack and recover strongly.
After all, an attack doesn’t end when the hackers have taken the information or ransom they sought — the attack has to be reported to certain bodies, regulatory fines must be paid, and companies have to engage in some serious reputation management.
According to CNBC, the average attack costs a business around US$200,000, a sum that is devastating to most smaller companies. To that end, a strong cyber resilience strategy that helps an enterprise handle an attack, and the related fallouts, is essential.
What Risks do Companies Face?
The news is full of tales of companies falling victim to ransomware, but this kind of malware isn’t the only threat. Below are the three most pressing concerns any company needs to know about:
Malware, including ransomware, represents the biggest threat to companies across all industries, according to many security researchers. Malware means “malicious software” and it includes any program that’s built to inflict damage to data, devices, or systems.
Phishing is a type of social engineering attack. Here, cybercriminals play upon human vulnerabilities to trick people into opening a malicious link or a fake website. Successful phishing attacks can lead to private data, passwords, and even financial information being compromised.
Distributed denial of service attacks (DDoS)
A DDoS attack is planned in advance and highly orchestrated. In this threat type, attackers use a large network of infected devices to disrupt normal traffic to a company’s sites.
Cybersecurity Strategies That Should be in All Cyber Resilience Programs
Because cybersecurity is so crucial to any cyber resilience program, below are some key cybersecurity steps any company needs to address.
Cybersecurity software and tools
Companies need to have the following, at a minimum:
- Encryption tools, like VPNs
- Use anti-malware and antivirus
- Enterprise-level firewalls
- DNS and internet protection
- Email scanners
- Vulnerability testing programs
Solid cybersecurity basics
Despite consistent warnings from experts, many enterprises fail to follow basic cybersecurity standards, such as long, complex passwords, limiting which staff can see what information, and multi-factor authentication methods. Getting back to digital hygiene basics is essential, it also helps to build a culture of security.
Create a culture of cybersecurity
One of the best things companies can do is build a culture of cybersecurity from the ground up. Make sure everyone knows that digital security is everyone’s job, not just the IT crew. Instill a sense of responsibility for their own digital practices in staff members, limit the use of personal devices for work purposes, and run regular cybersecurity training programs.
Know more: How IoT is Going to Impact cybersecurity?
Building Cyber Resilience
Forward-thinking businesses know that a cyber attack is more likely to happen than not. These same companies have robust cyber resilience programs in place with detailed plans for both response and recovery. Key questions for any company that is creating a resilience strategy include:
- What company systems are the most vulnerable?
- How can we best protect these systems?
- Are our cybersecurity defenses working well?
- How do we mitigate human error?
- What regulatory bodies need to be informed if an attack occurs?
- What is the maximum timeframe for reporting incidents?
- How will we tell affected clients and business partners?
- How can we minimize immediate damage?
- How can we ensure our continued operation?
Cyber resilience plans need to be detailed and comprehensive. These questions are just a starting point, there are many other factors to consider, particularly to do with reputation management after an incident.
Staying afloat after a cyber attack is a hard thing to do, especially for smaller companies, but going into the battlefield armed with a robust resilience plan in place can make all the difference.