What does cyber resilience mean?
Some readers may already be familiar with the term “resilience” from the field of psychology. Put simply, it refers to the ability of a person to recover quickly from difficulties. In relation to cyber security, it can be understood as preventive measures that increase a company’s resilience with regard to
-
Insider threats
-
Threats from the network as well as from malware
-
Human error
-
Errors in software and/or hardware
mean. It does not matter whether these incidents happen unintentionally or deliberately.
A study from 2020 shows that the issue of cyber resilience has still not reached the targeted security level worldwide that it should have. In Europe, the targeted level was 2.33 points, but only 0.88 was achieved. America also does not come close to achieving its goal with a difference of 2.37 points from the 3.61 actually targeted to the 1.24 actually achieved. Accordingly, there is still “room for improvement” in terms of cyber resilience to potential threats.
Cyber resilience refers to the ability of companies to withstand attacks on the security of their information and communications technology (ICT). Attackers focus on companies' systems or even customers' data.Source: Bafin
A cyber resilience plan for business
Over 1000 IT managers were surveyed about their security challenges as part of Mimecast’s State of Email Security Report. Four dimensions of cyber resilience were identified:
1. Threat Protection
Threat protection is about the challenge of anticipating possible attacks. This means that the security of the services, software and solutions used must be checked regularly. This is complemented by regular training of employees.
2. Adaptability
Hackers and the like are constantly on the lookout for possible vulnerabilities to circumvent companies’ existing security measures. Therefore, the requirement for companies to be able to react accordingly and maintain all business processes in the event of a cyber attack is important here.
3. Durability
In this phase, a company should still be able to maintain its business processes consistently, despite possible security incidents. In addition to data backups, this also includes alternative ways of maintaining day-to-day business operations in the event of an infected system or attack. After all, the greatest damage in the case of such incidents usually lies in the subsequent financial costs. These can often reach considerable proportions.
4. Recoverability
Be prepared to restore your systems and data to a pre-incident state at any time by backing them up.
In order to be sustainably resilient, IT security specialists must develop and implement a concept for their own cyber resilience. The goal is to reduce and strengthen the attack surface and to establish processes that take effect in the event of a successful attack.
All of these steps are essential for an organization to become more resilient to cyber attacks. But ultimately, the decisive factor in “victory or defeat,” in a figurative sense, is the level of training of the employees.
The most important thing in cyber resilience: More security through user training
As mentioned above, cyber resilience relies on preventive measures that maintain all important business processes in the event of a cyber attack or prevents such attacks in the first place. Therefore, companies have a duty to train their employees to minimize human error or faulty user practices.
Employees need to be regularly trained on cyber threats to increase the company’s cyber resilience. After all, only when users know what types of cyber threats exist can they recognize them and respond appropriately: Inattention, together with ignorance of current attack strategies as well as a lack of know-how, are the crux of the matter.
Thus, the cyber resilience concept is also becoming increasingly resistant to external cyber attacks. It is therefore of immense importance if employees learn from mistakes instead of keeping quiet about them for fear of losing their jobs.
Such cyber security training should basically include how to recognize phishing emails, unusual app and account behavior, and how to respond to actual or potential cyber threats.
However, the risk of a successful cyber attack cannot be completely eliminated. The answer here: A positive error culture. Learning from every mistake, evolving and preventing colleagues from making the same mistake ¬- this is also how the cyber resilience concept ensures more resilience to external cyber attacks. Therefore, it is of immense importance that employees learn from mistakes instead of keeping them quiet for fear of losing their jobs or other possibilities.
Ultimately, a functioning cybersecurity culture is about creating a security-conscious environment that prevents security incidents from occurring by minimizing human error and poor user practices.
Vulnerability management: react preventively and implement cyber security measures
In addition to well-trained employees, up-to-date technologies and IT infrastructures are also crucial components of a company’s good cyber resilience plan. This also includes vulnerability management. A vulnerability management solution continuously scans all systems connected to a network for vulnerabilities. Such a solution uses tens of vulnerability tests based on CVE reports as well as information from the manufacturers to identify possible issues. A solid IT infrastructure with little to no vulnerabilities makes it difficult for hackers to successfully carry out their cyber attacks.
In summary, cyber resilience goes a step further than cyber security. It is not just about preparing systems for cyber threats, but about ensuring that infrastructure, trained employees, corporate culture and processes are optimally integrated to provide the minimum attack surface.
[1] The points awarded, or the scoring, was determined on the basis of various criteria. The scoring is structured as follows:
0-0.99: “Nonexistent.”
1-1.99: “Initial level
2-2.99: “Repeatable”.
3-3.99: “Clearly defined”
4-4.99: “Managed
5-5.99: “Optimized
Categories
- About OTRS Group (21)
- Automation (4)
- Corporate Security (26)
- Customer Service (30)
- Developing a Corporate Culture (12)
- Digital Transformation (56)
- General (93)
- ITSM (40)
- Leadership (21)
- OTRS in Action (8)
- Processes (7)
- Using OTRS (16)