What is Cyber Resilience? (Part 2 of a 3 Part Series)

To recap the first blog post in our What is Cyber Resilience blog article series, you have four concepts.

   Know that you will be compromised
Have the mindset that it can happen.  Use that mindset to drive company culture for various aspects for your program (ex, vulnerability management, least privilege, micro segmentation).

 Adapt technologies that give you modern capabilities

Technologies that will allow you to perform advanced capabilities around analytics, orchestration, and automation give you greater capabilities.

    Cyber Hygiene

By maintaining best practices with security controls, patching vulnerabilities, maintaining a secure architecture, attacks will have hard time getting in.

   How fast can you kick them out when they get in

By making sure you have effective people, processes and technologies for your cyber incident response, you can mitigate the when the attackers get in.

In our experience, each concept is very valuable to explore as all four are very relevant to measure your “cyber resilience.”

Let’s take a deeper dive in these concepts.

Mindset

Many vendors agree that “Cyber Resilience” involves the mindset of assuming eventual compromise and the failure of some security layers. Accepting this mindset allows organizations to prepare for resilience and maintain operations despite security control failures. We’ve observed that clients with this mindset succeed, while others struggle to adopt it.

Here are characteristics of both situations from our experience:

The “Right” Mindset”

  Does of good job of mentoring the board that the organization is never 100% risk-free and there are no “silver bullet” solutions you can purchase for cybersecurity

  Speaks in “what ifs” for attacks and prepare for those scenarios

  Stays vigilant in preparing for less frequent situations such as lateral movement, supply chain compromise, insider threats.

  Reads up on the threat landscape and understand how shifts in attacks affect their organization.


The “Wrong” Mindset

  Gives the board the feeling that they are “pretty safe” with what they have

  Uses “that is unlikely to happen” as reasons to not prepare for certain types of compromise

  Only prepares / focuses for common attacks such as credential compromise, phishing attacks, and endpoint infections.

  Knows the threats they’ve seen / detected that the organization has faced and lack the cycles or focus to assess the threat landscape.

  The core difference between mindsets typically stems from whether the organization has a culture that assumes compromises will occur and prioritizes preparation for those situations.

Watch our Strengthening Cyber Resilience: A Proactive Approach webinar on demand here.

Technology and Cyber Resilience

The use of new and emerging technologies to combat cyber threats is one of the most misunderstood aspects of today’s cybersecurity operations.

Technologies in Scope

When we refer to “use of new and emerging technologies” in cybersecurity, the following are some of the most common technologies that could be considered:

  • EDR (Endpoint Detection & Response)
  • XDR (eXtended Detection & Response)
  • SOAR (Security Orchestration , Automation, and Response)
  • Hyperautomation
  • SIEM (Security information and event management)
  • Data Lake
  • Machine Learning / Artificial Intelligence Detection
  • Threat Intelligence Platforms
  • Zero Trust Security Platforms
  • UEBA (User Entity Behavior Analytics)
  • BAS (Breach and Attack Simulation)

Failure to Adapt

The technologies listed above offer solutions to combat modern threats. However, smaller organizations often do not attempt to deploy these technologies, while larger organizations may try but face failed implementations. Here are common reasons for these challenges:

  Lack of Budget

  Misleading Level of Effort from Vendor Pre-sales

  Lack of Expertise

 Lack of Confidence

 Lack of Understanding

Other reasons exist, but the five above are the most common.

Keep an eye out for the our final blog post which will discuss Cyber Hygiene and Response.

Click here to read Part 1

Ready to learn more?  Request a demo here

Read how we empower cyber resilience with our Proactive Protection Bundle

 

Bryan Borra, Vice President, Product and Content Management, Proficio

Bryan is responsible for leading Proficio’s product roadmap and managing our Threat Detection Engineers. He specializes in SIEM content engineering, network intrusion analysis, operational use case development, and threat intelligence.

Recent Blog Posts

Stay Ahead of Evolving Threats

Sign up for our free newsletter and receive invaluable threat notifications from our Threat Intelligence team.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.

REQUEST A DEMO

Experience Tomorrow’s
Security Today

Request a Demo and Experience Proficio's
Innovative Solutions in Action.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.