Contact Us
    Security

    The Underrated Elements of Cyber Resiliency

    March 6, 2023

    How Cybersecurity is More than Protecting Against Bad Actors and Why It Matters


    Resiliency in a business context is often closely associated with continuity. If something happens, or if there is an outage, businesses depend on the principles of failover and redundancy to keep systems up or get them running again quickly. But the equation changes when you shift the conversation to cyber resiliency. It encompasses recovery and, more importantly, the ability to repel and prevent attacks in real-time and establish flexible, responsive, and proactive operations.

    Over three-quarters of corporations cite security and data breaches as the top cause of server, operating system, application, and network downtime.1 Your system architecture, while important, is only part of the cyber resiliency solution. Having a strategy that includes both your architecture and people is vital as well.

    Not Just Cybersecurity

    Cyber resiliency is a strategic approach that encompasses your system architecture, physical structures, and people. Cybersecurity is only part of the equation. Many people understand cybersecurity as it relates to breaches caused by hacks, configuration mistakes, or internal threats. Failure to secure or protect data and privacy after the fact is often where the focus settles. Instead, a resiliency-centric approach would include a proactive action plan to mitigate the damage caused by losing system access due to a cyberattack, for example.

    With the recent shift to a more decentralized work environment, the need for a renewed focus on people-centric security measures has heightened. More often than not, resiliency (and cybersecurity) is really about people.

    Three Kinds of People

    three professionals chatting

    In the world of cybersecurity, there are three kinds of people:

    • Good actors who do good things
    • Good actors who make mistakes
    • Bad actors who have malicious intent

    We've all heard the story about that one good employee who made an honest mistake—like the bank employee who synced web browsers and unknowingly opened access to important bank passwords to bad actors. In this story, the employee was working from home on a work laptop connected to the home network. At some point, Google sent a notification about a new feature that synchronizes web browsers across multiple devices. Sounds nice, right? The employee proceeded but failed to realize that by syncing browsers, all personal passwords were now stored on the work browser. And more crucially, all work passwords were now stored on the personal browser.

    "... human error is a major contributor to 95% of breaches.

    When the bad guys broke into the employee's home network and accessed the personal browser, they discovered a treasure trove of bank information. The hackers used this access to break into the financial institution. Thankfully, architecture helps protect against malicious actors, but what about simple mistakes by good people? (See above bank employee).

    The truth is that engineers build safety nets within systems because of potential human error or attacks—not just for hardware failure. Human error is a major contributor to 95% of breaches.2 Unintentional errors happen, and understanding how to address mistakes is essential to cyber resiliency and security.

    two database professionals working at a data center
    A successful cyber resiliency strategy incorporates humans and technology.

    Building Cyber Resiliency

    A successful cyber resiliency strategy incorporates humans and technology. Here are a few examples of how to prevent unintentional errors.

    1. Privileged Access

      Limiting access helps establish and maintain control over an employee's access to systems or data that needs to remain secure. Giving selective access to restricted areas of IT systems that are off-limits to a standard user to one way privileged access protects organizations.

    2. Multi-factor Authentication (MFA)

      Multi-factor authentication requires users to provide at least two forms of identification to access resources and data. Employing another factor significantly increases the difficulty for hackers to gain unauthorized access. An example of MFA is when you are prompted to enter a one-time code sent to your mobile phone to log into your bank account. And it's not limited to consumers. Many enterprises require MFA for employees too.

    3. Continuous Monitoring
      Continuous monitoring involves logging employee and system activity and raising alerts if there are any anomalies or suspicious activity. For example, employees logging in from unusual locations or devices or at atypical times may signal compromised credentials. Continuous monitoring helps with prevention and quick action should a security breach occur.
      Male developer in glasses working on code on three monitors

    Cyber Resiliency and Business

    Cyber resiliency is vital for every aspect of business and is much more than add-on security bells and whistles. It is strategy-worthy and critical for preventing significant operations, services, and reputation setbacks.

    A successful cyber resiliency strategy focuses on cybersecurity, architecture, and people. Considering all three angles achieves flexible, responsive, and proactive operations to ensure business continuity, even when facing something as seemingly simple as syncing browsers.


    If you'd like to discuss cyber resiliency strategy, please get in touch with me directly at Ravi.Patil@broadcom.com.

    Citations:
    1. The Global Risks Report 2022 - World Economic Forum. https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2022.pdf. Published 2022. Accessed September 27, 2022.
    Tag(s): Security, Mainframe