Increasing security resilience in the face of evolving threats

istock 1169668297
iStock

How organisations operate has changed rapidly in recent years, but so have the security threats they face.

Remote working, automation, cloud and edge computing along with supply chain diversification have all become part of this new business landscape. But the security apparatus tasked with protecting it has yet to catch up .

A survey of businesses by Deloitte found a quarter of company employees had seen a rise in fraudulent emails, spam and phishing attempts in their corporate emails since the start of the pandemic. The IMF also specifically identified the growth of remote working as a source of increased cyber security threats to business, with insecure endpoints and weak remote access providing particular vulnerabilities.

Despite these growing threats, another survey found 41% of executives didn’t think their security measures had kept up with digital transformation.

Companies need to take a multifaceted approach to security in the face of this changing world. An approach that looks at the problem broadly across the entire organisation and considers not only how attacks can be stopped – but how they can be dealt with swiftly, if and when they occur.

The evolving threat landscape

Companies face a myriad of potential threats in today’s world. These include ransomware and denial of service attacks, which can cause huge financial losses as well as incur untold operational and reputational damage. Staff working from home being targeted by phishing and whaling scams are a particular weak point for these types of incursions. Meanwhile, diversified supply chains mean companies are using more third party software applications and have access to open-source libraries. Attackers can exploit these to cause major disruption. 

To deal with these threats companies must increase their resilience.

What is resilience?

Resilience is a multifaceted approach to security. Firstly, it includes deploying security defences and trying to anticipate what an attack could look like.

This aspect of resilience is about utilising the right security software, processes and procedures as well as asking ‘where would an attack come from and what would it look like?’. It is about understanding the likely forms and targets of an attack.

The second aspect of resilience is accepting the fact that no defences can be 100% secure. So when attacks do happen, they’re detected quickly and dealt with successfully.

How to strengthen resilience

There are a number of measures an organisation can take to increase resilience. These should be a combination of anticipation, monitoring, closing gaps and continuous learning.

Steps include:

  • Improve visibility of data moving through every part of the organisation so unusual behaviour can be more easily identified.
  • Anticipate threats by harnessing intelligence about new developments across the cyber security landscape.
  • Prioritise defences around the organisation’s most important systems and data assets. Not every threat can be stopped, so priority should be given to stopping attacks against the most vital system.
  • Close gaps by ensuring greater integration of technology across the company’s networks. By ensuring everything is connected, IT teams are better able to close gaps and monitor threats, ensuring there are no weak links in the chain.
  • Learn from attacks when they come. Attacks are inevitable but processes can be refined each time to ensure gaps are closed and vital systems are provided with greater protection. This process should also involve testing business continuity and disaster recovery plans, refining them after each incident to see what was missing and what can be improved. This process can also involve bringing in external expertise to assist.

Futureproofing through resilience

Recent years have seen IT infrastructure forced to adapt at breakneck speed, but now is the time to take stock.

Just as the industrial revolution saw cities expand at speed but with poor supporting infrastructure, so too has the post-Covid business world, it’s changed rapidly but with inadequate security underpinning it.

Supporting this new way of working requires a holistic approach that predicts and prepares for problems, but also includes how to detect and deal with threats quickly and efficiently.

For more information on how Cisco can help you build your security resilience click here.

Related:

Copyright © 2022 IDG Communications, Inc.