Defining cyber-resilience in a complex threat landscape

Cyber-resilience is rapidly becoming a critical component of a robust cybersecurity posture as it ensures organisations have access to tools and responses at speed.

Exploitation, hack, phish, ransomware, risk. The cybersecurity threat landscape remains challenging with increasingly sophisticated attacks that are costing companies time, money and reputation. In its trend forecast for 2024, Gartner identified the need for increasingly agile and resilient security strategies so organisations can deftly combat risks that include an increased attack surface, digital supply chain attacks, and identity threat detection and response infrastructure vulnerabilities. Prioritising cyber-resilience is a strategic move for organisations wanting to take a more agile and responsive approach – Gartner’s survey found that 34% of companies are already on track to do so – but what does cyber-resilience actually mean?

Richard Frost, Head of Consulting at Armata, explained that there are different aspects to cyber-resilience: “Cyber-resilience is a balance of security factors that range from preventing attacks from happening through to helping resolve them. It is the way in which an organisation copes with an attack, gets online after an attack, and recovers from the disruptive impact of an attack.”
High availability, backup restores, clearly defined policies, redundant systems, attack mitigation, and well-managed lines of communication are all central elements of a resilient cybersecurity strategy. Companies need to know they have all the right tools in place to manage every facet of a cybersecurity attack.

“Every company is at risk of being attacked, and will be attacked – the time of believing that this is someone else’s problem has long gone,” continues Frost. “Resilience is understanding that the threat is outside the door and ensuring your business can detect attacks at speed, undertake active threat hunting to find potential vulnerabilities and risks, and to constantly assess systems to ensure nothing has already infiltrated the business.”

It’s also resilience that provides the organisation with a cushion that security solutions cannot deliver. Technology cannot keep up with the speed of threat evolution, particularly emergent technologies that are leveraging artificial intelligence (AI) or machine learning or automation tools to generate attacks. Solutions are evolving as quickly as the technologies with bolt-on offerings designed to mitigate and protect, but they are still facing an uphill battle. Resilience allows for the risk by preparing for the worst, putting companies on a solid foundation from which to manage threats and their successes.

“You want to build a security strategy that allows for you to factor in all the layers of security, from user behaviour anomalies through to threat detection and disruption mitigation,” continues Frost. “It’s become increasingly important that you can detect threats from within the business such as a disgruntled employee, or perhaps a user’s credentials being used in an unusual way which can indicate a potential hack or credential theft.”

The problem, however, for most companies is that resilience starts to look expensive. Buy this tool, no, buy that tool, no, get that one. It’s a solution stacked on top of a solution on top of a policy that ends up burdening the business rather than enhancing it. It is also a common issue, says Frost, because few companies want the risk of not having implemented that new technology just in case they end up with the cost of a hack down the line.

“The answer doesn’t lie in extensive expenses, it lies in creating a strategic security approach that rests on the foundations of awareness, detection and mitigation,” he concludes. “Focus on these core factors and build a security strategy that allows you to flex with the threats and resolve challenges as they arise. Managed security services are a solid investment as they ensure your systems have access to the best and the brightest, but so is constant user training and awareness alongside robust risk mitigation policies.”

Staying ahead of the threats is less about batting away the hacks within an increasingly complex and burdened ecosystem, and more about strategic resilience that focuses on your unique business posture and the solutions best suited to maintaining it.